Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          jFu6Mar3wEWHu/etH0b9fE0gJZeT5KLJ5BVgPFEt0Tc=
Subject key identifier:   17:44:7E:E8:DD:DA:A2:95:79:4E:7F:F7:D1:E7:FE:76:EB:1F:95:B1
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       019356F724540AA7D01033F9F1B4A3362D66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          0310
Signing time:             Sat 23 Nov 2024 03:00:57 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:57 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:57 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: vd8Xx65vLyUE31FvGo6N6yo3pt/azvO1GkfCAY6Hj5g=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:24:54:0a:a7:d0:10:33:f9:f1:b4:a3:36:2d:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Nov 23 03:00:57 2024 GMT
            Not After : Nov 24 03:00:57 2024 GMT
        Subject: CN=17447ee8dddaa295794e7ff7d1e7fe76eb1f95b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:99:a5:a8:93:f7:d4:6c:f6:d9:9e:db:68:4f:
                    bb:c7:6d:ac:61:a8:80:87:eb:34:e3:79:97:03:f8:
                    24:3a:22:3b:2a:55:4c:5e:7c:f6:5e:84:e0:8b:b1:
                    27:15:3e:17:ef:9e:17:d7:d9:db:83:e1:b8:4e:d7:
                    94:89:00:59:6c:e0:84:81:b1:0f:e7:cd:db:63:ea:
                    02:e9:4c:75:31:0b:8f:c9:61:60:45:cc:4d:f1:98:
                    29:0a:54:39:27:79:39:08:13:76:b5:0d:8e:f2:a4:
                    05:6a:47:d8:c2:c4:c1:46:06:ee:7c:16:3d:f7:c1:
                    80:fe:34:b1:23:1d:7d:ae:a9:fa:c3:d3:72:a9:ff:
                    a5:b4:ba:a7:e6:11:ed:7f:63:86:35:22:0b:21:63:
                    2a:84:ac:5a:c6:79:8e:06:e9:15:0d:06:0f:0d:70:
                    11:d6:e9:5e:81:df:28:e0:d5:e3:2b:00:b4:9e:3a:
                    ef:22:e3:05:98:bf:2a:92:78:4c:d5:14:74:17:c4:
                    d9:a7:21:aa:2b:d9:43:31:11:85:1b:46:a9:32:32:
                    22:49:36:3d:01:99:13:73:3f:25:df:11:60:46:21:
                    90:49:61:1a:65:b8:73:c4:19:50:b6:30:43:ed:30:
                    2a:24:90:e4:0d:cd:37:74:1e:77:c4:58:56:74:ad:
                    3a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:44:7E:E8:DD:DA:A2:95:79:4E:7F:F7:D1:E7:FE:76:EB:1F:95:B1
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:82:e6:2d:b2:d3:cb:69:1c:94:bd:3d:37:27:4d:d9:f5:5a:
         09:ef:70:1a:e9:09:27:18:23:24:21:25:29:61:7a:b6:cd:26:
         14:7a:23:2e:dc:17:c6:70:df:94:23:cf:b6:ae:61:e4:d1:ae:
         0f:a2:e1:bc:43:ff:da:45:32:04:93:d2:c4:df:73:62:39:16:
         6e:50:4b:10:55:fd:09:36:6e:36:71:a1:e4:60:56:d4:72:89:
         34:b1:21:94:0b:73:e8:16:94:16:bb:59:36:d5:64:9f:a3:e4:
         84:71:00:38:1f:cc:5e:5b:1d:e0:5f:eb:e1:2f:94:e1:5c:92:
         b3:85:bd:a1:53:bf:a6:e7:68:31:a9:ef:35:b7:11:69:20:e6:
         a0:1b:72:1f:70:d6:12:4a:6c:aa:8e:38:79:0e:79:d1:a1:e3:
         6d:9c:e4:16:61:f8:a5:94:9a:ac:07:89:44:f3:e0:9c:4b:5c:
         ff:82:2b:37:bb:9d:b4:34:f9:5a:3a:3c:e5:2e:41:89:49:27:
         02:84:1d:28:18:a8:d6:08:37:33:d2:f0:04:d3:c9:19:e5:98:
         df:41:7a:9a:d0:81:44:58:3b:bb:84:ad:8e:1a:fb:31:c6:26:
         e9:cf:4f:bf:02:bf:e8:f6:21:aa:3a:51:36:ae:f1:c6:e1:45:
         ee:f8:c5:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9yRUCqfQEDP58bSjNi1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjQxMTIzMDMwMDU3WhcNMjQxMTI0MDMwMDU3WjAzMTEwLwYDVQQD
EygxNzQ0N2VlOGRkZGFhMjk1Nzk0ZTdmZjdkMWU3ZmU3NmViMWY5NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25mlqJP31Gz22Z7baE+7x22sYaiA
h+s043mXA/gkOiI7KlVMXnz2XoTgi7EnFT4X754X19nbg+G4TteUiQBZbOCEgbEP
583bY+oC6Ux1MQuPyWFgRcxN8ZgpClQ5J3k5CBN2tQ2O8qQFakfYwsTBRgbufBY9
98GA/jSxIx19rqn6w9Nyqf+ltLqn5hHtf2OGNSILIWMqhKxaxnmOBukVDQYPDXAR
1ulegd8o4NXjKwC0njrvIuMFmL8qknhM1RR0F8TZpyGqK9lDMRGFG0apMjIiSTY9
AZkTcz8l3xFgRiGQSWEaZbhzxBlQtjBD7TAqJJDkDc03dB53xFhWdK067wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdEfujd2qKVeU5/99Hn/nbrH5WxMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoLmLbLT
y2kclL09NydN2fVaCe9wGukJJxgjJCElKWF6ts0mFHojLtwXxnDflCPPtq5h5NGu
D6LhvEP/2kUyBJPSxN9zYjkWblBLEFX9CTZuNnGh5GBW1HKJNLEhlAtz6BaUFrtZ
NtVkn6PkhHEAOB/MXlsd4F/r4S+U4VySs4W9oVO/pudoManvNbcRaSDmoBtyH3DW
Ekpsqo44eQ550aHjbZzkFmH4pZSarAeJRPPgnEtc/4IrN7udtDT5Wjo85S5BiUkn
AoQdKBio1gg3M9LwBNPJGeWY30F6mtCBRFg7u4Stjhr7McYm6c9PvwK/6PYhqjpR
Nq7xxuFF7vjFdg==
-----END CERTIFICATE-----