Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
File:                     p3tNEFqlxNZemaq2926tWJ5ih8w.mft (raw, json)
Hash identifier:          0691M1DdgUhPQk1t4nPca96ftz5Fzyvx36p7TGFzNHY=
Subject key identifier:   A9:16:BF:EA:96:5E:5B:42:E5:75:D0:1D:34:57:B2:30:05:8C:4C:05
Authority key identifier: A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC
Certificate issuer:       /CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc
Certificate serial:       0191F96B7FA06D43FDBA9D9A1ACE12C6BC0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
Manifest number:          B9
Signing time:             Mon 16 Sep 2024 06:00:57 +0000
Manifest this update:     Mon 16 Sep 2024 06:00:57 +0000
Manifest next update:     Tue 17 Sep 2024 06:00:57 +0000
Files and hashes:         1: p3tNEFqlxNZemaq2926tWJ5ih8w.crl (hash: ymx9ZR0V8crT4fBj1FNQHmZxn3aULkJENornl9vx0tc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 06:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:6b:7f:a0:6d:43:fd:ba:9d:9a:1a:ce:12:c6:bc:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc
        Validity
            Not Before: Sep 16 06:00:57 2024 GMT
            Not After : Sep 17 06:00:57 2024 GMT
        Subject: CN=a916bfea965e5b42e575d01d3457b230058c4c05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b1:95:5f:cb:84:fb:e2:5b:3e:e8:3a:db:c9:
                    b4:5b:d3:77:41:e1:30:60:f0:66:21:20:5f:a6:46:
                    b7:82:1f:0e:8a:32:ce:75:77:cf:c9:16:18:31:d8:
                    ea:69:7b:82:30:b4:a5:86:05:9d:16:de:ca:84:13:
                    b5:49:ca:31:c5:93:39:e1:6a:d9:e1:ca:9a:9a:34:
                    10:34:ad:9f:94:3f:e8:68:b4:e5:8e:f2:14:77:a4:
                    a6:58:b2:ed:10:42:ab:12:41:22:0f:59:5b:7e:c5:
                    26:64:08:a7:82:b5:b0:91:4a:3c:96:34:c7:d8:b9:
                    1f:29:21:b4:39:3b:60:4a:54:78:ef:8e:b1:97:ad:
                    98:b5:bd:a5:31:3c:95:c0:a7:54:c5:63:b0:08:02:
                    5d:60:5d:46:23:57:56:b4:be:c9:16:bc:72:62:0a:
                    ae:2c:cd:0e:3b:9e:83:c3:32:0f:f4:0c:a2:73:35:
                    62:d7:11:3c:9b:0b:30:e5:30:a7:54:1a:ba:4e:fb:
                    03:55:46:90:32:b8:b5:f2:e7:50:08:c6:6d:ad:61:
                    94:3d:f3:e4:22:93:3a:24:0e:3b:8d:83:f8:a5:f9:
                    c1:bb:96:97:0a:8b:33:bc:e3:fb:f6:81:10:fd:d0:
                    11:f8:d8:38:a0:62:92:e7:40:1b:84:fe:f0:d1:fe:
                    77:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:16:BF:EA:96:5E:5B:42:E5:75:D0:1D:34:57:B2:30:05:8C:4C:05
            X509v3 Authority Key Identifier:
                keyid:A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:9e:7c:a6:a3:0c:fd:7a:94:fc:a7:33:65:52:6d:74:5e:77:
         26:44:81:78:89:2d:ce:b4:74:e4:b9:0b:46:98:ba:e0:b7:58:
         62:18:9c:a5:7a:58:f8:93:05:80:f9:12:47:70:67:95:23:28:
         6e:b7:78:db:0d:8f:5e:21:2b:bc:18:d0:5e:73:65:24:69:9c:
         ad:7e:27:b8:31:d8:3f:d2:e8:0a:6f:77:5d:fc:3d:dc:0c:9e:
         47:23:ac:e4:8e:11:71:16:29:df:49:7e:a7:4d:a9:17:42:8c:
         c4:3e:40:57:e1:43:00:49:8e:30:54:ae:fc:ed:42:3f:a2:63:
         86:5f:91:d4:b8:c1:63:11:43:5b:93:30:50:61:d6:df:eb:3b:
         a2:56:4b:96:d9:07:e3:19:4d:f9:2f:a5:c0:c2:4a:01:2a:cc:
         35:4c:b7:9f:ac:3b:27:bf:9c:4e:d3:33:9c:a6:1c:c8:6d:d5:
         1d:03:10:67:c3:c0:c7:37:2a:77:81:15:a2:1e:48:2c:18:f0:
         d6:87:67:f2:c3:d0:1a:58:51:43:bb:57:42:d5:cb:4b:f3:68:
         e5:b3:7f:bb:dd:10:03:8e:02:b8:98:eb:79:a2:ff:51:57:6d:
         b1:ee:c7:40:54:e7:c2:01:94:be:0c:ba:29:b9:ca:69:dc:32:
         a7:5d:9b:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5a3+gbUP9up2aGs4SxrwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3N2I0ZDEwNWFhNWM0ZDY1ZTk5YWFiNmY3NmVhZDU4OWU2
Mjg3Y2MwHhcNMjQwOTE2MDYwMDU3WhcNMjQwOTE3MDYwMDU3WjAzMTEwLwYDVQQD
EyhhOTE2YmZlYTk2NWU1YjQyZTU3NWQwMWQzNDU3YjIzMDA1OGM0YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorGVX8uE++JbPug628m0W9N3QeEw
YPBmISBfpka3gh8OijLOdXfPyRYYMdjqaXuCMLSlhgWdFt7KhBO1ScoxxZM54WrZ
4cqamjQQNK2flD/oaLTljvIUd6SmWLLtEEKrEkEiD1lbfsUmZAingrWwkUo8ljTH
2LkfKSG0OTtgSlR4746xl62Ytb2lMTyVwKdUxWOwCAJdYF1GI1dWtL7JFrxyYgqu
LM0OO56DwzIP9AyiczVi1xE8mwsw5TCnVBq6TvsDVUaQMri18udQCMZtrWGUPfPk
IpM6JA47jYP4pfnBu5aXCoszvOP79oEQ/dAR+Ng4oGKS50AbhP7w0f53SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkWv+qWXltC5XXQHTRXsjAFjEwFMB8GA1UdIwQY
MBaAFKd7TRBapcTWXpmqtvdurVieYofMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3Yzgt
ZjRmNDUwNDNiOGJjLzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3YzgtZjRmNDUwNDNiOGJj
LzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnJ58pqMM
/XqU/KczZVJtdF53JkSBeIktzrR05LkLRpi64LdYYhicpXpY+JMFgPkSR3BnlSMo
brd42w2PXiErvBjQXnNlJGmcrX4nuDHYP9LoCm93Xfw93AyeRyOs5I4RcRYp30l+
p02pF0KMxD5AV+FDAEmOMFSu/O1CP6Jjhl+R1LjBYxFDW5MwUGHW3+s7olZLltkH
4xlN+S+lwMJKASrMNUy3n6w7J7+cTtMznKYcyG3VHQMQZ8PAxzcqd4EVoh5ILBjw
1odn8sPQGlhRQ7tXQtXLS/No5bN/u90QA44CuJjreaL/UVdtse7HQFTnwgGUvgy6
KbnKadwyp12bJQ==
-----END CERTIFICATE-----