Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
File:                     AhXKBUNIfztxz4FP4NjWb6lREVs.mft (raw, json)
Hash identifier:          etlidl2ofINZ99WMC12umErEOSHAnINELo5alf1p7Zs=
Subject key identifier:   B5:A9:E5:86:70:C0:2C:DA:29:85:49:BA:EA:3F:A6:BD:DE:5A:1C:86
Authority key identifier: 02:15:CA:05:43:48:7F:3B:71:CF:81:4F:E0:D8:D6:6F:A9:51:11:5B
Certificate issuer:       /CN=0215ca0543487f3b71cf814fe0d8d66fa951115b
Certificate serial:       0191FA7E23CF80DCB7F85A02B3CC5AF43BBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
Manifest number:          E1
Signing time:             Mon 16 Sep 2024 11:00:56 +0000
Manifest this update:     Mon 16 Sep 2024 11:00:56 +0000
Manifest next update:     Tue 17 Sep 2024 11:00:56 +0000
Files and hashes:         1: AhXKBUNIfztxz4FP4NjWb6lREVs.crl (hash: sdlOjJStUUCRC4ULlMdPPJSMba7p6gPXDbAJ3cDazVM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:7e:23:cf:80:dc:b7:f8:5a:02:b3:cc:5a:f4:3b:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0215ca0543487f3b71cf814fe0d8d66fa951115b
        Validity
            Not Before: Sep 16 11:00:56 2024 GMT
            Not After : Sep 17 11:00:56 2024 GMT
        Subject: CN=b5a9e58670c02cda298549baea3fa6bdde5a1c86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:97:35:3f:3e:c0:bb:6b:d3:49:3f:0a:31:fd:
                    43:8e:23:9f:21:a9:6e:e5:8d:ad:80:47:03:c4:5b:
                    11:a5:93:4b:05:c0:cc:a7:7d:a9:6c:7b:2a:60:39:
                    29:5c:de:5b:d9:b4:0f:c4:ec:6b:11:c6:47:aa:02:
                    64:11:55:0e:97:10:a1:b1:e2:9c:25:77:e6:e3:bc:
                    4c:47:d3:51:c7:b3:2d:43:8d:57:fe:dc:70:9e:8b:
                    cd:f5:fe:47:7c:89:b1:0c:81:64:9c:4c:4c:a7:d9:
                    67:2a:9c:d2:9a:3a:86:26:50:37:94:15:cd:47:97:
                    da:28:e5:83:b9:4b:3c:a2:11:80:95:d2:c2:77:6f:
                    e7:55:fe:b9:78:42:27:6b:7e:a2:92:65:97:c0:1c:
                    47:70:b6:b7:e4:7a:85:ee:05:c6:dd:df:5e:95:60:
                    69:62:8e:e7:16:1e:74:ad:05:fd:5d:82:26:f5:2f:
                    84:3a:a4:53:33:ec:f0:ff:41:ce:b8:76:45:83:7a:
                    4c:65:96:4d:48:77:04:66:65:d6:28:1f:ff:bf:7a:
                    42:ba:eb:18:06:f4:ac:07:29:b7:f5:35:38:4a:08:
                    6d:35:8a:6b:43:05:1c:5a:cf:88:6b:7f:18:2c:7a:
                    3f:4a:eb:94:2f:97:1c:35:b6:aa:d0:7a:82:86:28:
                    de:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:A9:E5:86:70:C0:2C:DA:29:85:49:BA:EA:3F:A6:BD:DE:5A:1C:86
            X509v3 Authority Key Identifier:
                keyid:02:15:CA:05:43:48:7F:3B:71:CF:81:4F:E0:D8:D6:6F:A9:51:11:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhXKBUNIfztxz4FP4NjWb6lREVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3ed902-a05d-49ac-a476-174fa26fd4b6/1/AhXKBUNIfztxz4FP4NjWb6lREVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:94:87:4a:98:78:11:c7:92:97:26:4e:eb:d8:66:15:3c:3d:
         11:95:97:a0:51:46:92:d8:fc:a9:7a:4e:00:24:4e:1a:6d:e5:
         d0:18:68:16:d7:fd:86:10:33:e3:6a:40:03:4e:d5:c0:bc:ba:
         3f:61:aa:f2:41:59:8e:ed:e8:c1:d4:2d:ec:fd:23:15:d5:6c:
         9a:c8:3f:43:f1:63:97:91:b0:e0:24:c1:e6:bb:8a:56:4b:89:
         ca:e9:a5:cb:9f:23:fa:67:71:9f:fa:71:2b:36:59:97:45:a1:
         c0:6c:16:80:67:e0:df:25:3a:ea:1b:8e:02:07:af:1e:37:2a:
         8b:e1:a6:cc:6b:85:12:dd:87:17:76:eb:3c:fd:b4:e7:95:ef:
         a8:a6:5c:6f:db:f6:61:93:5d:fd:90:66:ab:a9:d8:20:b6:72:
         e4:e5:ec:b2:00:1b:22:51:b8:65:2c:74:d4:25:89:c1:0b:9e:
         f2:f2:48:4d:b0:37:cc:45:8c:ba:11:d9:b9:83:ec:f8:fe:48:
         27:a9:37:29:af:8e:ad:d8:ca:0e:29:a5:aa:0c:15:ab:64:69:
         32:c9:3f:22:a2:73:28:dc:bd:84:27:c5:47:2c:f3:a0:c3:6a:
         10:44:b3:90:3d:95:b5:6d:3f:2b:f6:05:d9:35:25:b1:de:02:
         a3:60:25:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6fiPPgNy3+FoCs8xa9Du6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTVjYTA1NDM0ODdmM2I3MWNmODE0ZmUwZDhkNjZmYTk1
MTExNWIwHhcNMjQwOTE2MTEwMDU2WhcNMjQwOTE3MTEwMDU2WjAzMTEwLwYDVQQD
EyhiNWE5ZTU4NjcwYzAyY2RhMjk4NTQ5YmFlYTNmYTZiZGRlNWExYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05c1Pz7Au2vTST8KMf1DjiOfIalu
5Y2tgEcDxFsRpZNLBcDMp32pbHsqYDkpXN5b2bQPxOxrEcZHqgJkEVUOlxChseKc
JXfm47xMR9NRx7MtQ41X/txwnovN9f5HfImxDIFknExMp9lnKpzSmjqGJlA3lBXN
R5faKOWDuUs8ohGAldLCd2/nVf65eEIna36ikmWXwBxHcLa35HqF7gXG3d9elWBp
Yo7nFh50rQX9XYIm9S+EOqRTM+zw/0HOuHZFg3pMZZZNSHcEZmXWKB//v3pCuusY
BvSsBym39TU4SghtNYprQwUcWs+Ia38YLHo/SuuUL5ccNbaq0HqChijeIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWp5YZwwCzaKYVJuuo/pr3eWhyGMB8GA1UdIwQY
MBaAFAIVygVDSH87cc+BT+DY1m+pURFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zZWQ5MDItYTA1ZC00OWFjLWE0NzYt
MTc0ZmEyNmZkNGI2LzEvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zZWQ5MDItYTA1ZC00OWFjLWE0NzYtMTc0ZmEyNmZkNGI2
LzEvQWhYS0JVTklmenR4ejRGUDROaldiNmxSRVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJSHSph4
EceSlyZO69hmFTw9EZWXoFFGktj8qXpOACROGm3l0BhoFtf9hhAz42pAA07VwLy6
P2Gq8kFZju3owdQt7P0jFdVsmsg/Q/Fjl5Gw4CTB5ruKVkuJyumly58j+mdxn/px
KzZZl0WhwGwWgGfg3yU66huOAgevHjcqi+GmzGuFEt2HF3brPP2055XvqKZcb9v2
YZNd/ZBmq6nYILZy5OXssgAbIlG4ZSx01CWJwQue8vJITbA3zEWMuhHZuYPs+P5I
J6k3Ka+OrdjKDimlqgwVq2RpMsk/IqJzKNy9hCfFRyzzoMNqEESzkD2VtW0/K/YF
2TUlsd4Co2Al5g==
-----END CERTIFICATE-----