Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          dmFIqXUVC4asVWmOYiW5V1cl+NyYrX4/jODJr2Y9qEo=
Subject key identifier:   D5:D7:7A:F1:E0:8A:73:B3:D6:DE:FA:24:E1:CF:21:D3:48:52:7E:A3
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       0191F9349F02F0F5AD2F9848AC090C5BB814
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          A5
Signing time:             Mon 16 Sep 2024 05:01:00 +0000
Manifest this update:     Mon 16 Sep 2024 05:01:00 +0000
Manifest next update:     Tue 17 Sep 2024 05:01:00 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: bjI7tTySGEfpNwwXXmlxYPIUG9TUbnLKHvdkbV4yTDY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 05:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:34:9f:02:f0:f5:ad:2f:98:48:ac:09:0c:5b:b8:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Sep 16 05:01:00 2024 GMT
            Not After : Sep 17 05:01:00 2024 GMT
        Subject: CN=d5d77af1e08a73b3d6defa24e1cf21d348527ea3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:35:62:38:ac:2c:92:49:28:cc:17:78:fe:67:
                    1f:11:f3:fd:18:c0:c1:6d:3f:8c:d2:c9:fe:93:38:
                    68:35:5d:fb:fb:7f:54:c2:59:24:ef:78:d4:7a:2d:
                    d3:f7:18:aa:60:03:da:8a:77:bd:35:66:49:75:5a:
                    8e:36:41:43:7c:30:50:7e:3c:72:59:77:72:64:bf:
                    33:a3:db:7e:ef:66:e8:71:e5:6f:5f:e9:6a:61:4d:
                    d0:ba:d0:96:e4:94:6f:b0:60:af:40:9b:cd:4d:ff:
                    e7:7b:3e:8b:b6:26:70:a7:43:aa:67:3d:c2:93:7b:
                    f9:d9:ae:aa:2d:4d:2a:ab:51:b0:99:bb:68:82:45:
                    67:e2:23:93:d7:fb:b8:3d:8b:96:95:37:be:d1:d9:
                    e1:d9:d3:d2:d7:c6:22:16:ca:22:c8:ee:be:f5:4b:
                    63:de:38:bb:38:65:bd:48:64:17:8d:c5:03:c6:f8:
                    14:87:d0:7d:e9:ea:3b:9e:e7:1a:03:00:33:73:0a:
                    9f:a4:0d:08:5a:94:e7:d3:ff:67:ea:1c:9b:39:c7:
                    d7:6c:9f:9c:82:b1:72:2e:f4:8e:2c:12:7f:d8:7b:
                    4b:bb:98:2f:9a:8c:07:b7:57:4c:02:35:84:de:76:
                    91:ed:84:d4:75:7d:0c:c0:97:58:1b:78:99:09:00:
                    5a:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D7:7A:F1:E0:8A:73:B3:D6:DE:FA:24:E1:CF:21:D3:48:52:7E:A3
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a4:04:11:f4:a4:d7:6a:3d:53:d9:f8:14:92:9f:40:45:6d:
         35:ef:0f:5a:da:a7:86:d6:f6:21:26:a2:18:56:d9:a2:fd:ba:
         9f:2b:95:02:db:08:3b:4c:19:27:11:a2:00:a1:36:d0:23:5d:
         d1:2c:cf:91:4e:d9:04:d3:75:5e:0b:41:9c:24:dc:f1:2b:50:
         86:a8:1e:11:c4:38:d6:01:c9:56:9e:d8:6c:e8:7a:57:30:dd:
         53:e6:d2:d7:82:1e:a4:de:6d:27:c8:ec:db:7d:9f:0f:98:ec:
         c4:b2:c7:30:ae:cf:97:ff:68:ef:04:ee:dc:06:f7:cc:c8:c1:
         52:f1:16:ce:cb:07:df:6f:f8:38:1a:50:70:70:5e:24:af:ab:
         2b:33:1c:7f:35:d5:d8:84:44:41:be:33:eb:0c:88:f0:05:47:
         cf:53:76:1c:da:88:88:51:e7:ff:ab:4c:3d:83:ac:3b:25:c1:
         f3:a2:c1:ee:f8:9b:fe:2c:31:5f:51:d2:0c:02:ee:20:87:1f:
         e9:5a:0a:a9:79:42:31:30:8f:df:21:b6:1f:cb:23:5d:9b:97:
         f6:c7:2b:65:18:84:9d:09:12:bd:25:60:6e:bf:1c:57:e3:38:
         64:77:d3:95:52:3c:4f:57:a2:d8:97:20:a6:e4:98:7b:cc:a3:
         ed:6b:af:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5NJ8C8PWtL5hIrAkMW7gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjQwOTE2MDUwMTAwWhcNMjQwOTE3MDUwMTAwWjAzMTEwLwYDVQQD
EyhkNWQ3N2FmMWUwOGE3M2IzZDZkZWZhMjRlMWNmMjFkMzQ4NTI3ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijViOKwskkkozBd4/mcfEfP9GMDB
bT+M0sn+kzhoNV37+39Uwlkk73jUei3T9xiqYAPaine9NWZJdVqONkFDfDBQfjxy
WXdyZL8zo9t+72boceVvX+lqYU3QutCW5JRvsGCvQJvNTf/nez6LtiZwp0OqZz3C
k3v52a6qLU0qq1GwmbtogkVn4iOT1/u4PYuWlTe+0dnh2dPS18YiFsoiyO6+9Utj
3ji7OGW9SGQXjcUDxvgUh9B96eo7nucaAwAzcwqfpA0IWpTn0/9n6hybOcfXbJ+c
grFyLvSOLBJ/2HtLu5gvmowHt1dMAjWE3naR7YTUdX0MwJdYG3iZCQBayQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXXevHginOz1t76JOHPIdNIUn6jMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6QEEfSk
12o9U9n4FJKfQEVtNe8PWtqnhtb2ISaiGFbZov26nyuVAtsIO0wZJxGiAKE20CNd
0SzPkU7ZBNN1XgtBnCTc8StQhqgeEcQ41gHJVp7YbOh6VzDdU+bS14IepN5tJ8js
232fD5jsxLLHMK7Pl/9o7wTu3Ab3zMjBUvEWzssH32/4OBpQcHBeJK+rKzMcfzXV
2IREQb4z6wyI8AVHz1N2HNqIiFHn/6tMPYOsOyXB86LB7vib/iwxX1HSDALuIIcf
6VoKqXlCMTCP3yG2H8sjXZuX9scrZRiEnQkSvSVgbr8cV+M4ZHfTlVI8T1ei2Jcg
puSYe8yj7WuvAA==
-----END CERTIFICATE-----