Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.mft
File:                     ydWxKeBvlSRoXnABAoQfctaRXDM.mft (raw, json)
Hash identifier:          l3pDafkVX1IIZ5UxMlGOVO5DhgGgjMj6tPE7jyHeYTY=
Subject key identifier:   4D:DB:65:C2:C6:EC:72:DC:E9:28:88:82:55:B7:8B:BD:BD:D7:52:19
Authority key identifier: C9:D5:B1:29:E0:6F:95:24:68:5E:70:01:02:84:1F:72:D6:91:5C:33
Certificate issuer:       /CN=c9d5b129e06f9524685e700102841f72d6915c33
Certificate serial:       0191F9D97518872B59DF584941F777EF07AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydWxKeBvlSRoXnABAoQfctaRXDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.mft
Manifest number:          9E
Signing time:             Mon 16 Sep 2024 08:01:03 +0000
Manifest this update:     Mon 16 Sep 2024 08:01:03 +0000
Manifest next update:     Tue 17 Sep 2024 08:01:03 +0000
Files and hashes:         1: ydWxKeBvlSRoXnABAoQfctaRXDM.crl (hash: BMtPhRD+Z8lzxB4wSCUfpr+lL0uqHfiJ7ewwHU4krI8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydWxKeBvlSRoXnABAoQfctaRXDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 08:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:d9:75:18:87:2b:59:df:58:49:41:f7:77:ef:07:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d5b129e06f9524685e700102841f72d6915c33
        Validity
            Not Before: Sep 16 08:01:03 2024 GMT
            Not After : Sep 17 08:01:03 2024 GMT
        Subject: CN=4ddb65c2c6ec72dce928888255b78bbdbdd75219
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b5:1d:cd:36:f3:3f:42:6f:15:75:52:90:c1:
                    0a:7e:55:97:9c:ca:2b:c5:bd:bb:f7:2d:7a:11:be:
                    a5:4e:4a:1b:a2:9b:1f:a3:7a:d0:62:35:01:1a:b7:
                    8e:57:18:e9:0f:ce:8a:ea:86:80:24:c5:57:1a:62:
                    c8:ef:05:46:45:27:43:89:a7:1f:52:8c:11:7c:ff:
                    64:d1:0e:c2:aa:16:82:dd:8f:05:8d:66:08:08:c7:
                    e3:81:f9:e9:96:70:85:8c:ba:f0:ca:ea:bd:4a:ad:
                    f6:42:b3:ed:8f:06:c3:01:53:62:dc:5d:81:a0:ff:
                    05:73:cc:6b:1c:e1:16:38:6b:e9:97:c4:0d:60:ba:
                    c1:76:c3:64:c3:86:1b:8e:f2:cf:7a:84:5e:de:4c:
                    c0:80:f3:56:d7:bb:87:c4:ec:03:a2:ab:08:90:c1:
                    47:45:c5:1b:fe:ee:9a:d0:44:a3:5f:47:af:2f:b9:
                    2a:12:2e:f0:b2:42:07:3a:cb:d6:30:da:65:e4:23:
                    7d:65:b4:88:9e:fb:c1:d7:86:02:70:7f:66:91:6f:
                    d6:5c:7f:2c:f4:b8:ac:3b:b2:36:17:de:62:7d:f0:
                    88:81:80:b6:ef:94:3b:30:a0:b1:78:23:c3:89:65:
                    11:ca:ae:17:27:7a:00:b6:a9:38:24:fc:6e:f2:6d:
                    3e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:DB:65:C2:C6:EC:72:DC:E9:28:88:82:55:B7:8B:BD:BD:D7:52:19
            X509v3 Authority Key Identifier:
