Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
File:                     HGce_RKBEUKXWJ51k6fgUFTZJVs.mft (raw, json)
Hash identifier:          TBmsWATM2BV9DiXU8KuC43nf/sbP+j+j3AkX+/OU79U=
Subject key identifier:   F4:CF:94:DA:FA:23:53:D3:D8:0C:39:02:02:61:1D:51:35:87:43:B8
Authority key identifier: 1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B
Certificate issuer:       /CN=1c671efd1281114297589e7593a7e05054d9255b
Certificate serial:       019045D472C0791D3A17B24DE4CFD4251BE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
Manifest number:          0CDA
Signing time:             Sun 23 Jun 2024 16:01:09 +0000
Manifest this update:     Sun 23 Jun 2024 16:01:09 +0000
Manifest next update:     Mon 24 Jun 2024 16:01:09 +0000
Files and hashes:         1: HGce_RKBEUKXWJ51k6fgUFTZJVs.crl (hash: 4LJIDeXSjTHXL+B9MfD/Ze33Cg5s7KvgG5/RX0Xl5R4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:d4:72:c0:79:1d:3a:17:b2:4d:e4:cf:d4:25:1b:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c671efd1281114297589e7593a7e05054d9255b
        Validity
            Not Before: Jun 23 16:01:09 2024 GMT
            Not After : Jun 24 16:01:09 2024 GMT
        Subject: CN=f4cf94dafa2353d3d80c390202611d51358743b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:16:a3:c3:78:a9:9f:ca:13:a6:e0:2b:73:5d:
                    54:c4:1b:7c:6e:a6:fd:a4:7d:35:89:03:0e:bb:cf:
                    8b:17:ab:68:70:8a:07:48:f4:6f:6f:90:8f:25:2c:
                    88:99:52:a8:35:f9:35:c2:ce:36:0d:02:a8:70:78:
                    c1:3d:77:b4:9f:1b:6d:ed:52:c1:3f:ee:5a:c0:db:
                    82:ee:25:7f:66:41:f7:82:b0:2d:e8:91:9b:d2:43:
                    09:ec:58:a8:0b:9c:d6:c4:db:ba:4f:9d:3f:10:e2:
                    23:9d:37:1e:69:df:5a:cd:1c:82:c9:af:87:76:bb:
                    ca:ef:46:17:32:c3:8f:fa:5b:bc:20:34:ba:51:b4:
                    cd:38:10:25:f0:10:31:e3:65:50:2f:ab:bb:27:b4:
                    3d:b7:1c:89:f6:e6:0b:89:ad:b8:c7:61:79:4d:c0:
                    67:76:17:1b:d6:df:5e:77:7c:1d:c2:1a:c0:6b:c0:
                    33:31:0f:3c:61:2c:95:ab:da:ab:26:f5:76:59:4a:
                    da:78:e9:b3:09:5f:60:ba:7e:de:d8:e8:ce:af:49:
                    45:b8:d7:35:71:bd:59:87:18:6f:f9:bd:ae:dc:f0:
                    b9:32:56:f9:d8:c9:60:89:e3:ee:bf:cc:01:e5:7a:
                    7a:40:d0:ac:23:de:94:5f:36:71:e2:85:ab:b3:be:
                    1f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:CF:94:DA:FA:23:53:D3:D8:0C:39:02:02:61:1D:51:35:87:43:B8
            X509v3 Authority Key Identifier:
                keyid:1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:91:67:c8:22:27:37:3f:5f:2d:51:51:41:d4:ba:f5:90:53:
         74:6f:83:a5:da:16:55:27:32:4d:00:4b:1a:25:df:ea:45:a6:
         06:22:3a:27:99:8e:04:d4:26:7b:af:cc:23:6b:95:10:1e:dd:
         8b:a4:dd:2d:bc:c6:c1:19:8d:5f:8d:6f:8b:ef:e6:18:f1:18:
         56:a0:97:39:e7:de:39:bc:97:e3:56:34:d8:3e:4b:7b:1f:ac:
         68:66:65:a5:6f:7a:cf:7c:38:2c:35:24:e4:f6:cf:21:3e:f7:
         de:11:d1:0f:c7:52:ef:7c:be:7e:d8:07:99:91:6a:b6:42:aa:
         17:51:0e:23:d1:11:62:b3:f5:c3:61:21:68:5a:5c:bf:90:91:
         ce:21:de:6c:db:d2:4c:9a:03:b0:95:98:e7:b6:0f:ae:64:35:
         d9:2f:24:1d:3e:36:f5:1b:2d:30:27:20:1d:0f:f7:43:43:3d:
         86:3a:c3:91:92:3a:60:d8:ca:9a:5b:eb:82:33:ad:bc:7b:65:
         13:71:90:fc:7c:e9:65:92:c7:82:ed:1a:24:fa:ba:b3:01:a4:
         cf:7a:30:49:b8:8c:bd:e2:a2:2f:fc:d7:e3:18:2d:21:5a:0d:
         1f:4c:59:b2:33:a0:5c:60:10:e4:89:37:4c:91:5a:92:37:87:
         ee:98:49:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBF1HLAeR06F7JN5M/UJRvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjcxZWZkMTI4MTExNDI5NzU4OWU3NTkzYTdlMDUwNTRk
OTI1NWIwHhcNMjQwNjIzMTYwMTA5WhcNMjQwNjI0MTYwMTA5WjAzMTEwLwYDVQQD
EyhmNGNmOTRkYWZhMjM1M2QzZDgwYzM5MDIwMjYxMWQ1MTM1ODc0M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhajw3ipn8oTpuArc11UxBt8bqb9
pH01iQMOu8+LF6tocIoHSPRvb5CPJSyImVKoNfk1ws42DQKocHjBPXe0nxtt7VLB
P+5awNuC7iV/ZkH3grAt6JGb0kMJ7FioC5zWxNu6T50/EOIjnTcead9azRyCya+H
drvK70YXMsOP+lu8IDS6UbTNOBAl8BAx42VQL6u7J7Q9txyJ9uYLia24x2F5TcBn
dhcb1t9ed3wdwhrAa8AzMQ88YSyVq9qrJvV2WUraeOmzCV9gun7e2OjOr0lFuNc1
cb1Zhxhv+b2u3PC5Mlb52MlgiePuv8wB5Xp6QNCsI96UXzZx4oWrs74fKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTPlNr6I1PT2Aw5AgJhHVE1h0O4MB8GA1UdIwQY
MBaAFBxnHv0SgRFCl1iedZOn4FBU2SVbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEt
ZTNkMmY2NGZkZGQ0LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEtZTNkMmY2NGZkZGQ0
LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpFnyCIn
Nz9fLVFRQdS69ZBTdG+DpdoWVScyTQBLGiXf6kWmBiI6J5mOBNQme6/MI2uVEB7d
i6TdLbzGwRmNX41vi+/mGPEYVqCXOefeObyX41Y02D5Lex+saGZlpW96z3w4LDUk
5PbPIT733hHRD8dS73y+ftgHmZFqtkKqF1EOI9ERYrP1w2EhaFpcv5CRziHebNvS
TJoDsJWY57YPrmQ12S8kHT429RstMCcgHQ/3Q0M9hjrDkZI6YNjKmlvrgjOtvHtl
E3GQ/HzpZZLHgu0aJPq6swGkz3owSbiMveKiL/zX4xgtIVoNH0xZsjOgXGAQ5Ik3
TJFakjeH7phJQQ==
-----END CERTIFICATE-----