Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.mft
File:                     XzCAHjNozz9wYMjyHMy5ta3b5rc.mft (raw, json)
Hash identifier:          UPIp90nArs2G5wB4L7dieYSvkCwkcvqcxZvKBVhLQ9A=
Subject key identifier:   B2:6A:23:0A:DB:5E:DA:E6:45:9D:D5:58:A8:1F:5C:AA:FF:BB:B7:D3
Authority key identifier: 5F:30:80:1E:33:68:CF:3F:70:60:C8:F2:1C:CC:B9:B5:AD:DB:E6:B7
Certificate issuer:       /CN=5f30801e3368cf3f7060c8f21cccb9b5addbe6b7
Certificate serial:       018F874B2C7139F4982E53BEA37CDD790120
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzCAHjNozz9wYMjyHMy5ta3b5rc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.mft
Manifest number:          09C9
Signing time:             Fri 17 May 2024 16:03:21 +0000
Manifest this update:     Fri 17 May 2024 16:03:21 +0000
Manifest next update:     Sat 18 May 2024 16:03:21 +0000
Files and hashes:         1: XzCAHjNozz9wYMjyHMy5ta3b5rc.crl (hash: 0zrdfDfsTNTf9jLcBmBcyo7+OfGL1BuVsgMhBUQNGvw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzCAHjNozz9wYMjyHMy5ta3b5rc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:03:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4b:2c:71:39:f4:98:2e:53:be:a3:7c:dd:79:01:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f30801e3368cf3f7060c8f21cccb9b5addbe6b7
        Validity
            Not Before: May 17 16:03:21 2024 GMT
            Not After : May 18 16:03:21 2024 GMT
        Subject: CN=b26a230adb5edae6459dd558a81f5caaffbbb7d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:42:65:6f:de:5b:ba:b9:51:03:c2:6e:43:d1:
                    86:b9:34:57:0c:87:bb:e4:c6:1f:fe:97:42:43:0c:
                    b7:af:7e:b3:e7:96:02:ec:42:15:bd:79:65:9a:7e:
                    d9:16:fc:41:1a:a1:6e:0b:f8:92:30:57:04:ec:71:
                    64:49:8a:d8:1a:d0:a1:85:9a:09:f1:1e:e6:7a:d6:
                    af:1c:c9:c5:d7:5b:ba:25:bb:b6:ad:24:2a:1c:55:
                    e7:55:b7:c7:42:0b:cb:61:d8:b2:6b:48:6f:dc:29:
                    e1:8f:6b:f8:f7:d8:75:8b:33:e8:68:ac:7e:d5:e0:
                    08:2c:33:a3:18:32:bb:0c:b9:4f:d4:10:15:93:88:
                    35:78:c9:27:77:2d:00:e4:80:90:ef:4d:93:91:ef:
                    1c:aa:61:e8:63:51:85:86:53:d2:bb:95:cd:35:80:
                    31:29:7e:2f:d0:f7:eb:e8:fe:25:d9:21:cb:b5:50:
                    ca:52:e9:2d:cf:fa:68:21:84:54:ae:0f:02:cb:2d:
                    51:13:e0:cf:16:41:ce:0e:d2:b5:55:bb:48:53:db:
                    bb:96:f1:2f:59:4b:9b:93:52:1c:d3:7b:23:bb:aa:
                    4f:a1:25:ad:d7:f7:70:96:00:46:bb:ef:cf:c3:28:
                    66:c2:a5:ca:76:9c:03:f2:98:6b:47:ca:86:5a:50:
                    6d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:6A:23:0A:DB:5E:DA:E6:45:9D:D5:58:A8:1F:5C:AA:FF:BB:B7:D3
            X509v3 Authority Key Identifier:
