Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
File:                     5XB6RVkqydFxmoV2lgMXeCm0bgo.mft (raw, json)
Hash identifier:          FII+BOcIfvVu9a1NicJ9bTIQlvSdB0aiDl2lWXqCdNQ=
Subject key identifier:   F3:66:1A:F3:13:1B:2E:18:85:1B:DA:9E:14:FA:F8:F1:82:6A:CF:BA
Authority key identifier: E5:70:7A:45:59:2A:C9:D1:71:9A:85:76:96:03:17:78:29:B4:6E:0A
Certificate issuer:       /CN=e5707a45592ac9d1719a85769603177829b46e0a
Certificate serial:       01935AD3BEC11C3578AAB73D48E282539AF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
Manifest number:          0971
Signing time:             Sat 23 Nov 2024 21:00:46 +0000
Manifest this update:     Sat 23 Nov 2024 21:00:46 +0000
Manifest next update:     Sun 24 Nov 2024 21:00:46 +0000
Files and hashes:         1: 5XB6RVkqydFxmoV2lgMXeCm0bgo.crl (hash: N4tga7tuQDATCxoxafWLu+5MtnMb3kJNquiCqkIqjlA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:5a:d3:be:c1:1c:35:78:aa:b7:3d:48:e2:82:53:9a:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5707a45592ac9d1719a85769603177829b46e0a
        Validity
            Not Before: Nov 23 21:00:46 2024 GMT
            Not After : Nov 24 21:00:46 2024 GMT
        Subject: CN=f3661af3131b2e18851bda9e14faf8f1826acfba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:2f:8c:f6:ba:53:3f:a8:0a:dc:0c:0c:0d:1d:
                    5e:09:27:7a:84:13:81:e7:79:ad:c0:ba:8f:dd:bf:
                    c7:f2:f3:28:c5:a6:01:02:89:b9:57:d2:74:8e:9d:
                    17:98:43:b4:76:42:d4:06:99:b3:58:23:cd:9f:c3:
                    77:7b:73:c5:b2:c2:ae:5e:e3:3b:7c:94:5a:f4:14:
                    7b:5b:f5:d0:a9:cb:17:14:6f:ad:ed:b8:5b:17:05:
                    a3:f2:fa:8f:90:9e:cf:33:f5:d7:59:f6:fd:e3:f0:
                    1d:36:0e:48:80:3a:a9:e0:c9:d4:2b:12:b0:94:7d:
                    17:f5:90:3c:cf:1f:8a:7f:63:77:18:ae:43:50:7e:
                    50:dd:c6:22:77:20:9e:9e:c0:4a:ef:38:ab:b6:2a:
                    21:d8:e7:03:df:00:c4:83:88:ed:9e:a5:e1:e1:f5:
                    93:c1:14:d9:b0:ef:98:ea:e6:ee:11:84:3e:78:9b:
                    e0:52:b6:65:e0:2a:c4:ad:0c:5b:a5:2e:2d:de:1c:
                    ae:88:fd:fe:29:c7:a0:90:8c:4b:05:c5:68:31:af:
                    8e:34:78:8a:3d:51:8d:95:4e:88:85:db:0a:b7:a8:
                    60:5b:4e:dc:75:5d:72:aa:db:f9:b1:c9:ea:07:9d:
                    1d:3e:44:0a:c6:56:34:9e:cf:79:5d:b8:1d:d2:8b:
                    33:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:66:1A:F3:13:1B:2E:18:85:1B:DA:9E:14:FA:F8:F1:82:6A:CF:BA
            X509v3 Authority Key Identifier:
