Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File:                     uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier:          uyow+mBtkB3nbTgJw8tboptCjQRNGsMyR4n7mXlCVzQ=
Subject key identifier:   81:33:56:4A:1E:43:2B:C0:A1:32:46:97:96:A4:60:0F:EA:9F:9C:5F
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer:       /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial:       018F874B1707A9337B652C97FC35E368507A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number:          0955
Signing time:             Fri 17 May 2024 16:03:16 +0000
Manifest this update:     Fri 17 May 2024 16:03:16 +0000
Manifest next update:     Sat 18 May 2024 16:03:16 +0000
Files and hashes:         1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: AaUWQbfaUBqV7Yq3DnikKSkCjfda8MJRETPFkJW/pt8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:03:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4b:17:07:a9:33:7b:65:2c:97:fc:35:e3:68:50:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
        Validity
            Not Before: May 17 16:03:16 2024 GMT
            Not After : May 18 16:03:16 2024 GMT
        Subject: CN=8133564a1e432bc0a132469796a4600fea9f9c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:78:23:41:1f:5d:80:11:b2:b5:31:0c:70:93:
                    39:c9:3c:50:fc:e5:a7:94:6f:a7:d9:fb:fe:a2:6b:
                    ff:0f:9c:1d:1c:e1:da:8c:3f:15:dc:a1:88:24:3d:
                    26:19:29:39:50:cb:60:84:d6:4e:bb:c8:d9:c2:f9:
                    c3:46:71:a8:68:17:bd:09:d9:8a:23:50:80:22:51:
                    25:78:72:2e:a5:21:bc:52:c8:73:d4:c6:b1:17:7b:
                    e1:d9:93:53:da:0b:94:3c:da:01:28:7f:2f:3d:76:
                    8e:61:e1:16:49:11:c6:93:47:d6:de:0d:44:cc:d2:
                    d0:c4:03:73:4e:84:92:e1:ed:a3:8d:16:63:0a:ee:
                    ea:28:5a:b7:3f:0e:6b:95:ad:02:ea:a6:21:a4:4c:
                    43:d2:c8:06:94:ed:52:19:25:22:8c:ed:da:35:bb:
                    16:58:26:6c:dd:bf:07:93:f3:6a:2b:db:5d:ad:8d:
                    88:c2:59:ae:3f:ed:24:5a:36:01:7e:6c:50:25:08:
                    e9:33:09:19:b9:23:75:99:b9:e9:b7:d5:4e:7b:82:
                    ee:6c:ec:7e:29:9a:0b:98:1a:71:02:be:f4:75:4e:
                    fa:f0:83:6b:b7:a1:f9:97:a7:5d:58:7d:c4:a0:2b:
                    57:3a:02:28:d5:09:60:86:b1:a0:64:77:8b:43:9d:
                    9c:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:33:56:4A:1E:43:2B:C0:A1:32:46:97:96:A4:60:0F:EA:9F:9C:5F
            X509v3 Authority Key Identifier:
                keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:d7:64:4d:e1:3b:6b:d6:91:f9:1d:ae:d5:fe:ce:7b:ab:38:
         c2:26:60:74:8e:ae:3a:02:24:54:bf:2c:6c:b4:dc:d6:93:98:
         e2:94:07:69:a6:e4:9c:63:8e:7b:e6:60:72:b6:19:f9:11:4e:
         07:d9:f0:b0:60:79:fc:ac:0f:c8:93:eb:f8:ab:9b:78:79:09:
         f0:07:cb:42:17:c5:2c:b5:9f:74:61:71:5b:9a:7e:82:6f:47:
         e8:a2:7c:0b:8a:ee:7a:75:11:62:e9:0a:0f:2d:8d:26:56:b0:
         5b:63:10:91:3b:45:d5:65:64:34:82:a2:6b:76:d8:e4:a0:d7:
         98:7d:df:4e:a3:8f:bd:05:b4:84:24:f0:52:a4:f3:2b:4c:86:
         59:17:19:38:a2:4f:c6:fd:5b:13:95:94:4c:1c:55:38:3b:3c:
         10:ca:52:fa:a1:c7:ab:09:00:25:3f:7e:8c:8c:d7:11:6e:a7:
         8b:ce:b2:9c:f5:5a:41:59:62:1d:3e:76:0d:ed:82:b9:bc:ba:
         16:e0:05:bb:9b:f8:c5:84:64:ff:49:d0:52:5b:66:a3:b3:08:
         fb:9a:fa:6e:71:30:e2:17:fa:b0:d3:f6:ad:55:0b:b8:a2:28:
         86:1d:7b:36:43:90:6b:dd:d5:86:a1:54:bc:e8:a5:8b:99:1f:
         46:3e:28:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSxcHqTN7ZSyX/DXjaFB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjQwNTE3MTYwMzE2WhcNMjQwNTE4MTYwMzE2WjAzMTEwLwYDVQQD
Eyg4MTMzNTY0YTFlNDMyYmMwYTEzMjQ2OTc5NmE0NjAwZmVhOWY5YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXgjQR9dgBGytTEMcJM5yTxQ/OWn
lG+n2fv+omv/D5wdHOHajD8V3KGIJD0mGSk5UMtghNZOu8jZwvnDRnGoaBe9CdmK
I1CAIlEleHIupSG8Ushz1MaxF3vh2ZNT2guUPNoBKH8vPXaOYeEWSRHGk0fW3g1E
zNLQxANzToSS4e2jjRZjCu7qKFq3Pw5rla0C6qYhpExD0sgGlO1SGSUijO3aNbsW
WCZs3b8Hk/NqK9tdrY2IwlmuP+0kWjYBfmxQJQjpMwkZuSN1mbnpt9VOe4LubOx+
KZoLmBpxAr70dU768INrt6H5l6ddWH3EoCtXOgIo1QlghrGgZHeLQ52cfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEzVkoeQyvAoTJGl5akYA/qn5xfMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9dkTeE7
a9aR+R2u1f7Oe6s4wiZgdI6uOgIkVL8sbLTc1pOY4pQHaabknGOOe+ZgcrYZ+RFO
B9nwsGB5/KwPyJPr+KubeHkJ8AfLQhfFLLWfdGFxW5p+gm9H6KJ8C4ruenURYukK
Dy2NJlawW2MQkTtF1WVkNIKia3bY5KDXmH3fTqOPvQW0hCTwUqTzK0yGWRcZOKJP
xv1bE5WUTBxVODs8EMpS+qHHqwkAJT9+jIzXEW6ni86ynPVaQVliHT52De2Cuby6
FuAFu5v4xYRk/0nQUltmo7MI+5r6bnEw4hf6sNP2rVULuKIohh17NkOQa93VhqFU
vOili5kfRj4ofA==
-----END CERTIFICATE-----