Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          U5UyapJO5rc0ikhazgm5i+O51hiuUcqJqeLFRNzXE+0=
Subject key identifier:   3F:56:2F:6E:2C:1A:39:0A:94:32:BD:15:EE:E8:6E:CA:6B:D4:87:E8
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       01923625D4E6EF9DD331E971ABFC35C35546
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          12D7
Signing time:             Sat 28 Sep 2024 01:01:41 +0000
Manifest this update:     Sat 28 Sep 2024 01:01:41 +0000
Manifest next update:     Sun 29 Sep 2024 01:01:41 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: 7Kh4cd6G6dnQqWF5ywuzv5cDAbw3v0/UEMwd4lIdlKs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 01:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:36:25:d4:e6:ef:9d:d3:31:e9:71:ab:fc:35:c3:55:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Sep 28 01:01:41 2024 GMT
            Not After : Sep 29 01:01:41 2024 GMT
        Subject: CN=3f562f6e2c1a390a9432bd15eee86eca6bd487e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:70:56:44:66:4b:20:3c:53:ed:b3:2f:b3:68:
                    fd:08:c0:1c:01:fc:e3:df:69:2b:aa:10:46:96:2c:
                    a3:af:7d:96:75:22:60:97:17:a5:52:e4:a8:8d:ae:
                    b7:70:92:c6:3b:24:cd:d9:a6:46:17:ef:3c:07:24:
                    c1:9a:cf:19:30:de:ca:c0:09:8b:7e:a8:83:4f:5c:
                    be:8f:24:2d:e4:12:f9:e9:4e:4d:7e:a2:28:89:ef:
                    90:bc:89:11:65:57:e7:83:e4:1b:e5:40:27:19:d0:
                    ff:81:6f:4a:8a:91:6e:ee:33:a2:28:cf:9f:12:a0:
                    2e:7c:06:17:cf:f5:4a:64:76:54:8a:03:de:94:72:
                    93:71:b9:dd:0b:49:cd:2c:4c:10:84:43:a7:9d:46:
                    20:fa:36:5e:8f:31:89:e5:b6:c9:a6:0c:60:d4:a8:
                    2a:ec:88:9f:1a:6c:45:4f:00:6f:fd:2f:8b:65:d2:
                    e4:52:99:5c:24:8a:03:e3:54:34:42:0d:f5:5e:36:
                    4f:e0:2b:4e:0b:e5:c7:53:9f:42:8c:e9:da:5c:b8:
                    c4:a7:32:ff:6e:88:bc:64:8f:96:0c:93:93:d6:34:
                    d1:b4:d1:14:b1:3c:b9:4e:08:9c:37:4c:68:6f:29:
                    0c:b3:3c:b2:ec:94:bc:48:57:58:3e:5b:8f:25:af:
                    2c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:56:2F:6E:2C:1A:39:0A:94:32:BD:15:EE:E8:6E:CA:6B:D4:87:E8
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:a6:bf:73:d6:39:43:d9:28:54:55:2f:d7:2d:8b:7c:51:be:
         0e:9f:4a:c0:89:a3:79:f1:1a:de:14:85:ee:8e:25:ed:e3:95:
         a3:5a:6c:d7:2a:e4:e5:8c:8c:b0:48:27:6e:98:47:3b:0b:22:
         ea:58:34:6e:5a:d1:f8:4c:ee:22:f1:7f:17:33:ce:a2:ce:b8:
         75:df:5c:44:e1:a8:8d:7e:19:8c:d7:f2:95:59:f6:cb:17:cd:
         46:61:fd:70:44:31:52:9b:f3:51:51:d8:7e:d3:9b:59:76:b5:
         38:1c:db:23:86:a1:f3:91:d2:03:52:dc:90:82:37:69:1d:7a:
         7d:d9:76:38:a2:dc:a7:6f:d5:00:c8:c6:73:07:de:8e:bd:13:
         8a:d1:a7:a4:71:6e:76:a1:47:da:52:7c:ea:df:be:7b:bc:40:
         74:99:84:86:ca:88:bf:3b:e0:70:59:b8:f2:37:cd:19:0d:46:
         83:fd:40:6b:60:41:4f:b4:c1:94:b6:e0:2d:9b:82:d1:96:68:
         f3:9d:1b:ed:34:1f:db:29:7f:12:3b:50:83:8b:da:55:f1:25:
         65:66:6c:1d:aa:ce:a8:a3:07:60:0a:f0:c6:48:c6:df:81:53:
         f4:56:89:71:23:64:dc:30:70:6f:f8:de:c6:b4:83:c8:37:ec:
         c7:d2:9a:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI2JdTm753TMelxq/w1w1VGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjQwOTI4MDEwMTQxWhcNMjQwOTI5MDEwMTQxWjAzMTEwLwYDVQQD
EygzZjU2MmY2ZTJjMWEzOTBhOTQzMmJkMTVlZWU4NmVjYTZiZDQ4N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93BWRGZLIDxT7bMvs2j9CMAcAfzj
32krqhBGliyjr32WdSJglxelUuSoja63cJLGOyTN2aZGF+88ByTBms8ZMN7KwAmL
fqiDT1y+jyQt5BL56U5NfqIoie+QvIkRZVfng+Qb5UAnGdD/gW9KipFu7jOiKM+f
EqAufAYXz/VKZHZUigPelHKTcbndC0nNLEwQhEOnnUYg+jZejzGJ5bbJpgxg1Kgq
7IifGmxFTwBv/S+LZdLkUplcJIoD41Q0Qg31XjZP4CtOC+XHU59CjOnaXLjEpzL/
boi8ZI+WDJOT1jTRtNEUsTy5TgicN0xobykMszyy7JS8SFdYPluPJa8sYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9WL24sGjkKlDK9Fe7obspr1IfoMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6a/c9Y5
Q9koVFUv1y2LfFG+Dp9KwImjefEa3hSF7o4l7eOVo1ps1yrk5YyMsEgnbphHOwsi
6lg0blrR+EzuIvF/FzPOos64dd9cROGojX4ZjNfylVn2yxfNRmH9cEQxUpvzUVHY
ftObWXa1OBzbI4ah85HSA1LckII3aR16fdl2OKLcp2/VAMjGcwfejr0TitGnpHFu
dqFH2lJ86t++e7xAdJmEhsqIvzvgcFm48jfNGQ1Gg/1Aa2BBT7TBlLbgLZuC0ZZo
850b7TQf2yl/EjtQg4vaVfElZWZsHarOqKMHYArwxkjG34FT9FaJcSNk3DBwb/je
xrSDyDfsx9Karg==
-----END CERTIFICATE-----