Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
File:                     5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json)
Hash identifier:          petshbsOlve3PqVdOoEqzFpAUwBMUKEbL2jrrA8U21E=
Subject key identifier:   74:A9:E7:57:8B:59:D6:98:C3:1B:60:F5:96:BF:5F:88:C9:80:19:E0
Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9
Certificate issuer:       /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
Certificate serial:       0191FAB4F70F05EC9DA8AA981756F24E31B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
Manifest number:          A1
Signing time:             Mon 16 Sep 2024 12:00:49 +0000
Manifest this update:     Mon 16 Sep 2024 12:00:49 +0000
Manifest next update:     Tue 17 Sep 2024 12:00:49 +0000
Files and hashes:         1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: eZc3A0HfR7V5V5V8E94fZ37aAHZq2XaQevHnW7IldxQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 12:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:b4:f7:0f:05:ec:9d:a8:aa:98:17:56:f2:4e:31:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9
        Validity
            Not Before: Sep 16 12:00:49 2024 GMT
            Not After : Sep 17 12:00:49 2024 GMT
        Subject: CN=74a9e7578b59d698c31b60f596bf5f88c98019e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:5d:08:e2:5b:d5:04:a7:65:32:66:31:8a:79:
                    42:3c:e2:a6:33:f9:5b:df:33:a4:38:0a:40:68:82:
                    3c:ca:4a:37:b5:f0:c0:4f:72:f7:2d:0e:f7:d4:95:
                    ae:50:82:80:a4:58:9e:d1:c1:57:b4:c9:bd:a3:09:
                    c6:b8:4f:37:3b:63:f9:dc:2e:cf:70:6d:54:d8:ea:
                    86:4f:96:80:8f:a6:ca:f1:3c:5c:3c:a0:0c:e8:63:
                    70:8a:e8:2d:fe:d2:54:9c:6e:3e:96:bf:3b:bd:6f:
                    5a:c7:51:e4:30:94:9c:62:14:6b:00:5b:d6:03:14:
                    f7:1d:87:c2:07:d5:bc:80:5e:d0:db:f0:ab:f3:85:
                    dc:e7:d4:e0:dd:d4:f5:63:41:00:ae:b6:aa:80:b5:
                    8d:6a:e6:0b:26:c4:c6:50:b2:3a:43:13:ef:6f:4a:
                    c1:25:a0:03:d1:e8:42:d5:0b:44:31:92:1c:31:a8:
                    21:a3:c3:00:01:5a:4f:c2:a6:0f:a7:f7:38:f3:05:
                    c9:74:de:4b:30:d6:04:36:39:e2:d6:e3:4b:8d:55:
                    23:0f:18:18:8b:8a:e3:dd:18:db:be:b1:0a:87:58:
                    42:cb:98:b5:ca:97:cf:bb:77:90:53:10:e1:b3:46:
                    02:0b:3a:ba:2a:91:8b:bb:37:6a:c6:f0:77:25:d3:
                    9f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:A9:E7:57:8B:59:D6:98:C3:1B:60:F5:96:BF:5F:88:C9:80:19:E0
            X509v3 Authority Key Identifier:
                keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:32:8f:46:1c:1f:63:8e:84:e8:27:5d:45:c4:0b:65:46:8a:
         17:55:b5:da:35:48:85:ad:0f:7f:41:29:e4:1c:cc:2f:91:22:
         46:eb:0f:bb:d3:9f:4c:da:6a:38:f1:8d:39:fd:35:ac:41:fb:
         0a:13:16:05:8d:5d:74:08:36:ea:c2:d0:fa:14:48:7c:81:16:
         10:57:97:fe:e5:9c:ad:94:16:12:d6:a4:ea:0a:5b:f1:6c:b5:
         0e:43:77:ff:ba:f1:7a:92:94:88:35:07:26:28:ee:d2:50:10:
         4d:61:7f:02:71:22:a2:29:8a:8d:1e:3a:a6:ac:6b:57:12:b8:
         08:93:6c:0b:d1:99:7a:3b:08:a6:38:8f:5e:de:d2:e8:02:0c:
         29:4c:13:93:5d:0a:86:fd:47:f8:3b:cd:e4:bc:bc:12:2c:1f:
         70:d4:f7:d9:9d:f1:b9:cf:e7:66:6b:a5:2c:75:bd:60:8b:ed:
         54:2b:5b:2f:45:db:65:6e:50:4c:56:f9:ec:9f:d7:b0:be:11:
         86:ad:90:95:e2:a2:01:51:a4:a2:fb:d9:ca:f6:2b:19:38:16:
         60:02:b7:a8:16:94:3c:38:de:f3:cb:db:f2:3e:50:a8:14:a4:
         6c:5a:96:85:a9:df:16:ea:52:10:c7:40:74:ff:90:36:57:f1:
         ad:3f:dd:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6tPcPBeydqKqYF1byTjG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0
MGU0ZDkwHhcNMjQwOTE2MTIwMDQ5WhcNMjQwOTE3MTIwMDQ5WjAzMTEwLwYDVQQD
Eyg3NGE5ZTc1NzhiNTlkNjk4YzMxYjYwZjU5NmJmNWY4OGM5ODAxOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV0I4lvVBKdlMmYxinlCPOKmM/lb
3zOkOApAaII8yko3tfDAT3L3LQ731JWuUIKApFie0cFXtMm9ownGuE83O2P53C7P
cG1U2OqGT5aAj6bK8TxcPKAM6GNwiugt/tJUnG4+lr87vW9ax1HkMJScYhRrAFvW
AxT3HYfCB9W8gF7Q2/Cr84Xc59Tg3dT1Y0EArraqgLWNauYLJsTGULI6QxPvb0rB
JaAD0ehC1QtEMZIcMagho8MAAVpPwqYPp/c48wXJdN5LMNYENjni1uNLjVUjDxgY
i4rj3RjbvrEKh1hCy5i1ypfPu3eQUxDhs0YCCzq6KpGLuzdqxvB3JdOfXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSp51eLWdaYwxtg9Za/X4jJgBngMB8GA1UdIwQY
MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt
Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2
LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjKPRhwf
Y46E6CddRcQLZUaKF1W12jVIha0Pf0Ep5BzML5EiRusPu9OfTNpqOPGNOf01rEH7
ChMWBY1ddAg26sLQ+hRIfIEWEFeX/uWcrZQWEtak6gpb8Wy1DkN3/7rxepKUiDUH
Jiju0lAQTWF/AnEioimKjR46pqxrVxK4CJNsC9GZejsIpjiPXt7S6AIMKUwTk10K
hv1H+DvN5Ly8EiwfcNT32Z3xuc/nZmulLHW9YIvtVCtbL0XbZW5QTFb57J/XsL4R
hq2QleKiAVGkovvZyvYrGTgWYAK3qBaUPDje88vb8j5QqBSkbFqWhanfFupSEMdA
dP+QNlfxrT/d4Q==
-----END CERTIFICATE-----