                keyid:5F:30:80:1E:33:68:CF:3F:70:60:C8:F2:1C:CC:B9:B5:AD:DB:E6:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzCAHjNozz9wYMjyHMy5ta3b5rc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac5e83-8add-4f56-b73b-829cf0f825e9/1/XzCAHjNozz9wYMjyHMy5ta3b5rc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:05:c8:a5:a4:91:3e:8d:0a:c6:9c:72:69:68:52:7e:64:91:
         c6:c1:e2:20:d4:9a:e6:59:7d:50:db:17:3f:e9:0a:16:92:e8:
         54:8a:ab:ed:a7:8f:56:0b:df:1e:00:5d:a7:55:be:7b:e9:86:
         3d:2e:fe:79:1d:d5:62:5c:cd:02:79:83:9e:06:d5:ca:ac:25:
         90:9c:cb:27:2b:11:14:8c:69:9f:52:39:55:fc:d7:e0:08:07:
         bf:59:bd:d1:7a:e3:5f:04:10:f0:7c:18:29:84:a6:9f:1f:fb:
         b8:8d:aa:c7:60:57:3b:7d:cd:78:21:ce:91:06:4f:bf:97:5e:
         87:2d:02:0e:0a:8a:62:e8:a7:fb:ba:8c:6d:e2:f0:e9:e8:e6:
         70:7d:30:1d:d3:8d:7b:c4:19:91:66:f8:88:51:6b:34:41:50:
         7b:18:c4:f2:fd:9d:28:4a:cb:37:4a:43:7b:69:6b:39:4b:32:
         da:19:f7:1d:e5:14:e2:9c:ad:dc:41:a9:e6:ac:cb:a5:04:15:
         73:0f:08:17:56:b7:7c:9b:cc:b9:d1:ac:99:14:e6:f2:2c:22:
         3a:95:d5:08:1d:c7:39:8d:7c:9e:6e:78:c2:06:66:4a:cf:cd:
         6d:8c:b2:d8:a8:62:03:78:f9:c3:b4:e3:15:a0:ed:2a:be:ae:
         43:a3:8a:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSyxxOfSYLlO+o3zdeQEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMzA4MDFlMzM2OGNmM2Y3MDYwYzhmMjFjY2NiOWI1YWRk
YmU2YjcwHhcNMjQwNTE3MTYwMzIxWhcNMjQwNTE4MTYwMzIxWjAzMTEwLwYDVQQD
EyhiMjZhMjMwYWRiNWVkYWU2NDU5ZGQ1NThhODFmNWNhYWZmYmJiN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUJlb95burlRA8JuQ9GGuTRXDIe7
5MYf/pdCQwy3r36z55YC7EIVvXllmn7ZFvxBGqFuC/iSMFcE7HFkSYrYGtChhZoJ
8R7metavHMnF11u6Jbu2rSQqHFXnVbfHQgvLYdiya0hv3Cnhj2v499h1izPoaKx+
1eAILDOjGDK7DLlP1BAVk4g1eMkndy0A5ICQ702Tke8cqmHoY1GFhlPSu5XNNYAx
KX4v0Pfr6P4l2SHLtVDKUuktz/poIYRUrg8Cyy1RE+DPFkHODtK1VbtIU9u7lvEv
WUubk1Ic03sju6pPoSWt1/dwlgBGu+/PwyhmwqXKdpwD8phrR8qGWlBtwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJqIwrbXtrmRZ3VWKgfXKr/u7fTMB8GA1UdIwQY
MBaAFF8wgB4zaM8/cGDI8hzMubWt2+a3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpDQUhqTm96ejl3WU1qeUhNeTV0YTNiNXJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYzVlODMtOGFkZC00ZjU2LWI3M2It
ODI5Y2YwZjgyNWU5LzEvWHpDQUhqTm96ejl3WU1qeUhNeTV0YTNiNXJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYzVlODMtOGFkZC00ZjU2LWI3M2ItODI5Y2YwZjgyNWU5
LzEvWHpDQUhqTm96ejl3WU1qeUhNeTV0YTNiNXJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQXIpaSR
Po0KxpxyaWhSfmSRxsHiINSa5ll9UNsXP+kKFpLoVIqr7aePVgvfHgBdp1W+e+mG
PS7+eR3VYlzNAnmDngbVyqwlkJzLJysRFIxpn1I5VfzX4AgHv1m90XrjXwQQ8HwY
KYSmnx/7uI2qx2BXO33NeCHOkQZPv5dehy0CDgqKYuin+7qMbeLw6ejmcH0wHdON
e8QZkWb4iFFrNEFQexjE8v2dKErLN0pDe2lrOUsy2hn3HeUU4pyt3EGp5qzLpQQV
cw8IF1a3fJvMudGsmRTm8iwiOpXVCB3HOY18nm54wgZmSs/NbYyy2KhiA3j5w7Tj
FaDtKr6uQ6OKyA==
-----END CERTIFICATE-----