Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          e6dNZd9biAZiGLMCdkehpBr30WFSww6EHzN7bOauhZU=
Subject key identifier:   B9:42:31:C5:B4:F7:4D:83:8D:10:13:9B:3B:F5:0F:6C:53:08:F9:48
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       0191FA7E2825D518E27051F2FB96A75E36EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          0156
Signing time:             Mon 16 Sep 2024 11:00:57 +0000
Manifest this update:     Mon 16 Sep 2024 11:00:57 +0000
Manifest next update:     Tue 17 Sep 2024 11:00:57 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: RBfSWc9HNaShgcrSn5Espxif2xPUdnwAY8dvsAQVxCA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 11:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:7e:28:25:d5:18:e2:70:51:f2:fb:96:a7:5e:36:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Sep 16 11:00:57 2024 GMT
            Not After : Sep 17 11:00:57 2024 GMT
        Subject: CN=b94231c5b4f74d838d10139b3bf50f6c5308f948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ff:fb:a7:dc:db:68:91:76:04:0d:0c:d8:21:
                    3f:0b:c9:ad:7d:22:18:44:f2:fd:f8:87:77:05:f6:
                    ac:86:3f:a8:4c:48:b5:21:01:70:9d:47:89:64:ee:
                    e9:9c:35:35:67:03:dc:68:2f:54:f1:5c:bc:18:23:
                    06:b1:ea:9b:4c:e6:3a:87:34:5b:e9:c0:40:98:bf:
                    80:59:df:81:5a:3c:d8:01:95:56:77:9a:f9:91:b9:
                    05:64:3e:eb:d9:21:f3:29:b5:c1:6a:0a:28:2e:b0:
                    2d:7f:fb:12:10:5e:25:ba:db:91:5c:85:ff:e4:2d:
                    a6:6e:77:4e:eb:2d:76:9b:da:ba:5e:2d:6b:df:a4:
                    59:15:0e:97:d5:d0:64:5b:cb:c6:78:89:78:1c:18:
                    7b:d4:ad:8b:fa:3b:10:c3:a9:30:36:48:45:0a:79:
                    c8:c7:cc:6c:90:27:46:d1:99:af:de:0a:05:b0:e0:
                    98:4a:16:d1:fe:23:bc:9f:4c:02:50:05:86:19:d3:
                    33:5f:75:63:cd:23:31:35:5a:9e:80:9b:0f:ef:f9:
                    04:60:02:7a:45:5c:6e:07:5a:a8:bb:62:aa:16:ec:
                    16:c9:0e:46:78:79:8d:78:87:53:77:32:14:10:1f:
                    cc:ff:f5:67:14:3a:b5:d9:8f:d9:7b:d7:d6:f5:a9:
                    3a:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:42:31:C5:B4:F7:4D:83:8D:10:13:9B:3B:F5:0F:6C:53:08:F9:48
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d8:72:d0:f2:bb:02:73:14:d8:f4:f3:58:7e:37:7e:f3:60:
         76:a0:31:75:e0:59:0c:43:49:79:f8:5a:5a:27:89:21:d9:69:
         7c:ba:f7:2f:35:eb:e7:17:53:c7:21:4c:b2:14:cc:a0:1f:88:
         74:65:cc:5d:7a:f5:d1:88:57:62:76:b3:6e:a5:c2:cd:ec:25:
         c2:bf:21:4c:b1:e0:32:c5:ab:c1:03:e9:7f:7f:73:8b:92:22:
         a1:6f:f0:7d:0a:20:98:8a:5c:70:bd:ba:c5:a5:80:1d:e2:35:
         2f:75:1e:c2:f0:d1:d5:46:ae:02:a4:51:99:45:b2:26:25:d2:
         b8:b4:7c:00:33:17:15:f0:ff:1a:83:ea:47:05:35:0a:30:ed:
         69:27:6a:fd:f7:44:f1:06:5c:e7:95:50:a9:30:86:80:b1:b9:
         56:37:6c:d8:31:8b:cb:22:61:cf:ee:3c:b4:ec:fe:9d:43:10:
         4b:33:69:e2:53:c1:0b:ff:6e:96:23:c6:f5:51:3f:df:aa:37:
         b9:bc:c3:ea:cb:9a:d0:31:6c:b5:78:0d:a2:50:b9:0d:a8:9b:
         1f:12:23:28:43:4f:65:ca:c5:e3:8e:57:56:1e:a1:96:8a:b7:
         8e:4f:ba:3d:aa:2b:bc:9b:9b:1f:8a:61:0f:cc:a2:09:88:8f:
         21:a1:4a:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6figl1RjicFHy+5anXjbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjQwOTE2MTEwMDU3WhcNMjQwOTE3MTEwMDU3WjAzMTEwLwYDVQQD
EyhiOTQyMzFjNWI0Zjc0ZDgzOGQxMDEzOWIzYmY1MGY2YzUzMDhmOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf/7p9zbaJF2BA0M2CE/C8mtfSIY
RPL9+Id3Bfashj+oTEi1IQFwnUeJZO7pnDU1ZwPcaC9U8Vy8GCMGseqbTOY6hzRb
6cBAmL+AWd+BWjzYAZVWd5r5kbkFZD7r2SHzKbXBagooLrAtf/sSEF4lutuRXIX/
5C2mbndO6y12m9q6Xi1r36RZFQ6X1dBkW8vGeIl4HBh71K2L+jsQw6kwNkhFCnnI
x8xskCdG0Zmv3goFsOCYShbR/iO8n0wCUAWGGdMzX3VjzSMxNVqegJsP7/kEYAJ6
RVxuB1qou2KqFuwWyQ5GeHmNeIdTdzIUEB/M//VnFDq12Y/Ze9fW9ak6twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlCMcW0902DjRATmzv1D2xTCPlIMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdhy0PK7
AnMU2PTzWH43fvNgdqAxdeBZDENJefhaWieJIdlpfLr3LzXr5xdTxyFMshTMoB+I
dGXMXXr10YhXYnazbqXCzewlwr8hTLHgMsWrwQPpf39zi5IioW/wfQogmIpccL26
xaWAHeI1L3UewvDR1UauAqRRmUWyJiXSuLR8ADMXFfD/GoPqRwU1CjDtaSdq/fdE
8QZc55VQqTCGgLG5Vjds2DGLyyJhz+48tOz+nUMQSzNp4lPBC/9uliPG9VE/36o3
ubzD6sua0DFstXgNolC5DaibHxIjKENPZcrF445XVh6hloq3jk+6PaorvJubH4ph
D8yiCYiPIaFKNA==
-----END CERTIFICATE-----