Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
File:                     5J1E2IEnX8osC2s_fs7i0iIUb9I.mft (raw, json)
Hash identifier:          CXuHan96vuJCCFWk227YGRhryTRtbN4kQ/RODUNgFpE=
Subject key identifier:   DD:F7:D8:3B:36:11:80:8B:BB:D1:84:B4:5F:A2:2B:49:6E:43:B3:BE
Authority key identifier: E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2
Certificate issuer:       /CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
Certificate serial:       018F4645128F2ACFFE2CB967D1F817193082
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
Manifest number:          0E7E
Signing time:             Sun 05 May 2024 01:01:22 +0000
Manifest this update:     Sun 05 May 2024 01:01:22 +0000
Manifest next update:     Mon 06 May 2024 01:01:22 +0000
Files and hashes:         1: 5J1E2IEnX8osC2s_fs7i0iIUb9I.crl (hash: T5lsKbZ2HMrX0QHJxXjwIA2b5EFIQrQm/tkrDoSLPHI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 23:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:46:45:12:8f:2a:cf:fe:2c:b9:67:d1:f8:17:19:30:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
        Validity
            Not Before: May  5 01:01:22 2024 GMT
            Not After : May  6 01:01:22 2024 GMT
        Subject: CN=ddf7d83b3611808bbbd184b45fa22b496e43b3be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:22:85:92:55:df:65:76:9c:6d:b8:7f:0c:17:
                    c4:6f:b3:d6:ed:c1:25:d7:c0:d7:12:c2:08:61:fc:
                    cf:81:34:2a:fc:c4:39:e7:57:0f:36:b5:a0:40:a3:
                    f1:33:20:0a:c3:1d:06:6f:24:0c:e8:df:5d:d0:9c:
                    78:10:9a:80:00:13:c7:ec:31:a7:60:29:43:9b:e6:
                    76:76:31:99:ef:62:f6:dd:74:20:71:09:a8:d9:f7:
                    2f:df:98:26:a9:ec:0f:37:99:5b:01:f0:f9:4b:81:
                    c2:d7:a1:d2:c8:69:21:74:97:de:c5:9a:f8:cd:2f:
                    be:02:61:10:8d:59:9e:88:a1:54:85:30:a9:ca:a0:
                    56:e1:95:14:8f:27:c8:e1:6f:27:57:c5:4f:40:14:
                    ca:0b:a4:c7:f8:92:f2:7f:71:32:0f:d7:ea:40:72:
                    9e:d4:ee:24:49:a9:76:91:9c:57:68:c6:d9:ec:4f:
                    b3:f7:73:10:d5:40:bc:a1:9e:e3:5a:a8:7b:6b:e4:
                    38:f0:90:e0:f9:15:10:27:9e:e8:8d:98:89:3f:51:
                    95:10:03:a2:e5:d2:b3:1c:cd:fe:e6:e4:eb:85:7f:
                    b4:50:38:7c:01:52:9a:b5:94:04:a0:73:12:30:2b:
                    06:47:c9:84:dd:93:79:b9:78:07:37:14:45:da:08:
                    ea:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F7:D8:3B:36:11:80:8B:BB:D1:84:B4:5F:A2:2B:49:6E:43:B3:BE
            X509v3 Authority Key Identifier:
                keyid:E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:a3:5e:19:5f:18:72:66:52:47:6a:58:a3:1a:43:3a:0d:94:
         dc:c6:71:1c:f0:34:13:6a:5a:62:13:b9:97:2d:60:ec:0c:27:
         ad:3c:32:14:72:12:6d:b2:d2:5e:10:f5:00:b7:3c:43:39:ad:
         ec:ff:81:9e:1a:83:b6:91:94:8e:2f:7d:b2:c2:e1:f8:53:cf:
         a5:44:54:4c:d1:01:8e:0d:87:86:5e:37:80:22:ec:cb:56:e3:
         1f:36:ab:97:cd:13:0b:58:95:5a:69:ce:16:c4:a4:9f:1b:d0:
         51:36:03:7c:59:be:7d:8d:8f:6c:f6:85:cf:30:6c:fa:71:b8:
         6c:2c:e8:45:0d:59:ff:d4:f6:43:65:74:26:56:6d:4a:df:35:
         1f:3a:35:d5:29:c8:d8:61:ee:45:b8:85:1a:07:08:19:d5:01:
         b7:f0:83:78:63:da:52:f7:83:d7:b9:50:ff:b1:8c:53:6e:b6:
         15:11:8b:ee:19:4e:4f:70:9c:bb:9c:44:24:0f:a4:de:95:e3:
         99:f5:36:f3:6a:8a:3b:1d:e4:d3:13:f6:4f:aa:c8:30:bb:3b:
         12:5b:a2:f2:c8:7c:66:ed:74:76:24:40:f6:c7:33:66:12:f4:
         3f:03:52:1d:68:a9:0e:b4:d9:40:cf:42:28:15:00:8c:35:0b:
         8f:4e:70:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9GRRKPKs/+LLln0fgXGTCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWQ0NGQ4ODEyNzVmY2EyYzBiNmIzZjdlY2VlMmQyMjIx
NDZmZDIwHhcNMjQwNTA1MDEwMTIyWhcNMjQwNTA2MDEwMTIyWjAzMTEwLwYDVQQD
EyhkZGY3ZDgzYjM2MTE4MDhiYmJkMTg0YjQ1ZmEyMmI0OTZlNDNiM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSKFklXfZXacbbh/DBfEb7PW7cEl
18DXEsIIYfzPgTQq/MQ551cPNrWgQKPxMyAKwx0GbyQM6N9d0Jx4EJqAABPH7DGn
YClDm+Z2djGZ72L23XQgcQmo2fcv35gmqewPN5lbAfD5S4HC16HSyGkhdJfexZr4
zS++AmEQjVmeiKFUhTCpyqBW4ZUUjyfI4W8nV8VPQBTKC6TH+JLyf3EyD9fqQHKe
1O4kSal2kZxXaMbZ7E+z93MQ1UC8oZ7jWqh7a+Q48JDg+RUQJ57ojZiJP1GVEAOi
5dKzHM3+5uTrhX+0UDh8AVKatZQEoHMSMCsGR8mE3ZN5uXgHNxRF2gjqWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN332Ds2EYCLu9GEtF+iK0luQ7O+MB8GA1UdIwQY
MBaAFOSdRNiBJ1/KLAtrP37O4tIiFG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzkt
YzMyZDEwYzdlYTFmLzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8wNTBkN2YtODQ1NS00NjVmLWIyMzktYzMyZDEwYzdlYTFm
LzEvNUoxRTJJRW5YOG9zQzJzX2ZzN2kwaUlVYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQqNeGV8Y
cmZSR2pYoxpDOg2U3MZxHPA0E2paYhO5ly1g7AwnrTwyFHISbbLSXhD1ALc8Qzmt
7P+BnhqDtpGUji99ssLh+FPPpURUTNEBjg2Hhl43gCLsy1bjHzarl80TC1iVWmnO
FsSknxvQUTYDfFm+fY2PbPaFzzBs+nG4bCzoRQ1Z/9T2Q2V0JlZtSt81Hzo11SnI
2GHuRbiFGgcIGdUBt/CDeGPaUveD17lQ/7GMU262FRGL7hlOT3Ccu5xEJA+k3pXj
mfU282qKOx3k0xP2T6rIMLs7Elui8sh8Zu10diRA9sczZhL0PwNSHWipDrTZQM9C
KBUAjDULj05wAg==
-----END CERTIFICATE-----