Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
File:                     Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft (raw, json)
Hash identifier:          3LO2GKJhVW0MoG+RDAfebmct0gLRXQSrljI7Uezcd1Q=
Subject key identifier:   9F:7B:58:47:CE:D7:88:6A:E6:00:6B:11:D6:2F:48:CF:D9:65:D3:97
Authority key identifier: 5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B
Certificate issuer:       /CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
Certificate serial:       019356F71123D985BA73C44EA2F61ADC2029
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
Manifest number:          09C7
Signing time:             Sat 23 Nov 2024 03:00:52 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:52 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:52 +0000
Files and hashes:         1: Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl (hash: KETel/dizOwoJBNsWT8VNiNo9lehxsDjpZILQm+XUh8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:11:23:d9:85:ba:73:c4:4e:a2:f6:1a:dc:20:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e3e4fa8c9971aef12345fc0e37d16b3459b783b
        Validity
            Not Before: Nov 23 03:00:52 2024 GMT
            Not After : Nov 24 03:00:52 2024 GMT
        Subject: CN=9f7b5847ced7886ae6006b11d62f48cfd965d397
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ff:f5:c5:ec:cd:6d:ab:98:58:0e:28:a4:ac:
                    92:20:da:f4:b4:94:67:fe:62:85:0b:7d:e7:78:81:
                    82:fb:b5:89:52:3d:36:ee:d1:57:e0:65:95:ad:23:
                    ff:01:34:0a:47:bd:cf:95:d1:04:60:ae:52:70:78:
                    90:6b:f9:d8:9a:ff:a9:16:94:18:26:b2:4e:a4:4c:
                    61:86:3e:50:e0:bf:9d:d5:84:6d:8a:78:8b:40:2e:
                    a9:e6:16:a4:44:5a:f3:fa:ab:69:7d:d7:36:66:ea:
                    2c:a2:64:77:a5:0d:35:dc:89:b2:64:dd:c4:1b:04:
                    a9:99:01:f5:f4:98:e4:1e:39:7e:d7:13:ee:de:88:
                    a2:70:d9:b4:8d:7a:fb:45:d8:a8:f9:b4:40:48:05:
                    ff:1d:f5:c0:ff:8e:0b:61:6e:07:e3:e7:54:8f:bd:
                    f8:54:c9:6b:37:b6:d6:2a:d9:f8:a2:39:c8:e0:7e:
                    60:15:85:5f:16:50:33:4a:f8:0a:de:48:fc:78:08:
                    99:49:e8:1c:70:70:68:fa:b6:c5:f2:ac:7e:f5:05:
                    37:d4:91:89:8e:6b:83:f3:2e:12:20:a2:85:f4:7d:
                    dd:a3:f8:0d:00:f4:75:64:06:98:fb:1c:3c:b8:e2:
                    c7:93:fd:3e:0f:fd:64:3a:43:6a:1f:26:8b:a9:a8:
                    34:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:7B:58:47:CE:D7:88:6A:E6:00:6B:11:D6:2F:48:CF:D9:65:D3:97
            X509v3 Authority Key Identifier:
                keyid:5E:3E:4F:A8:C9:97:1A:EF:12:34:5F:C0:E3:7D:16:B3:45:9B:78:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xj5PqMmXGu8SNF_A430Ws0WbeDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eb5454-7293-437f-ac0b-3a3b0296bb82/1/Xj5PqMmXGu8SNF_A430Ws0WbeDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:31:fc:e6:ac:6d:43:84:8f:36:95:a0:ca:73:06:c0:76:f1:
         86:94:b9:de:76:97:19:92:78:95:bb:67:55:24:bb:14:39:b7:
         73:a3:90:c0:33:3c:01:10:25:06:6e:29:36:b5:f8:49:9f:cf:
         2e:eb:1a:b9:fd:fd:3b:52:88:a1:76:12:0e:54:b7:99:09:60:
         92:52:6c:21:1f:40:24:a8:1e:1c:51:fe:65:5b:33:c3:28:37:
         79:88:98:93:96:78:96:c1:a5:82:08:8f:46:e4:f5:cf:73:bd:
         f5:0f:3a:0c:30:ae:ae:ff:d6:bf:c8:b6:b2:fe:fe:d5:09:64:
         b7:ba:22:28:ab:be:16:b4:79:53:7b:af:fc:1a:62:74:51:d2:
         56:63:95:6c:e1:df:ae:07:4b:79:68:ef:10:6c:fe:52:7b:33:
         2b:c4:e4:b0:e1:41:69:ee:13:e8:dc:b8:37:0f:3e:ec:26:f1:
         f0:d8:84:09:4c:5d:cc:0f:06:63:d7:8c:ac:aa:08:4a:a8:77:
         20:8b:25:1b:83:a2:29:42:5a:6d:8d:fd:da:94:aa:23:9d:34:
         0f:0a:c6:28:a9:ba:ed:c0:de:0b:17:17:04:3b:9e:c0:46:5e:
         8b:58:34:88:4f:2a:ca:cc:89:e5:bf:79:cd:9d:4c:9b:ee:74:
         07:e0:81:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9xEj2YW6c8ROovYa3CApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlM2U0ZmE4Yzk5NzFhZWYxMjM0NWZjMGUzN2QxNmIzNDU5
Yjc4M2IwHhcNMjQxMTIzMDMwMDUyWhcNMjQxMTI0MDMwMDUyWjAzMTEwLwYDVQQD
Eyg5ZjdiNTg0N2NlZDc4ODZhZTYwMDZiMTFkNjJmNDhjZmQ5NjVkMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP/1xezNbauYWA4opKySINr0tJRn
/mKFC33neIGC+7WJUj027tFX4GWVrSP/ATQKR73PldEEYK5ScHiQa/nYmv+pFpQY
JrJOpExhhj5Q4L+d1YRtiniLQC6p5hakRFrz+qtpfdc2ZuosomR3pQ013ImyZN3E
GwSpmQH19JjkHjl+1xPu3oiicNm0jXr7Rdio+bRASAX/HfXA/44LYW4H4+dUj734
VMlrN7bWKtn4ojnI4H5gFYVfFlAzSvgK3kj8eAiZSegccHBo+rbF8qx+9QU31JGJ
jmuD8y4SIKKF9H3do/gNAPR1ZAaY+xw8uOLHk/0+D/1kOkNqHyaLqag0oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ97WEfO14hq5gBrEdYvSM/ZZdOXMB8GA1UdIwQY
MBaAFF4+T6jJlxrvEjRfwON9FrNFm3g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGIt
M2EzYjAyOTZiYjgyLzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lYjU0NTQtNzI5My00MzdmLWFjMGItM2EzYjAyOTZiYjgy
LzEvWGo1UHFNbVhHdThTTkZfQTQzMFdzMFdiZURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzH85qxt
Q4SPNpWgynMGwHbxhpS53naXGZJ4lbtnVSS7FDm3c6OQwDM8ARAlBm4pNrX4SZ/P
Lusauf39O1KIoXYSDlS3mQlgklJsIR9AJKgeHFH+ZVszwyg3eYiYk5Z4lsGlggiP
RuT1z3O99Q86DDCurv/Wv8i2sv7+1Qlkt7oiKKu+FrR5U3uv/BpidFHSVmOVbOHf
rgdLeWjvEGz+UnszK8TksOFBae4T6Ny4Nw8+7Cbx8NiECUxdzA8GY9eMrKoISqh3
IIslG4OiKUJabY392pSqI500DwrGKKm67cDeCxcXBDuewEZei1g0iE8qysyJ5b95
zZ1Mm+50B+CB6w==
-----END CERTIFICATE-----