Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          tY1KpAc+OeA92Ff/vJmGu/p0abo+QAmEFroE8357yOU=
Subject key identifier:   67:7D:96:FE:DD:F7:50:68:1B:58:72:C0:B0:C4:67:DF:F3:F1:33:54
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       0193579BDE6C141F6259CC9000A9C601153B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          9E
Signing time:             Sat 23 Nov 2024 06:00:53 +0000
Manifest this update:     Sat 23 Nov 2024 06:00:53 +0000
Manifest next update:     Sun 24 Nov 2024 06:00:53 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: EooAul7ez2UqPIYpNmAlnQ0WQ1lK8C6+QqsW9ERo7C0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:9b:de:6c:14:1f:62:59:cc:90:00:a9:c6:01:15:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Nov 23 06:00:53 2024 GMT
            Not After : Nov 24 06:00:53 2024 GMT
        Subject: CN=677d96feddf750681b5872c0b0c467dff3f13354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:09:d8:57:48:1c:8d:cf:45:37:35:14:cb:9f:
                    1c:dc:43:50:ca:f2:6e:2d:6e:91:11:bd:19:92:d2:
                    56:99:98:8e:0f:10:08:5a:10:99:f3:a8:fa:3a:e4:
                    22:0e:21:d4:9a:b5:77:9f:65:2f:4f:c9:d9:be:ab:
                    5b:b7:a2:0b:9c:2d:85:ca:70:05:21:15:39:23:83:
                    87:56:23:2d:36:ed:08:ac:20:a3:2d:1d:20:2f:cf:
                    9c:96:83:ab:bf:91:6c:47:a5:01:52:80:96:4a:02:
                    f9:e5:fb:1a:16:26:5a:9e:77:08:6c:34:15:c7:68:
                    11:bd:9b:ca:b1:f4:3a:da:17:02:33:f5:21:32:ce:
                    f7:db:d9:02:5c:f2:c0:e6:54:d8:26:1f:60:d3:81:
                    1a:e4:90:42:62:c2:4e:88:7c:a6:b7:8a:e1:38:70:
                    7a:79:8c:48:f2:56:f3:2f:f3:b9:48:1e:39:e0:2d:
                    f8:c3:a2:0a:1a:eb:8c:8d:af:c7:7e:86:7a:df:3a:
                    d8:32:85:e1:e0:52:26:d6:49:d0:0d:41:12:b6:db:
                    9e:35:cf:6e:e6:ae:f8:14:5f:36:44:f7:16:c6:a3:
                    c7:79:d3:df:7d:a8:80:52:4f:2d:46:d6:1d:82:c8:
                    1e:f8:76:d7:62:a4:31:09:ad:db:6e:0c:4f:77:f2:
                    85:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:7D:96:FE:DD:F7:50:68:1B:58:72:C0:B0:C4:67:DF:F3:F1:33:54
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:7b:d0:ef:dc:82:c1:99:8a:42:2c:88:34:ec:7d:e7:f1:a8:
         a4:c5:3f:45:40:b0:0c:d7:a5:12:30:00:99:c7:1c:d7:49:de:
         ee:08:a4:2e:6a:f9:ee:c7:47:0c:9c:d9:bf:75:51:40:eb:81:
         f7:c4:d6:34:ee:43:50:84:f3:5f:cf:b2:b2:bd:6b:4c:49:3a:
         b8:17:26:28:99:8c:0a:40:7f:6c:b8:6c:8c:a0:51:e8:2b:9b:
         a2:ec:09:53:fb:11:0e:80:ad:f7:b1:5b:22:02:8f:49:34:eb:
         68:2a:61:69:24:a8:98:63:cc:3a:ef:45:25:9c:c9:76:09:2a:
         1e:7d:d2:b8:a8:f5:d1:a9:61:01:b8:af:f0:9c:f3:a8:97:c2:
         d3:43:9e:04:5f:d3:ff:cb:c4:6f:6b:c2:d7:fc:42:de:a7:a2:
         45:bf:74:ce:12:ab:e5:75:35:31:d0:ba:84:2f:6d:35:ee:19:
         ff:68:e4:fb:04:f6:75:0f:47:1e:0a:fc:51:02:73:60:57:bc:
         75:10:08:71:69:ed:35:4c:ac:c9:ad:b3:c8:f6:bd:5d:9c:76:
         7e:4b:d5:38:48:43:42:4d:07:8b:a6:f2:8a:22:79:61:46:c1:
         5b:cc:be:89:16:a3:ba:22:fb:0a:54:64:8a:1f:5f:55:f9:4a:
         b8:80:73:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXm95sFB9iWcyQAKnGARU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjQxMTIzMDYwMDUzWhcNMjQxMTI0MDYwMDUzWjAzMTEwLwYDVQQD
Eyg2NzdkOTZmZWRkZjc1MDY4MWI1ODcyYzBiMGM0NjdkZmYzZjEzMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAnYV0gcjc9FNzUUy58c3ENQyvJu
LW6REb0ZktJWmZiODxAIWhCZ86j6OuQiDiHUmrV3n2UvT8nZvqtbt6ILnC2FynAF
IRU5I4OHViMtNu0IrCCjLR0gL8+cloOrv5FsR6UBUoCWSgL55fsaFiZanncIbDQV
x2gRvZvKsfQ62hcCM/UhMs7329kCXPLA5lTYJh9g04Ea5JBCYsJOiHymt4rhOHB6
eYxI8lbzL/O5SB454C34w6IKGuuMja/HfoZ63zrYMoXh4FIm1knQDUESttueNc9u
5q74FF82RPcWxqPHedPffaiAUk8tRtYdgsge+HbXYqQxCa3bbgxPd/KFCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd9lv7d91BoG1hywLDEZ9/z8TNUMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnvQ79yC
wZmKQiyINOx95/GopMU/RUCwDNelEjAAmccc10ne7gikLmr57sdHDJzZv3VRQOuB
98TWNO5DUITzX8+ysr1rTEk6uBcmKJmMCkB/bLhsjKBR6CubouwJU/sRDoCt97Fb
IgKPSTTraCphaSSomGPMOu9FJZzJdgkqHn3SuKj10alhAbiv8JzzqJfC00OeBF/T
/8vEb2vC1/xC3qeiRb90zhKr5XU1MdC6hC9tNe4Z/2jk+wT2dQ9HHgr8UQJzYFe8
dRAIcWntNUysya2zyPa9XZx2fkvVOEhDQk0Hi6byiiJ5YUbBW8y+iRajuiL7ClRk
ih9fVflKuIBz4Q==
-----END CERTIFICATE-----