Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          34aoDnoKPkAdkdBUYOQmuMUVWX9Z6Zhl/UYw4sD7raI=
Subject key identifier:   DA:AE:DD:FD:C3:42:57:B4:FD:A4:CB:1E:E3:85:C7:20:D3:93:35:64
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       019357D2DABEFE5EDBF878D5D21F96AB6BBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 07:00:56 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:56 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:56 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: JauJhsQaXCLoQjPDp4iNxbXRNEOgl4E+XE76pqOTxP8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:da:be:fe:5e:db:f8:78:d5:d2:1f:96:ab:6b:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Nov 23 07:00:56 2024 GMT
            Not After : Nov 24 07:00:56 2024 GMT
        Subject: CN=daaeddfdc34257b4fda4cb1ee385c720d3933564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a8:00:73:5e:a6:f0:e0:0c:52:52:c9:0a:7d:
                    23:d2:79:b3:c4:47:1b:5b:dc:ed:c3:01:65:83:54:
                    d9:1c:2e:18:ec:bb:25:10:83:d3:2b:2f:c8:3b:8a:
                    74:36:22:9b:0e:0b:ad:b4:ee:ed:f0:d0:d0:9b:14:
                    fe:7f:e0:6e:ea:10:dd:22:00:b6:e5:3c:80:28:42:
                    4b:dc:7a:77:59:45:55:6a:bb:81:0e:f8:8c:1a:48:
                    48:e8:00:cf:b5:cc:ac:f2:ca:6e:83:f1:21:2d:94:
                    f2:5d:f0:f6:31:cc:4e:b3:b4:c7:2a:1a:52:f8:cf:
                    b7:42:61:ca:dd:77:13:54:99:66:2f:0f:fa:2b:d1:
                    e1:c4:d3:37:5f:89:e5:76:c3:0b:61:e5:9e:93:a0:
                    f6:e6:b1:2b:75:7d:ba:41:50:0e:fa:7b:6e:c9:c5:
                    10:13:9f:98:ce:14:a9:1b:1e:46:8b:3a:3d:99:db:
                    3b:18:bb:ae:27:83:95:69:ce:95:cc:31:71:86:c7:
                    e9:32:39:cc:2f:b4:67:67:8a:c5:93:f8:9d:cd:87:
                    f7:7b:bb:dc:12:5c:a9:d4:03:cc:f4:ae:42:ae:38:
                    6d:b0:e0:38:c2:f2:cd:fe:7a:4c:cc:a3:3a:3a:c8:
                    50:96:db:1f:fe:89:af:af:0b:ef:de:fb:71:9c:be:
                    40:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:AE:DD:FD:C3:42:57:B4:FD:A4:CB:1E:E3:85:C7:20:D3:93:35:64
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:c5:d5:be:f7:95:66:c4:36:82:b8:96:3d:c1:2e:e5:22:18:
         16:72:0c:36:03:9b:fd:a6:99:79:a9:f7:76:08:c1:db:c0:2f:
         3c:41:41:c6:82:91:0c:4b:74:65:4c:a6:df:73:59:23:bb:57:
         93:d4:a4:77:cd:72:5c:6c:f6:46:f7:2f:11:32:ac:c6:34:bd:
         2c:49:04:c5:77:bf:5d:2f:41:13:f1:9e:2b:38:83:fd:70:34:
         fc:ef:18:31:88:7f:12:be:dc:09:1a:db:59:71:89:c3:71:aa:
         fc:23:54:52:f4:91:77:f4:a3:98:06:d1:5b:d1:60:32:3a:95:
         83:65:d5:2e:3f:0c:37:0f:03:a0:fc:1c:ca:fc:04:65:64:f0:
         2c:93:67:ed:f0:77:04:4c:61:a8:2b:5a:2a:22:a0:19:06:9a:
         0a:8e:67:4d:fe:a7:3d:64:7b:cf:aa:a6:b2:84:43:31:d8:b3:
         a1:8e:00:77:d7:e4:c0:50:06:85:b6:f8:44:26:87:1c:48:14:
         36:9d:8c:e2:62:64:87:2e:b9:f1:5e:f8:15:4b:ec:52:c2:6d:
         7a:c1:c7:3e:4e:4f:c7:ec:af:95:93:ba:0e:c0:ed:58:a6:d7:
         ed:47:6f:ec:b8:23:b5:ce:ef:2f:5b:ed:23:e8:db:04:52:63:
         c1:4f:8f:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0tq+/l7b+HjV0h+Wq2u/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjQxMTIzMDcwMDU2WhcNMjQxMTI0MDcwMDU2WjAzMTEwLwYDVQQD
EyhkYWFlZGRmZGMzNDI1N2I0ZmRhNGNiMWVlMzg1YzcyMGQzOTMzNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36gAc16m8OAMUlLJCn0j0nmzxEcb
W9ztwwFlg1TZHC4Y7LslEIPTKy/IO4p0NiKbDguttO7t8NDQmxT+f+Bu6hDdIgC2
5TyAKEJL3Hp3WUVVaruBDviMGkhI6ADPtcys8spug/EhLZTyXfD2McxOs7THKhpS
+M+3QmHK3XcTVJlmLw/6K9HhxNM3X4nldsMLYeWek6D25rErdX26QVAO+ntuycUQ
E5+YzhSpGx5Gizo9mds7GLuuJ4OVac6VzDFxhsfpMjnML7RnZ4rFk/idzYf3e7vc
Elyp1APM9K5CrjhtsOA4wvLN/npMzKM6OshQltsf/omvrwvv3vtxnL5ARwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqu3f3DQle0/aTLHuOFxyDTkzVkMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8XVvveV
ZsQ2griWPcEu5SIYFnIMNgOb/aaZean3dgjB28AvPEFBxoKRDEt0ZUym33NZI7tX
k9Skd81yXGz2RvcvETKsxjS9LEkExXe/XS9BE/GeKziD/XA0/O8YMYh/Er7cCRrb
WXGJw3Gq/CNUUvSRd/SjmAbRW9FgMjqVg2XVLj8MNw8DoPwcyvwEZWTwLJNn7fB3
BExhqCtaKiKgGQaaCo5nTf6nPWR7z6qmsoRDMdizoY4Ad9fkwFAGhbb4RCaHHEgU
Np2M4mJkhy658V74FUvsUsJtesHHPk5Px+yvlZO6DsDtWKbX7Udv7Lgjtc7vL1vt
I+jbBFJjwU+PSg==
-----END CERTIFICATE-----