Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          vqJ1muRhfU9e/MRyxPmhrV9Aiu00XNBeBel5jjhCthU=
Subject key identifier:   A4:5F:8F:3A:8B:37:48:9F:1E:2C:AE:51:81:46:13:C8:78:97:26:2F
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       01935688FFE4DD5105ECCFEA12A1DEA90A55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          05C1
Signing time:             Sat 23 Nov 2024 01:00:39 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:39 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:39 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: nSs6vIYcry4X/mFRacDHMG+Gwp1tl/vP4VUl1szpKB0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:ff:e4:dd:51:05:ec:cf:ea:12:a1:de:a9:0a:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Nov 23 01:00:39 2024 GMT
            Not After : Nov 24 01:00:39 2024 GMT
        Subject: CN=a45f8f3a8b37489f1e2cae51814613c87897262f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cc:b1:40:a7:ab:49:e7:b6:21:fc:51:65:c6:
                    f3:2f:08:11:46:86:a7:c3:69:bb:05:bf:bc:91:6c:
                    5c:f4:03:34:34:df:fc:aa:55:a0:82:18:ca:2e:b8:
                    d2:83:83:f6:fe:68:53:d6:38:84:7d:07:0b:4b:81:
                    29:39:c6:77:e3:50:7f:81:1c:ce:09:bd:ca:b2:0b:
                    f8:a1:2b:33:56:e1:67:07:31:4a:35:00:83:c9:59:
                    80:ab:2d:3e:f6:85:74:04:ab:47:bd:5a:98:57:a8:
                    3e:fc:91:c1:fd:14:4a:46:8a:a6:2e:df:95:2a:52:
                    1f:ee:2d:41:c5:c2:74:6c:b1:9e:87:5a:8a:5e:20:
                    22:e7:e4:6d:7c:a5:c9:98:d0:75:55:6a:a6:b0:cc:
                    16:e6:b6:02:26:0b:3b:8a:fb:31:a2:75:92:24:06:
                    4d:eb:70:66:66:75:29:80:ab:30:ae:b5:2e:21:e1:
                    23:05:9e:15:f7:b6:51:cf:35:ff:7a:99:ce:55:8f:
                    ec:28:b6:5f:86:d7:f0:e2:b9:c0:9e:d8:9c:f4:2e:
                    48:66:f5:a3:6f:0f:3d:3a:d0:71:63:12:4c:3f:b2:
                    e2:36:54:40:e1:9e:d6:c2:5c:25:1a:fb:9a:d0:95:
                    c6:c6:5c:49:08:1d:46:13:38:a7:ae:66:bb:51:2d:
                    09:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:5F:8F:3A:8B:37:48:9F:1E:2C:AE:51:81:46:13:C8:78:97:26:2F
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:fd:e7:5d:aa:b2:fe:66:cd:0d:53:c7:1c:8c:5e:df:3c:52:
         20:26:34:fb:90:12:9a:74:8b:1d:b5:16:e9:fb:db:e6:9a:eb:
         54:f0:4f:ba:00:e6:e4:13:0d:b4:40:d5:fb:3d:bd:19:c3:6a:
         7b:97:58:06:15:1c:5e:c9:79:76:79:fb:88:16:d3:f4:44:19:
         89:7f:9e:2b:75:d8:e3:bf:d5:42:51:f9:b7:bf:c7:1c:df:fa:
         ca:a7:24:ca:fc:e4:3d:65:04:3f:1b:c5:6b:61:09:de:12:73:
         a2:50:d5:e0:c5:63:0a:61:14:e4:26:61:f7:55:4e:12:86:42:
         fd:46:f5:5c:bc:b5:51:f7:45:2a:bb:8e:b4:9a:cd:0c:77:b0:
         c5:ba:61:be:e8:99:48:be:e2:08:61:4a:7f:8d:3c:03:1f:49:
         bc:56:15:54:b7:5a:19:a5:b8:a6:e0:50:d7:ce:33:92:22:8f:
         bf:6d:e9:4a:63:99:c2:4c:b8:e5:3d:48:36:b3:96:5f:5e:98:
         22:2f:c3:f4:53:17:5e:17:d1:0f:20:66:68:f6:fd:68:f0:6d:
         f6:3b:39:fe:77:0a:da:70:6b:5e:80:1e:e6:27:0c:ff:12:72:
         16:0a:63:7f:35:72:35:0a:a3:65:b9:e3:74:0b:b9:de:78:69:
         a1:6a:ec:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiP/k3VEF7M/qEqHeqQpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjQxMTIzMDEwMDM5WhcNMjQxMTI0MDEwMDM5WjAzMTEwLwYDVQQD
EyhhNDVmOGYzYThiMzc0ODlmMWUyY2FlNTE4MTQ2MTNjODc4OTcyNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsyxQKerSee2IfxRZcbzLwgRRoan
w2m7Bb+8kWxc9AM0NN/8qlWgghjKLrjSg4P2/mhT1jiEfQcLS4EpOcZ341B/gRzO
Cb3Ksgv4oSszVuFnBzFKNQCDyVmAqy0+9oV0BKtHvVqYV6g+/JHB/RRKRoqmLt+V
KlIf7i1BxcJ0bLGeh1qKXiAi5+RtfKXJmNB1VWqmsMwW5rYCJgs7ivsxonWSJAZN
63BmZnUpgKswrrUuIeEjBZ4V97ZRzzX/epnOVY/sKLZfhtfw4rnAntic9C5IZvWj
bw89OtBxYxJMP7LiNlRA4Z7WwlwlGvua0JXGxlxJCB1GEzinrma7US0J0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRfjzqLN0ifHiyuUYFGE8h4lyYvMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1v3nXaqy
/mbNDVPHHIxe3zxSICY0+5ASmnSLHbUW6fvb5prrVPBPugDm5BMNtEDV+z29GcNq
e5dYBhUcXsl5dnn7iBbT9EQZiX+eK3XY47/VQlH5t7/HHN/6yqckyvzkPWUEPxvF
a2EJ3hJzolDV4MVjCmEU5CZh91VOEoZC/Ub1XLy1UfdFKruOtJrNDHewxbphvuiZ
SL7iCGFKf408Ax9JvFYVVLdaGaW4puBQ184zkiKPv23pSmOZwky45T1INrOWX16Y
Ii/D9FMXXhfRDyBmaPb9aPBt9js5/ncK2nBrXoAe5icM/xJyFgpjfzVyNQqjZbnj
dAu53nhpoWrsUw==
-----END CERTIFICATE-----