                keyid:C9:D5:B1:29:E0:6F:95:24:68:5E:70:01:02:84:1F:72:D6:91:5C:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydWxKeBvlSRoXnABAoQfctaRXDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/19f9d7-4438-4d61-be77-c2eadd5ef3f1/1/ydWxKeBvlSRoXnABAoQfctaRXDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:08:cf:18:10:20:54:e5:76:45:28:80:db:b5:d8:a0:75:d5:
         50:da:77:2e:3c:e9:af:af:a8:28:e6:61:66:39:c0:1e:54:46:
         14:7d:83:04:ca:21:a6:fe:0e:3b:04:e8:c7:b0:db:09:25:50:
         05:71:9f:78:89:a3:77:67:f7:1f:c2:a1:4b:2d:d0:aa:d5:7e:
         3a:13:57:dd:f4:c6:9b:cb:c1:2b:94:d9:8e:5d:eb:8a:5b:66:
         b9:ae:62:01:61:89:57:ea:d0:c2:74:3a:a7:aa:9c:64:d1:0e:
         33:7e:cf:f6:d5:13:e7:11:41:4e:81:99:fa:fa:11:c1:e2:6a:
         c6:8c:56:fa:a6:3c:16:de:7a:a2:dc:bc:95:54:a2:f7:58:8f:
         33:d6:0b:7e:3e:68:d6:6e:d4:32:a5:bb:af:e6:4c:bf:3e:78:
         ff:f1:ff:17:dd:ea:35:4d:45:f8:ef:2a:c7:a4:69:65:9b:b0:
         38:e6:16:a6:40:24:da:8e:5c:fd:94:f8:06:a1:6a:02:f1:6c:
         f2:a3:cb:b7:14:c1:7d:8d:1e:84:4a:d8:8d:5f:7c:fc:05:f2:
         58:4e:f4:56:b0:00:43:4b:c1:c8:1f:1b:ad:fe:16:df:b7:eb:
         2b:09:29:9e:a4:b3:b8:c1:f4:19:79:ea:8f:9b:03:9c:59:a4:
         c7:d8:74:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH52XUYhytZ31hJQfd37wesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDViMTI5ZTA2Zjk1MjQ2ODVlNzAwMTAyODQxZjcyZDY5
MTVjMzMwHhcNMjQwOTE2MDgwMTAzWhcNMjQwOTE3MDgwMTAzWjAzMTEwLwYDVQQD
Eyg0ZGRiNjVjMmM2ZWM3MmRjZTkyODg4ODI1NWI3OGJiZGJkZDc1MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7UdzTbzP0JvFXVSkMEKflWXnMor
xb279y16Eb6lTkobopsfo3rQYjUBGreOVxjpD86K6oaAJMVXGmLI7wVGRSdDiacf
UowRfP9k0Q7CqhaC3Y8FjWYICMfjgfnplnCFjLrwyuq9Sq32QrPtjwbDAVNi3F2B
oP8Fc8xrHOEWOGvpl8QNYLrBdsNkw4YbjvLPeoRe3kzAgPNW17uHxOwDoqsIkMFH
RcUb/u6a0ESjX0evL7kqEi7wskIHOsvWMNpl5CN9ZbSInvvB14YCcH9mkW/WXH8s
9LisO7I2F95iffCIgYC275Q7MKCxeCPDiWURyq4XJ3oAtqk4JPxu8m0+0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3bZcLG7HLc6SiIglW3i72911IZMB8GA1UdIwQY
MBaAFMnVsSngb5UkaF5wAQKEH3LWkVwzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRXeEtlQnZsU1JvWG5BQkFvUWZjdGFSWERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xOWY5ZDctNDQzOC00ZDYxLWJlNzct
YzJlYWRkNWVmM2YxLzEveWRXeEtlQnZsU1JvWG5BQkFvUWZjdGFSWERNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xOWY5ZDctNDQzOC00ZDYxLWJlNzctYzJlYWRkNWVmM2Yx
LzEveWRXeEtlQnZsU1JvWG5BQkFvUWZjdGFSWERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAjPGBAg
VOV2RSiA27XYoHXVUNp3Ljzpr6+oKOZhZjnAHlRGFH2DBMohpv4OOwTox7DbCSVQ
BXGfeImjd2f3H8KhSy3QqtV+OhNX3fTGm8vBK5TZjl3riltmua5iAWGJV+rQwnQ6
p6qcZNEOM37P9tUT5xFBToGZ+voRweJqxoxW+qY8Ft56oty8lVSi91iPM9YLfj5o
1m7UMqW7r+ZMvz54//H/F93qNU1F+O8qx6RpZZuwOOYWpkAk2o5c/ZT4BqFqAvFs
8qPLtxTBfY0ehErYjV98/AXyWE70VrAAQ0vByB8brf4W37frKwkpnqSzuMH0GXnq
j5sDnFmkx9h0kQ==
-----END CERTIFICATE-----