Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.mft
File:                     5aiGWRTezNyYByQf1wtrsIOkRLM.mft (raw, json)
Hash identifier:          HIHqagWz0CBCMFSL1RGppQe2avk1ygOiF2fGWRhL5V4=
Subject key identifier:   B0:DC:92:71:23:D2:18:A2:86:81:F1:E2:42:90:A8:B1:3B:4E:A5:AB
Authority key identifier: E5:A8:86:59:14:DE:CC:DC:98:07:24:1F:D7:0B:6B:B0:83:A4:44:B3
Certificate issuer:       /CN=e5a8865914deccdc9807241fd70b6bb083a444b3
Certificate serial:       01935689B8F5AB4EAC9E02D2CFDD5C29D556
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5aiGWRTezNyYByQf1wtrsIOkRLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.mft
Manifest number:          0CEC
Signing time:             Sat 23 Nov 2024 01:01:26 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:26 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:26 +0000
Files and hashes:         1: 5aiGWRTezNyYByQf1wtrsIOkRLM.crl (hash: u4jnvKsgeHuygVKRuphJ+FHMWoYVRxiKgJHxpVfm7dc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5aiGWRTezNyYByQf1wtrsIOkRLM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:b8:f5:ab:4e:ac:9e:02:d2:cf:dd:5c:29:d5:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5a8865914deccdc9807241fd70b6bb083a444b3
        Validity
            Not Before: Nov 23 01:01:26 2024 GMT
            Not After : Nov 24 01:01:26 2024 GMT
        Subject: CN=b0dc927123d218a28681f1e24290a8b13b4ea5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:91:15:a7:f8:08:7a:d9:34:e7:74:05:be:8e:
                    16:35:f3:ca:43:e9:9c:23:ef:e2:5a:f9:20:a1:7d:
                    4c:29:3e:b3:0c:10:09:1b:5c:68:4c:1b:ce:f1:d5:
                    df:dd:f7:77:c8:b6:0f:dc:1a:73:7f:92:e8:7e:29:
                    4a:b4:ab:f9:6f:01:26:69:55:b5:2c:e7:3c:b3:cf:
                    80:bc:a1:cc:38:e3:85:ff:21:f0:27:c0:26:ed:37:
                    6d:9f:ef:06:51:38:b4:b4:5f:8d:c2:aa:ba:c4:f2:
                    5a:d9:a4:3b:5c:e6:46:72:12:54:ac:e8:41:6c:04:
                    7e:34:22:8e:e6:4d:67:da:b0:86:a1:5e:b3:5e:82:
                    cf:9b:f1:55:f7:02:cf:7d:34:f0:ff:43:a9:24:12:
                    a4:7b:2e:a5:3a:21:4f:4e:14:8b:94:03:ac:5e:fe:
                    ec:b0:df:8a:fc:a0:20:da:99:85:84:25:6c:4c:f9:
                    e6:b0:1b:46:dd:d6:51:49:9c:b7:1f:0e:ec:6d:ad:
                    05:ac:d8:d0:73:72:c8:16:cb:2e:52:7f:03:b8:49:
                    44:43:2f:47:e2:c4:ae:f7:9c:ed:a2:c2:15:b5:17:
                    48:ec:2c:68:1c:ff:14:86:41:f0:70:cc:1b:69:a4:
                    61:75:2c:f4:0f:0b:ef:e8:9e:19:bf:83:13:73:d5:
                    ce:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:DC:92:71:23:D2:18:A2:86:81:F1:E2:42:90:A8:B1:3B:4E:A5:AB
            X509v3 Authority Key Identifier:
                keyid:E5:A8:86:59:14:DE:CC:DC:98:07:24:1F:D7:0B:6B:B0:83:A4:44:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aiGWRTezNyYByQf1wtrsIOkRLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3afc81-30e6-4b8e-8d3b-57f54ea43e16/1/5aiGWRTezNyYByQf1wtrsIOkRLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:94:b3:0e:64:9c:65:23:48:67:f4:ef:b2:8b:02:94:5e:64:
         31:29:bc:c3:16:d5:c7:d8:af:91:ef:06:0b:6b:ce:cd:ae:71:
         c6:67:2d:d8:c0:11:e9:bf:ed:9e:c9:9f:27:0c:d5:ad:23:55:
         08:11:67:78:41:33:68:e7:5e:8f:0a:13:b0:31:d8:c1:d7:a1:
         71:9f:7c:9e:ca:bc:81:fa:46:ba:e6:25:c4:66:b2:0d:6f:bf:
         c4:b7:f0:fe:1e:04:df:c8:4f:e9:0c:ea:c1:99:ef:bb:fc:e8:
         50:8e:27:9d:6a:b7:09:95:96:ba:ef:b3:31:8c:81:67:55:cf:
         7c:08:df:10:0a:eb:3d:2d:0e:5f:9a:33:f3:77:9d:bb:ca:c7:
         a5:02:24:e0:f7:7b:1d:a6:cd:2f:d9:b5:c8:9e:86:df:82:f1:
         ed:78:5f:8e:c2:17:c4:92:45:02:a2:30:85:92:0a:cf:2e:7c:
         ce:d4:32:cf:19:55:91:46:47:9a:6e:84:ad:03:63:74:96:8a:
         9a:99:f1:a8:21:5c:40:94:da:78:ef:03:c0:9f:dd:2a:45:20:
         42:a3:1a:52:f4:0a:e5:cc:54:62:1f:97:b7:d6:1d:ca:ce:dc:
         12:6a:37:4c:19:45:8c:e1:e0:11:ab:24:c0:b9:b1:36:02:b9:
         8b:75:fa:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWibj1q06sngLSz91cKdVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTg4NjU5MTRkZWNjZGM5ODA3MjQxZmQ3MGI2YmIwODNh
NDQ0YjMwHhcNMjQxMTIzMDEwMTI2WhcNMjQxMTI0MDEwMTI2WjAzMTEwLwYDVQQD
EyhiMGRjOTI3MTIzZDIxOGEyODY4MWYxZTI0MjkwYThiMTNiNGVhNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZEVp/gIetk053QFvo4WNfPKQ+mc
I+/iWvkgoX1MKT6zDBAJG1xoTBvO8dXf3fd3yLYP3Bpzf5LofilKtKv5bwEmaVW1
LOc8s8+AvKHMOOOF/yHwJ8Am7Tdtn+8GUTi0tF+Nwqq6xPJa2aQ7XOZGchJUrOhB
bAR+NCKO5k1n2rCGoV6zXoLPm/FV9wLPfTTw/0OpJBKkey6lOiFPThSLlAOsXv7s
sN+K/KAg2pmFhCVsTPnmsBtG3dZRSZy3Hw7sba0FrNjQc3LIFssuUn8DuElEQy9H
4sSu95ztosIVtRdI7CxoHP8UhkHwcMwbaaRhdSz0Dwvv6J4Zv4MTc9XOrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDcknEj0hiihoHx4kKQqLE7TqWrMB8GA1UdIwQY
MBaAFOWohlkU3szcmAckH9cLa7CDpESzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFpR1dSVGV6TnlZQnlRZjF3dHJzSU9rUkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zYWZjODEtMzBlNi00YjhlLThkM2It
NTdmNTRlYTQzZTE2LzEvNWFpR1dSVGV6TnlZQnlRZjF3dHJzSU9rUkxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zYWZjODEtMzBlNi00YjhlLThkM2ItNTdmNTRlYTQzZTE2
LzEvNWFpR1dSVGV6TnlZQnlRZjF3dHJzSU9rUkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARZSzDmSc
ZSNIZ/TvsosClF5kMSm8wxbVx9ivke8GC2vOza5xxmct2MAR6b/tnsmfJwzVrSNV
CBFneEEzaOdejwoTsDHYwdehcZ98nsq8gfpGuuYlxGayDW+/xLfw/h4E38hP6Qzq
wZnvu/zoUI4nnWq3CZWWuu+zMYyBZ1XPfAjfEArrPS0OX5oz83edu8rHpQIk4Pd7
HabNL9m1yJ6G34Lx7XhfjsIXxJJFAqIwhZIKzy58ztQyzxlVkUZHmm6ErQNjdJaK
mpnxqCFcQJTaeO8DwJ/dKkUgQqMaUvQK5cxUYh+Xt9Ydys7cEmo3TBlFjOHgEask
wLmxNgK5i3X63w==
-----END CERTIFICATE-----