Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
File:                     t5im6ZG5VaKTURGf9312hksNOEo.mft (raw, json)
Hash identifier:          bhn/LA80xJmBeo83NhG8FKpRUO6f+qfR+euWhbm/Y8c=
Subject key identifier:   5A:E4:D9:6E:5D:59:96:27:39:83:00:36:A1:03:4C:43:1A:95:BC:7C
Authority key identifier: B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A
Certificate issuer:       /CN=b798a6e991b955a29351119ff77d76864b0d384a
Certificate serial:       019356898AC0199B65129E077175B4BE1DDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
Manifest number:          0A94
Signing time:             Sat 23 Nov 2024 01:01:14 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:14 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:14 +0000
Files and hashes:         1: t5im6ZG5VaKTURGf9312hksNOEo.crl (hash: RB7CJ6PSa4Np6VCrWEC77Hj/9kn0LIlBC0FkIZ0CgyA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:8a:c0:19:9b:65:12:9e:07:71:75:b4:be:1d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b798a6e991b955a29351119ff77d76864b0d384a
        Validity
            Not Before: Nov 23 01:01:14 2024 GMT
            Not After : Nov 24 01:01:14 2024 GMT
        Subject: CN=5ae4d96e5d59962739830036a1034c431a95bc7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:82:69:d4:96:37:8e:5b:65:02:a4:40:f0:a6:
                    8b:dd:31:9c:87:a9:11:e9:ab:f0:2d:af:2c:82:b4:
                    67:83:ea:7a:a8:48:1b:a4:e5:f4:ac:62:e8:8a:f1:
                    fb:75:f3:32:09:3f:ff:00:85:18:e4:99:09:90:bc:
                    70:95:1b:4a:9c:2f:17:77:7a:16:b2:00:9b:25:b8:
                    28:c2:43:82:80:28:9b:22:45:b5:ad:fa:0a:a4:54:
                    cb:43:df:e3:12:72:89:26:cd:5c:36:aa:69:83:8d:
                    9a:d4:b9:45:34:09:f7:80:a1:e0:71:6c:2d:ed:34:
                    67:a0:de:c7:8c:5f:97:1d:bb:07:c3:fe:bd:38:ed:
                    b8:d2:8c:d8:72:44:54:ee:12:ac:d4:19:0a:0c:02:
                    ba:d5:a6:62:99:c6:20:d7:06:7a:d4:26:e4:e2:ce:
                    95:5d:09:d5:96:bc:ce:f0:2a:8f:65:6e:ee:d6:31:
                    6a:c7:f7:cd:bc:1c:7c:d3:ea:be:35:13:92:07:f3:
                    85:7f:6c:da:44:7d:47:a6:15:37:92:9c:d8:a7:4e:
                    d5:d0:fd:46:4c:7c:45:81:67:3f:9d:ad:1b:83:10:
                    00:cd:06:be:d3:0a:15:ee:0b:3d:04:8a:4d:d2:fd:
                    f0:7f:a2:f1:3a:29:16:fd:67:d6:02:11:7a:bc:c0:
                    84:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E4:D9:6E:5D:59:96:27:39:83:00:36:A1:03:4C:43:1A:95:BC:7C
            X509v3 Authority Key Identifier:
