Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          pmZGK29ZQ6egDSnqfRpU0EChXWZTg9MLhVzBCgPRUVo=
Subject key identifier:   09:05:02:DA:66:6C:EB:1C:24:DC:C1:81:BC:B7:4B:94:72:CC:0A:38
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       0193568937A9B15E72F9F79921C1D4D9650F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0402
Signing time:             Sat 23 Nov 2024 01:00:53 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:53 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:53 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: +6N9GNE9fQEIfs/deP7i1QapBexzkvg+nRXJDGI75wM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:37:a9:b1:5e:72:f9:f7:99:21:c1:d4:d9:65:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Nov 23 01:00:53 2024 GMT
            Not After : Nov 24 01:00:53 2024 GMT
        Subject: CN=090502da666ceb1c24dcc181bcb74b9472cc0a38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a1:d3:b1:2a:af:99:38:a4:a6:67:8e:5e:63:
                    78:56:de:10:10:26:e9:cf:f0:ef:6d:ad:07:03:73:
                    f4:52:dd:af:15:06:2e:d0:fa:f9:28:f4:3a:ed:ae:
                    5f:e8:08:f2:6b:0f:5b:14:85:d3:b1:27:78:0d:4a:
                    75:ce:da:9e:54:07:85:65:7a:09:e0:3f:b6:c6:9a:
                    65:d8:79:98:22:26:c5:7f:eb:9d:40:c3:a4:33:b2:
                    5b:5e:22:e5:37:17:45:7c:85:3a:35:d9:9e:9b:79:
                    6c:97:98:ad:5d:5a:5e:df:b4:1c:77:e5:d6:8c:7e:
                    e0:9a:55:b9:c8:7f:d2:ef:b5:20:56:d6:87:21:33:
                    c2:58:ab:09:4b:0f:4c:6d:fa:97:e2:23:63:bf:7f:
                    49:ba:8e:3b:70:eb:54:af:69:a9:f2:e8:fe:d5:5b:
                    2d:3a:54:67:fb:ce:a6:36:43:fc:f0:fd:0e:1f:df:
                    12:65:be:db:50:a8:d4:16:f3:82:fb:a6:50:54:4d:
                    44:b2:9f:02:bf:b4:9d:ac:f4:88:62:7a:a4:ab:f0:
                    b0:ce:3c:1c:d2:a7:31:27:c9:8e:5d:cc:fe:7b:1d:
                    9b:c8:cb:29:39:65:e3:d1:df:7c:eb:51:5f:53:8d:
                    de:30:49:2c:0e:54:43:a5:82:a8:3d:24:19:2f:9e:
                    cf:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:05:02:DA:66:6C:EB:1C:24:DC:C1:81:BC:B7:4B:94:72:CC:0A:38
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:63:24:79:55:ad:d2:51:ee:7d:cb:21:fa:70:5c:24:49:59:
         b3:d6:28:1f:e7:c0:48:e2:41:b5:dc:25:16:fb:85:14:0e:90:
         4d:96:bd:e5:d2:26:a7:45:25:5c:dc:1a:7f:cc:65:34:fb:fe:
         b9:5b:fc:56:b4:ab:1f:5e:91:db:59:b9:0d:c0:53:91:2f:b3:
         c4:0e:47:ce:d9:dc:b6:f0:24:51:67:ea:a7:cd:50:5f:2b:00:
         40:2b:5a:66:80:bf:85:6b:af:91:6b:e3:48:38:76:e3:ac:a7:
         70:17:5e:9e:79:a8:c2:d6:69:09:c9:71:b0:de:62:62:63:04:
         2d:f9:20:66:e1:29:7c:e4:8c:8c:94:89:36:27:67:09:8d:f1:
         06:cb:12:da:51:e0:f2:42:82:f3:71:1b:05:1a:b9:2b:6e:4d:
         e9:56:1e:cc:fe:e4:2b:be:3c:be:cf:da:87:6a:1d:8a:04:5f:
         66:bc:b2:ae:c0:d8:d8:63:0b:b0:7e:75:69:d2:b0:84:c7:48:
         a0:08:bd:54:b0:21:9b:0c:cf:ff:a0:80:c9:e7:e9:13:8c:94:
         84:a7:75:11:8c:61:be:2f:93:36:c0:90:aa:4b:9b:0b:9e:a9:
         4e:08:4a:3c:a3:3e:8c:74:4e:26:08:bd:4c:b8:5c:2f:42:74:
         2d:d6:0a:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiTepsV5y+feZIcHU2WUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjQxMTIzMDEwMDUzWhcNMjQxMTI0MDEwMDUzWjAzMTEwLwYDVQQD
EygwOTA1MDJkYTY2NmNlYjFjMjRkY2MxODFiY2I3NGI5NDcyY2MwYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KHTsSqvmTikpmeOXmN4Vt4QECbp
z/Dvba0HA3P0Ut2vFQYu0Pr5KPQ67a5f6Ajyaw9bFIXTsSd4DUp1ztqeVAeFZXoJ
4D+2xppl2HmYIibFf+udQMOkM7JbXiLlNxdFfIU6Ndmem3lsl5itXVpe37Qcd+XW
jH7gmlW5yH/S77UgVtaHITPCWKsJSw9MbfqX4iNjv39Juo47cOtUr2mp8uj+1Vst
OlRn+86mNkP88P0OH98SZb7bUKjUFvOC+6ZQVE1Esp8Cv7SdrPSIYnqkq/Cwzjwc
0qcxJ8mOXcz+ex2byMspOWXj0d9861FfU43eMEksDlRDpYKoPSQZL57PfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkFAtpmbOscJNzBgby3S5RyzAo4MB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl2MkeVWt
0lHufcsh+nBcJElZs9YoH+fASOJBtdwlFvuFFA6QTZa95dImp0UlXNwaf8xlNPv+
uVv8VrSrH16R21m5DcBTkS+zxA5HztnctvAkUWfqp81QXysAQCtaZoC/hWuvkWvj
SDh246yncBdennmowtZpCclxsN5iYmMELfkgZuEpfOSMjJSJNidnCY3xBssS2lHg
8kKC83EbBRq5K25N6VYezP7kK748vs/ah2odigRfZryyrsDY2GMLsH51adKwhMdI
oAi9VLAhmwzP/6CAyefpE4yUhKd1EYxhvi+TNsCQqkubC56pTghKPKM+jHROJgi9
TLhcL0J0LdYKBg==
-----END CERTIFICATE-----