Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          aYS6cMolZozbMpWPqjJlc/hL0LmIlYw40csqAuYYkwY=
Subject key identifier:   7A:E8:74:E3:E7:22:88:4E:2A:6C:28:56:ED:85:95:3D:1D:4C:D2:F6
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       01901E58B0659CD755359CB52CDEDE37AB83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          0DDD
Signing time:             Sun 16 Jun 2024 00:00:47 +0000
Manifest this update:     Sun 16 Jun 2024 00:00:47 +0000
Manifest next update:     Mon 17 Jun 2024 00:00:47 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: zYGj4+16nIvz844E6YXxv8R8dA0hbzUK0mAyZPutxak=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:58:b0:65:9c:d7:55:35:9c:b5:2c:de:de:37:ab:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Jun 16 00:00:47 2024 GMT
            Not After : Jun 17 00:00:47 2024 GMT
        Subject: CN=7ae874e3e722884e2a6c2856ed85953d1d4cd2f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d4:31:ab:9c:19:6e:6d:84:e6:de:a6:e5:1c:
                    4f:b0:48:57:f0:bd:98:7c:fa:7f:60:ce:f9:39:90:
                    e9:31:7e:a6:29:29:33:9d:0b:e2:12:4c:c4:f6:e0:
                    13:8b:e4:8a:26:3c:c3:ec:92:1c:c9:b6:86:b8:0e:
                    40:48:4a:61:81:a7:e6:63:70:53:6e:e6:58:64:d5:
                    a3:2b:76:48:d0:6d:3d:15:fa:3b:50:f4:36:91:56:
                    0c:31:a8:b7:b6:e5:dc:71:bb:14:9e:07:cc:d8:fc:
                    b7:ef:18:13:fc:56:ca:6b:63:51:00:58:b6:cf:ca:
                    27:7f:3b:9b:83:3f:a9:e2:ac:20:a1:9e:48:b6:43:
                    5e:26:15:10:04:7e:b2:d0:1f:da:84:ee:76:29:4f:
                    8d:e8:38:5c:d1:f7:52:7a:78:08:dc:0d:b4:47:5a:
                    ed:1e:e8:fb:04:3f:bf:a8:46:a8:a4:c9:ce:89:97:
                    a4:84:fd:0d:af:65:cb:67:1a:96:97:0e:5d:94:01:
                    18:c4:7d:0f:15:43:78:ca:90:52:1f:68:89:0b:bb:
                    09:bc:fc:10:f9:34:02:1c:7b:2a:78:23:b9:6c:70:
                    50:6e:db:67:7f:7f:81:a8:da:c0:67:c6:7b:be:35:
                    eb:ae:ec:5a:97:6e:0c:a1:3a:f1:29:b3:b9:a1:e1:
                    5c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E8:74:E3:E7:22:88:4E:2A:6C:28:56:ED:85:95:3D:1D:4C:D2:F6
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:34:a7:50:75:57:a1:05:27:5e:26:49:b3:1c:67:9a:87:9a:
         ae:cc:53:7a:9b:92:88:6e:6c:f7:af:38:80:b1:f1:75:d1:bf:
         b2:89:c6:e0:a7:9c:d5:4e:db:89:a4:3d:5d:dc:83:c7:2c:55:
         ae:d6:ed:b9:66:f2:dd:c7:61:ca:2d:f5:88:44:2f:f0:8a:9c:
         ea:1f:b6:84:e2:8a:3e:f5:95:84:8f:d4:f5:1d:12:35:76:b3:
         ad:40:84:4e:0e:62:c0:97:61:07:9a:b2:a2:55:8a:5d:f9:b2:
         0f:be:d2:68:e1:82:b9:87:37:6a:1d:2f:58:60:9e:fe:9e:ec:
         16:94:89:91:e3:e3:8b:3e:84:2c:78:fe:87:50:41:ce:d4:6d:
         8f:9f:2e:de:61:a5:54:95:24:72:02:97:1a:5e:84:bb:68:84:
         e8:28:a3:18:6e:04:55:72:84:33:a9:fe:7a:b0:61:ac:88:a1:
         f0:23:aa:94:d6:73:7d:01:8b:1d:c6:e9:b6:3e:3a:a7:8f:90:
         19:92:db:30:d7:22:5e:88:d6:a8:8a:79:1e:78:b1:a7:00:8e:
         07:40:a7:ae:18:4f:ab:44:c0:0d:bb:1b:a2:3c:91:48:74:a7:
         10:cd:3f:fd:c5:7a:62:95:64:f2:9f:48:5a:54:49:66:cf:86:
         3f:f8:e5:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAeWLBlnNdVNZy1LN7eN6uDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjQwNjE2MDAwMDQ3WhcNMjQwNjE3MDAwMDQ3WjAzMTEwLwYDVQQD
Eyg3YWU4NzRlM2U3MjI4ODRlMmE2YzI4NTZlZDg1OTUzZDFkNGNkMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdQxq5wZbm2E5t6m5RxPsEhX8L2Y
fPp/YM75OZDpMX6mKSkznQviEkzE9uATi+SKJjzD7JIcybaGuA5ASEphgafmY3BT
buZYZNWjK3ZI0G09Ffo7UPQ2kVYMMai3tuXccbsUngfM2Py37xgT/FbKa2NRAFi2
z8onfzubgz+p4qwgoZ5ItkNeJhUQBH6y0B/ahO52KU+N6Dhc0fdSengI3A20R1rt
Huj7BD+/qEaopMnOiZekhP0Nr2XLZxqWlw5dlAEYxH0PFUN4ypBSH2iJC7sJvPwQ
+TQCHHsqeCO5bHBQbttnf3+BqNrAZ8Z7vjXrruxal24MoTrxKbO5oeFcAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrodOPnIohOKmwoVu2FlT0dTNL2MB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANjSnUHVX
oQUnXiZJsxxnmoearsxTepuSiG5s9684gLHxddG/sonG4Kec1U7biaQ9XdyDxyxV
rtbtuWby3cdhyi31iEQv8Iqc6h+2hOKKPvWVhI/U9R0SNXazrUCETg5iwJdhB5qy
olWKXfmyD77SaOGCuYc3ah0vWGCe/p7sFpSJkePjiz6ELHj+h1BBztRtj58u3mGl
VJUkcgKXGl6Eu2iE6CijGG4EVXKEM6n+erBhrIih8COqlNZzfQGLHcbptj46p4+Q
GZLbMNciXojWqIp5HnixpwCOB0CnrhhPq0TADbsbojyRSHSnEM0//cV6YpVk8p9I
WlRJZs+GP/jlXQ==
-----END CERTIFICATE-----