Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
File:                     5DWo9PNqSBGpLRlhc-HEmarMd9U.mft (raw, json)
Hash identifier:          rai1QrmbAP0WBr55/rlSokHb8F2pHyMlLVvVMs6FkR0=
Subject key identifier:   EB:25:9C:51:16:BA:04:89:31:88:BD:3C:EC:E6:29:1B:2A:4D:07:F2
Authority key identifier: E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5
Certificate issuer:       /CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
Certificate serial:       019405A17EC444D39F777F177A1EA9060094
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
Manifest number:          0AA9
Signing time:             Fri 27 Dec 2024 01:00:57 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:57 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:57 +0000
Files and hashes:         1: 5DWo9PNqSBGpLRlhc-HEmarMd9U.crl (hash: 6mu9C6Bkl7DJBCx3EApWlMbcIHPtiszlxgeCi+ScglM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a1:7e:c4:44:d3:9f:77:7f:17:7a:1e:a9:06:00:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e435a8f4f36a4811a92d196173e1c499aacc77d5
        Validity
            Not Before: Dec 27 01:00:57 2024 GMT
            Not After : Dec 28 01:00:57 2024 GMT
        Subject: CN=eb259c5116ba04893188bd3cece6291b2a4d07f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4e:fd:57:52:da:c4:7e:e3:e6:5c:1d:d5:b3:
                    15:21:d2:cb:ba:e6:4a:8e:21:df:74:72:5c:68:96:
                    c2:37:51:84:12:4e:1c:00:ca:c3:29:72:85:4c:e9:
                    ab:ed:c0:f1:55:6f:4b:d6:4e:0b:3e:69:af:36:d2:
                    32:dd:36:bd:23:94:b2:95:60:aa:1b:3e:b6:b2:61:
                    8f:2a:c0:8e:e7:7b:de:0b:69:6b:95:db:f0:c8:67:
                    0a:fa:ce:c6:36:40:5b:eb:3c:ee:4b:d3:95:d0:ab:
                    9d:76:9a:31:bb:9d:2f:ed:82:2e:c6:28:58:5a:60:
                    c0:de:06:1e:3e:82:ed:15:55:b3:cb:2d:ef:6c:ba:
                    25:25:9b:89:e4:29:00:9c:d7:64:80:f6:1d:e7:fc:
                    6c:fb:32:51:40:8c:08:1b:de:8c:fe:75:47:d3:b3:
                    b7:b2:12:38:19:7c:8a:7b:47:ba:57:8a:01:1c:48:
                    8d:4c:81:10:97:98:38:0e:bd:17:13:d9:4e:79:27:
                    68:85:d0:47:58:09:b5:2a:8c:69:9e:86:df:86:10:
                    1f:5c:9b:cb:7e:32:1f:1c:bc:4f:f9:e5:c7:f0:0c:
                    8c:7a:c7:aa:1c:34:fa:56:08:61:17:f1:fe:9f:db:
                    99:8f:6f:df:56:35:21:72:ec:4c:7b:3c:fa:06:f1:
                    af:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:25:9C:51:16:BA:04:89:31:88:BD:3C:EC:E6:29:1B:2A:4D:07:F2
            X509v3 Authority Key Identifier:
                keyid:E4:35:A8:F4:F3:6A:48:11:A9:2D:19:61:73:E1:C4:99:AA:CC:77:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DWo9PNqSBGpLRlhc-HEmarMd9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/42ba75-92e6-4793-8ad9-b80e9fa42dfb/1/5DWo9PNqSBGpLRlhc-HEmarMd9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:64:99:2e:a9:0f:90:96:c0:eb:03:75:37:3c:3c:9e:47:e7:
         9b:3e:4f:df:00:a9:ea:e6:8c:a7:c6:6a:99:94:ba:a1:2f:d8:
         fc:b5:d2:28:26:56:6c:29:8a:fc:0d:95:eb:24:fa:96:8f:59:
         32:d7:c4:60:eb:41:75:66:07:bb:61:42:a2:f5:03:47:27:a9:
         5a:cc:c9:31:59:e1:75:03:46:ae:2e:32:4c:e5:65:ad:d4:b1:
         1b:22:92:c4:6a:4c:d9:69:1f:00:f5:20:5d:52:fc:04:ff:6b:
         a0:ca:57:c2:82:87:c5:7f:5e:05:2f:d6:ce:f1:cb:af:9d:2c:
         16:1a:11:a5:97:e7:00:f8:82:bb:b9:ce:96:19:b1:9c:2a:b6:
         a3:b7:33:b4:11:16:e1:09:44:ef:5a:48:3b:a0:a0:fc:dc:f6:
         61:88:58:fe:4b:bd:0e:40:ca:d6:97:57:dc:f7:8f:09:a9:81:
         43:17:0f:26:84:03:e6:e5:c5:c4:30:26:89:58:f5:3c:08:dc:
         63:1d:c8:e8:54:5a:49:0f:33:15:7e:72:4f:4f:da:6e:bf:cf:
         c7:32:f8:93:0d:18:9f:fa:54:0d:df:82:66:e6:61:91:2c:26:
         5d:97:14:d6:e1:b7:1f:32:97:91:7f:dd:33:18:a8:8d:12:96:
         4a:4d:22:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoX7ERNOfd38Xeh6pBgCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MzVhOGY0ZjM2YTQ4MTFhOTJkMTk2MTczZTFjNDk5YWFj
Yzc3ZDUwHhcNMjQxMjI3MDEwMDU3WhcNMjQxMjI4MDEwMDU3WjAzMTEwLwYDVQQD
EyhlYjI1OWM1MTE2YmEwNDg5MzE4OGJkM2NlY2U2MjkxYjJhNGQwN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk79V1LaxH7j5lwd1bMVIdLLuuZK
jiHfdHJcaJbCN1GEEk4cAMrDKXKFTOmr7cDxVW9L1k4LPmmvNtIy3Ta9I5SylWCq
Gz62smGPKsCO53veC2lrldvwyGcK+s7GNkBb6zzuS9OV0Kuddpoxu50v7YIuxihY
WmDA3gYePoLtFVWzyy3vbLolJZuJ5CkAnNdkgPYd5/xs+zJRQIwIG96M/nVH07O3
shI4GXyKe0e6V4oBHEiNTIEQl5g4Dr0XE9lOeSdohdBHWAm1KoxpnobfhhAfXJvL
fjIfHLxP+eXH8AyMeseqHDT6VghhF/H+n9uZj2/fVjUhcuxMezz6BvGv+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOslnFEWugSJMYi9POzmKRsqTQfyMB8GA1UdIwQY
MBaAFOQ1qPTzakgRqS0ZYXPhxJmqzHfVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDkt
YjgwZTlmYTQyZGZiLzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80MmJhNzUtOTJlNi00NzkzLThhZDktYjgwZTlmYTQyZGZi
LzEvNURXbzlQTnFTQkdwTFJsaGMtSEVtYXJNZDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2SZLqkP
kJbA6wN1Nzw8nkfnmz5P3wCp6uaMp8ZqmZS6oS/Y/LXSKCZWbCmK/A2V6yT6lo9Z
MtfEYOtBdWYHu2FCovUDRyepWszJMVnhdQNGri4yTOVlrdSxGyKSxGpM2WkfAPUg
XVL8BP9roMpXwoKHxX9eBS/WzvHLr50sFhoRpZfnAPiCu7nOlhmxnCq2o7cztBEW
4QlE71pIO6Cg/Nz2YYhY/ku9DkDK1pdX3PePCamBQxcPJoQD5uXFxDAmiVj1PAjc
Yx3I6FRaSQ8zFX5yT0/abr/PxzL4kw0Yn/pUDd+CZuZhkSwmXZcU1uG3HzKXkX/d
MxiojRKWSk0iGQ==
-----END CERTIFICATE-----