Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          HnZdUqnIhOtGME/H+UbVBkZWpv8tZRD0ViFRXrMDgho=
Subject key identifier:   99:91:EF:74:B2:74:32:0B:F5:8D:30:3F:FD:72:AA:6B:CD:B1:DB:C2
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       0193568A241D590B08F9DF94ECB4F01658A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          09AE
Signing time:             Sat 23 Nov 2024 01:01:53 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:53 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:53 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: wGq1avEX1VvTiJc23ybpDeRR7S/uKfWCG44v5yVcUy4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:24:1d:59:0b:08:f9:df:94:ec:b4:f0:16:58:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: Nov 23 01:01:53 2024 GMT
            Not After : Nov 24 01:01:53 2024 GMT
        Subject: CN=9991ef74b274320bf58d303ffd72aa6bcdb1dbc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d9:05:d6:5a:b1:61:4b:b9:95:4f:c7:67:20:
                    82:a8:91:80:f9:9b:4c:75:e2:9e:b7:09:02:c4:19:
                    aa:79:4e:da:24:4a:8e:3d:ce:8f:95:e4:38:1d:22:
                    6b:88:5a:29:84:6d:5e:ea:ea:0e:7c:4d:54:58:54:
                    22:79:86:d4:ae:54:00:f7:67:21:f8:48:b8:1e:76:
                    18:70:bf:2c:18:8e:b0:83:5a:ec:36:0a:f0:e6:e3:
                    10:10:20:7f:29:52:b6:e5:a4:ee:8b:94:6c:a3:a8:
                    86:34:e6:0d:90:f7:c5:62:f9:b9:78:18:6f:fa:b5:
                    61:86:c4:f9:ba:78:a5:0c:57:6d:81:01:f4:15:cc:
                    78:fd:1b:0a:fc:be:75:dd:f6:0f:94:1a:c4:68:cc:
                    9d:16:d2:74:00:b4:93:c3:4a:d6:b7:fb:44:cf:8f:
                    b1:27:0a:11:7d:a7:8f:56:65:1e:46:8b:39:2d:a6:
                    7c:c5:c2:3e:77:48:db:b3:e3:ff:30:d7:6d:3d:c9:
                    33:bf:e9:e2:f1:e6:2c:5a:72:42:b6:b0:be:64:5c:
                    64:ca:0a:04:e5:41:20:0c:68:56:60:cc:45:05:59:
                    6f:2c:0f:e3:55:b4:fa:fe:d4:c3:5d:19:09:ed:a8:
                    a0:83:b9:47:25:32:00:f3:9f:a4:46:18:20:42:d0:
                    fa:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:91:EF:74:B2:74:32:0B:F5:8D:30:3F:FD:72:AA:6B:CD:B1:DB:C2
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:f5:03:1c:a5:79:37:11:ec:18:c0:35:35:c2:a5:93:8d:1f:
         cf:f8:75:fc:e5:34:a5:ea:7a:95:1c:79:ed:fb:99:1b:d5:85:
         bc:d7:ee:6b:c9:1e:06:a4:d9:dc:05:fb:6d:7e:de:f8:45:42:
         df:8a:fa:fc:9c:d0:25:09:11:0d:79:50:3b:d2:16:8a:1b:f8:
         da:38:bc:e8:fe:fd:e6:3e:52:11:de:14:f5:f5:3d:6e:7f:92:
         2a:40:82:b4:e7:89:4b:54:e0:5f:50:cb:3a:16:8e:10:86:17:
         a4:7b:73:af:29:77:df:c4:05:00:81:74:61:a5:0c:89:63:64:
         88:1c:99:84:cd:45:46:76:d6:b6:ea:52:3d:3f:71:b5:3c:38:
         30:51:74:8c:c5:68:55:00:57:2c:23:50:79:37:d8:c0:f2:e0:
         df:9b:ba:10:37:69:0f:55:c4:be:af:49:59:02:4d:24:ef:3f:
         57:9a:d1:8f:88:56:0d:a7:8d:69:f8:8a:2d:cf:d7:86:45:dc:
         50:85:4f:bc:d1:90:13:06:97:03:fc:c1:d9:1b:40:8b:b5:d6:
         b5:82:b2:98:ea:f2:a6:81:91:c3:e0:d3:03:1d:8d:3a:f7:b5:
         c5:b5:79:81:45:1f:5a:6a:b7:68:75:ee:36:67:a6:a5:02:da:
         62:9f:76:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiiQdWQsI+d+U7LTwFlimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjQxMTIzMDEwMTUzWhcNMjQxMTI0MDEwMTUzWjAzMTEwLwYDVQQD
Eyg5OTkxZWY3NGIyNzQzMjBiZjU4ZDMwM2ZmZDcyYWE2YmNkYjFkYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldkF1lqxYUu5lU/HZyCCqJGA+ZtM
deKetwkCxBmqeU7aJEqOPc6PleQ4HSJriFophG1e6uoOfE1UWFQieYbUrlQA92ch
+Ei4HnYYcL8sGI6wg1rsNgrw5uMQECB/KVK25aTui5Rso6iGNOYNkPfFYvm5eBhv
+rVhhsT5unilDFdtgQH0Fcx4/RsK/L513fYPlBrEaMydFtJ0ALSTw0rWt/tEz4+x
JwoRfaePVmUeRos5LaZ8xcI+d0jbs+P/MNdtPckzv+ni8eYsWnJCtrC+ZFxkygoE
5UEgDGhWYMxFBVlvLA/jVbT6/tTDXRkJ7aigg7lHJTIA85+kRhggQtD6QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmR73SydDIL9Y0wP/1yqmvNsdvCMB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWPUDHKV5
NxHsGMA1NcKlk40fz/h1/OU0pep6lRx57fuZG9WFvNfua8keBqTZ3AX7bX7e+EVC
34r6/JzQJQkRDXlQO9IWihv42ji86P795j5SEd4U9fU9bn+SKkCCtOeJS1TgX1DL
OhaOEIYXpHtzryl338QFAIF0YaUMiWNkiByZhM1FRnbWtupSPT9xtTw4MFF0jMVo
VQBXLCNQeTfYwPLg35u6EDdpD1XEvq9JWQJNJO8/V5rRj4hWDaeNafiKLc/XhkXc
UIVPvNGQEwaXA/zB2RtAi7XWtYKymOrypoGRw+DTAx2NOve1xbV5gUUfWmq3aHXu
NmempQLaYp924A==
-----END CERTIFICATE-----