Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
File:                     4T3UuB8fx53U2mQo-cKgJzRX_wY.mft (raw, json)
Hash identifier:          9TPZr+8fOz/lRd4iLo640JvOtYM84PY4cokNUQOrmHM=
Subject key identifier:   15:5C:89:C3:EB:B6:E8:60:51:4E:66:0C:B7:57:02:B1:3A:8E:1F:3C
Authority key identifier: E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06
Certificate issuer:       /CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
Certificate serial:       0191FA47BCDFCD048808244A95484A32955B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
Manifest number:          0136
Signing time:             Mon 16 Sep 2024 10:01:30 +0000
Manifest this update:     Mon 16 Sep 2024 10:01:30 +0000
Manifest next update:     Tue 17 Sep 2024 10:01:30 +0000
Files and hashes:         1: 4T3UuB8fx53U2mQo-cKgJzRX_wY.crl (hash: irc1auzQNE9Igk5pkGKSAQJ7L/ASj/we7ylYyRSFAAs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 10:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:47:bc:df:cd:04:88:08:24:4a:95:48:4a:32:95:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
        Validity
            Not Before: Sep 16 10:01:30 2024 GMT
            Not After : Sep 17 10:01:30 2024 GMT
        Subject: CN=155c89c3ebb6e860514e660cb75702b13a8e1f3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:95:72:60:df:a4:31:1d:d3:a6:a2:1b:e0:e5:
                    95:d8:25:f5:3d:fb:da:51:47:14:ae:f1:e9:02:c7:
                    d7:25:5e:98:27:a8:66:a8:ca:72:85:8b:83:ef:06:
                    4b:00:5a:a8:70:9e:cb:d0:7c:c0:c4:47:24:d0:73:
                    bd:e4:a3:2f:ef:89:ca:e0:dd:93:a1:bf:de:d2:e9:
                    b5:c6:52:3f:3a:75:e7:d5:8c:5f:82:7f:69:24:b6:
                    89:52:75:4b:56:d3:ab:b7:ae:e9:2a:9d:47:6e:db:
                    8e:9c:2f:97:82:59:f9:22:5b:9d:d7:b9:79:43:3e:
                    e6:0e:66:b0:61:d4:a1:a0:55:b3:06:df:5d:60:04:
                    d5:3f:30:7e:11:28:ea:12:bd:d6:78:09:35:f6:12:
                    17:9d:9d:5c:f3:78:84:bb:72:49:e6:06:67:8a:93:
                    69:1d:6a:e0:ca:6b:c3:52:df:55:43:93:46:80:a8:
                    4b:f9:5b:a4:9c:03:4a:c8:23:fd:05:07:b8:1a:73:
                    87:4c:2a:f0:77:02:2d:a7:e9:a3:73:87:8f:84:52:
                    a2:9a:55:aa:69:a7:80:cd:42:d0:92:f7:e6:bb:4a:
                    b6:0d:7e:4d:73:d7:96:4f:09:82:75:29:ba:87:4e:
                    3d:88:98:f1:8f:db:54:4c:f9:58:cf:67:75:60:5a:
                    51:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:5C:89:C3:EB:B6:E8:60:51:4E:66:0C:B7:57:02:B1:3A:8E:1F:3C
            X509v3 Authority Key Identifier:
                keyid:E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:45:3c:64:5b:4a:ce:ac:ee:d6:86:e8:f6:b9:53:9c:15:92:
         35:3e:ea:6f:6a:8f:5e:7a:a6:ef:34:33:10:1a:b2:76:83:3c:
         00:44:ed:d7:27:37:b4:fa:c8:f4:6b:9b:de:5d:45:04:b0:d6:
         34:ff:07:fb:e5:c1:42:27:80:81:81:0e:56:44:0b:0f:ee:61:
         48:ac:37:05:46:f8:ac:ed:3a:48:c1:56:5a:48:8c:12:55:01:
         d4:7e:e1:12:0d:ea:20:68:e9:28:ea:20:92:74:c1:8d:a9:c8:
         7a:9b:93:36:f6:13:63:eb:14:6b:47:e5:15:6a:3f:c5:f6:ef:
         f1:f3:2f:fc:8b:d2:ec:9b:41:4b:58:2c:3f:88:ad:cc:ce:56:
         85:2b:46:a7:eb:12:32:fc:8c:f9:c1:24:fd:83:3d:66:03:4a:
         ed:ea:79:ba:b7:3a:6c:4e:3c:1b:c7:f5:ef:13:60:34:93:62:
         ef:f8:ed:bd:85:d9:9e:f9:0e:55:70:7a:39:cc:b0:2e:6e:c4:
         fa:b7:a0:db:c6:75:23:4e:99:fa:d1:ff:1b:65:1d:1c:d3:eb:
         15:06:60:47:89:01:60:7a:0e:1d:fc:56:82:1b:b0:10:78:3f:
         5c:ef:92:a9:c4:fd:11:9f:5f:05:c0:bd:07:27:2d:4b:8f:6b:
         f3:29:97:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6R7zfzQSICCRKlUhKMpVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2RkNGI4MWYxZmM3OWRkNGRhNjQyOGY5YzJhMDI3MzQ1
N2ZmMDYwHhcNMjQwOTE2MTAwMTMwWhcNMjQwOTE3MTAwMTMwWjAzMTEwLwYDVQQD
EygxNTVjODljM2ViYjZlODYwNTE0ZTY2MGNiNzU3MDJiMTNhOGUxZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppVyYN+kMR3TpqIb4OWV2CX1Pfva
UUcUrvHpAsfXJV6YJ6hmqMpyhYuD7wZLAFqocJ7L0HzAxEck0HO95KMv74nK4N2T
ob/e0um1xlI/OnXn1Yxfgn9pJLaJUnVLVtOrt67pKp1HbtuOnC+Xgln5Ilud17l5
Qz7mDmawYdShoFWzBt9dYATVPzB+ESjqEr3WeAk19hIXnZ1c83iEu3JJ5gZnipNp
HWrgymvDUt9VQ5NGgKhL+VuknANKyCP9BQe4GnOHTCrwdwItp+mjc4ePhFKimlWq
aaeAzULQkvfmu0q2DX5Nc9eWTwmCdSm6h049iJjxj9tUTPlYz2d1YFpRxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVcicPrtuhgUU5mDLdXArE6jh88MB8GA1UdIwQY
MBaAFOE91LgfH8ed1NpkKPnCoCc0V/8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgt
ZDU2Mzk1OWQyNzdkLzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgtZDU2Mzk1OWQyNzdk
LzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUU8ZFtK
zqzu1obo9rlTnBWSNT7qb2qPXnqm7zQzEBqydoM8AETt1yc3tPrI9Gub3l1FBLDW
NP8H++XBQieAgYEOVkQLD+5hSKw3BUb4rO06SMFWWkiMElUB1H7hEg3qIGjpKOog
knTBjanIepuTNvYTY+sUa0flFWo/xfbv8fMv/IvS7JtBS1gsP4itzM5WhStGp+sS
MvyM+cEk/YM9ZgNK7ep5urc6bE48G8f17xNgNJNi7/jtvYXZnvkOVXB6OcywLm7E
+reg28Z1I06Z+tH/G2UdHNPrFQZgR4kBYHoOHfxWghuwEHg/XO+SqcT9EZ9fBcC9
ByctS49r8ymX5w==
-----END CERTIFICATE-----