                keyid:E5:70:7A:45:59:2A:C9:D1:71:9A:85:76:96:03:17:78:29:B4:6E:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5XB6RVkqydFxmoV2lgMXeCm0bgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1446aa-6e41-45c0-b09a-32c3658b25be/1/5XB6RVkqydFxmoV2lgMXeCm0bgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:eb:c2:f5:81:ba:d4:38:91:01:c4:2c:08:a6:4f:4e:3a:8c:
         b3:8d:db:4c:02:18:5f:65:91:3b:9f:53:46:86:a2:59:c1:5f:
         42:07:b9:3e:43:1b:78:28:27:46:c4:98:8d:72:9e:72:65:39:
         7f:c7:0f:29:4b:ba:60:fc:5d:24:83:4f:39:55:c0:77:53:88:
         c9:b5:fb:c5:47:14:83:80:eb:2e:47:cb:86:45:cb:14:95:39:
         75:8a:d8:81:4e:0d:40:08:19:cc:e0:48:a8:00:ff:14:a2:6b:
         74:94:09:76:cb:89:c5:d7:18:6c:69:6e:7b:b2:cb:e7:85:98:
         31:0c:29:10:71:86:23:ae:65:75:c8:04:89:e3:f4:e8:a9:24:
         cd:c0:f9:23:1b:ea:e6:b7:45:2e:99:e7:96:06:66:27:53:15:
         07:ad:b6:aa:a5:8e:db:39:f3:52:f7:db:40:65:bd:12:23:78:
         6d:be:52:60:5f:25:a4:e4:c9:93:07:99:b6:e1:07:2d:d1:a1:
         18:81:1a:c8:19:af:77:5d:af:a1:f7:22:a9:be:d5:4e:dd:a5:
         d9:88:20:7b:1b:0a:1b:0d:96:3d:12:76:86:89:1d:18:a1:35:
         20:c2:88:3f:12:f5:c9:31:c8:70:16:99:a4:ca:b6:80:85:49:
         c0:39:8f:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNa077BHDV4qrc9SOKCU5r1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NzA3YTQ1NTkyYWM5ZDE3MTlhODU3Njk2MDMxNzc4Mjli
NDZlMGEwHhcNMjQxMTIzMjEwMDQ2WhcNMjQxMTI0MjEwMDQ2WjAzMTEwLwYDVQQD
EyhmMzY2MWFmMzEzMWIyZTE4ODUxYmRhOWUxNGZhZjhmMTgyNmFjZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS+M9rpTP6gK3AwMDR1eCSd6hBOB
53mtwLqP3b/H8vMoxaYBAom5V9J0jp0XmEO0dkLUBpmzWCPNn8N3e3PFssKuXuM7
fJRa9BR7W/XQqcsXFG+t7bhbFwWj8vqPkJ7PM/XXWfb94/AdNg5IgDqp4MnUKxKw
lH0X9ZA8zx+Kf2N3GK5DUH5Q3cYidyCensBK7zirtioh2OcD3wDEg4jtnqXh4fWT
wRTZsO+Y6ubuEYQ+eJvgUrZl4CrErQxbpS4t3hyuiP3+KcegkIxLBcVoMa+ONHiK
PVGNlU6IhdsKt6hgW07cdV1yqtv5scnqB50dPkQKxlY0ns95Xbgd0oszwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNmGvMTGy4YhRvanhT6+PGCas+6MB8GA1UdIwQY
MBaAFOVwekVZKsnRcZqFdpYDF3gptG4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNDQ2YWEtNmU0MS00NWMwLWIwOWEt
MzJjMzY1OGIyNWJlLzEvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNDQ2YWEtNmU0MS00NWMwLWIwOWEtMzJjMzY1OGIyNWJl
LzEvNVhCNlJWa3F5ZEZ4bW9WMmxnTVhlQ20wYmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+vC9YG6
1DiRAcQsCKZPTjqMs43bTAIYX2WRO59TRoaiWcFfQge5PkMbeCgnRsSYjXKecmU5
f8cPKUu6YPxdJINPOVXAd1OIybX7xUcUg4DrLkfLhkXLFJU5dYrYgU4NQAgZzOBI
qAD/FKJrdJQJdsuJxdcYbGlue7LL54WYMQwpEHGGI65ldcgEieP06KkkzcD5Ixvq
5rdFLpnnlgZmJ1MVB622qqWO2znzUvfbQGW9EiN4bb5SYF8lpOTJkweZtuEHLdGh
GIEayBmvd12vofciqb7VTt2l2YggexsKGw2WPRJ2hokdGKE1IMKIPxL1yTHIcBaZ
pMq2gIVJwDmPqw==
-----END CERTIFICATE-----