                keyid:B7:98:A6:E9:91:B9:55:A2:93:51:11:9F:F7:7D:76:86:4B:0D:38:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5im6ZG5VaKTURGf9312hksNOEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5392b9-7f23-4740-9123-69c72f168689/1/t5im6ZG5VaKTURGf9312hksNOEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:f1:0e:9b:bc:39:e6:f0:9e:f4:e3:e3:f3:75:d7:cd:91:15:
         bb:eb:17:b4:81:76:ac:a8:a5:e9:31:32:16:56:be:0b:f5:2b:
         7c:49:e0:a0:e1:76:ab:85:cc:9a:81:93:67:6b:90:49:07:e4:
         6f:55:e3:98:ef:b4:2d:29:f4:4c:53:4d:b7:ba:88:58:fc:93:
         f8:6d:28:b0:32:19:6b:6f:8b:3b:3e:0d:4a:3b:8a:55:60:32:
         c8:14:d0:77:b0:aa:d0:ce:4e:94:84:72:95:bc:c0:de:c0:dd:
         92:ee:06:0d:99:52:ee:4f:b9:de:d0:c2:0e:a9:4c:7c:a6:9f:
         d8:5f:42:d5:ba:8f:4e:02:29:32:09:76:04:50:d3:02:76:0d:
         bc:00:a6:42:64:bd:a7:f7:ba:73:8b:7a:6e:68:8a:50:14:e0:
         e9:4c:37:d5:29:44:8c:40:c7:63:e3:72:bc:8e:1e:f1:e4:83:
         03:00:09:a4:54:53:58:6b:27:86:0a:7f:ad:0d:3e:1f:19:a8:
         95:31:07:58:85:5b:1f:b7:c2:0e:da:cc:38:42:6c:40:c1:99:
         95:df:bd:63:38:d4:45:bf:4f:aa:45:ea:e8:87:cc:0f:9a:e0:
         eb:fe:31:35:12:a7:da:20:51:11:7d:5f:b9:bd:cd:85:0f:3b:
         c2:fe:72:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiYrAGZtlEp4HcXW0vh3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OThhNmU5OTFiOTU1YTI5MzUxMTE5ZmY3N2Q3Njg2NGIw
ZDM4NGEwHhcNMjQxMTIzMDEwMTE0WhcNMjQxMTI0MDEwMTE0WjAzMTEwLwYDVQQD
Eyg1YWU0ZDk2ZTVkNTk5NjI3Mzk4MzAwMzZhMTAzNGM0MzFhOTViYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oJp1JY3jltlAqRA8KaL3TGch6kR
6avwLa8sgrRng+p6qEgbpOX0rGLoivH7dfMyCT//AIUY5JkJkLxwlRtKnC8Xd3oW
sgCbJbgowkOCgCibIkW1rfoKpFTLQ9/jEnKJJs1cNqppg42a1LlFNAn3gKHgcWwt
7TRnoN7HjF+XHbsHw/69OO240ozYckRU7hKs1BkKDAK61aZimcYg1wZ61Cbk4s6V
XQnVlrzO8CqPZW7u1jFqx/fNvBx80+q+NROSB/OFf2zaRH1HphU3kpzYp07V0P1G
THxFgWc/na0bgxAAzQa+0woV7gs9BIpN0v3wf6LxOikW/WfWAhF6vMCEtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrk2W5dWZYnOYMANqEDTEMalbx8MB8GA1UdIwQY
MBaAFLeYpumRuVWik1ERn/d9doZLDThKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMt
NjljNzJmMTY4Njg5LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MzkyYjktN2YyMy00NzQwLTkxMjMtNjljNzJmMTY4Njg5
LzEvdDVpbTZaRzVWYUtUVVJHZjkzMTJoa3NOT0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAvEOm7w5
5vCe9OPj83XXzZEVu+sXtIF2rKil6TEyFla+C/UrfEngoOF2q4XMmoGTZ2uQSQfk
b1XjmO+0LSn0TFNNt7qIWPyT+G0osDIZa2+LOz4NSjuKVWAyyBTQd7Cq0M5OlIRy
lbzA3sDdku4GDZlS7k+53tDCDqlMfKaf2F9C1bqPTgIpMgl2BFDTAnYNvACmQmS9
p/e6c4t6bmiKUBTg6Uw31SlEjEDHY+NyvI4e8eSDAwAJpFRTWGsnhgp/rQ0+Hxmo
lTEHWIVbH7fCDtrMOEJsQMGZld+9YzjURb9PqkXq6IfMD5rg6/4xNRKn2iBREX1f
ub3NhQ87wv5yqA==
-----END CERTIFICATE-----