Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          wskbVjYJT1kpOBkSwSSl7e/xo4l3r+j06eMDH3kiy1I=
Subject key identifier:   06:EB:9F:03:EB:67:62:78:B6:33:4D:99:BE:DC:48:8B:93:B2:BC:24
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       0192102A75B3A31BFD25D87844E0AF8A2D6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0518
Signing time:             Fri 20 Sep 2024 16:01:11 +0000
Manifest this update:     Fri 20 Sep 2024 16:01:11 +0000
Manifest next update:     Sat 21 Sep 2024 16:01:11 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: DDiqCH2v+S+xhgDFpDKsgYp44+ZLZmSYlgfn6Pob8Go=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 21 Sep 2024 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:10:2a:75:b3:a3:1b:fd:25:d8:78:44:e0:af:8a:2d:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Sep 20 16:01:11 2024 GMT
            Not After : Sep 21 16:01:11 2024 GMT
        Subject: CN=06eb9f03eb676278b6334d99bedc488b93b2bc24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:7b:c6:ca:b8:ff:cc:17:5d:7b:37:87:fa:40:
                    89:c6:ee:c3:04:bb:38:c9:7d:d2:be:2a:bc:d0:57:
                    32:7c:12:f2:c7:37:b6:dc:05:67:4b:49:ad:3f:1c:
                    b2:fc:1c:88:6e:c9:d7:ea:21:ac:4b:e0:bc:5b:e7:
                    d0:a4:24:7c:ca:26:82:c1:aa:19:f0:d9:7a:2b:79:
                    ff:ec:16:bf:4d:a1:fe:ba:77:b3:61:ca:0e:d3:d2:
                    56:9d:78:05:6d:15:7d:86:51:e5:d2:93:df:2c:cd:
                    61:28:87:b6:67:8d:eb:cc:7e:c8:29:a2:e1:43:8b:
                    3d:51:0a:15:a6:4d:3d:a8:d0:dd:4a:84:ff:78:6a:
                    63:23:0b:d7:08:f5:e0:39:59:91:d0:80:2f:3c:e4:
                    7f:6b:ae:d3:26:d7:ba:13:c8:49:b1:8d:c9:e7:a6:
                    f4:fb:54:dc:68:80:37:6d:2c:5e:a7:04:b0:e3:d6:
                    fa:b3:21:fd:38:00:d6:f2:4e:ac:72:9a:d0:0d:b6:
                    d3:ed:38:78:82:32:d5:ec:26:ce:3c:e5:3a:2e:ae:
                    39:be:9c:16:53:e5:be:ab:b9:89:93:9c:1f:98:4e:
                    32:1a:b4:dc:11:33:23:bc:4e:31:8a:6f:76:38:a4:
                    af:84:a5:65:b5:c6:3a:6a:e0:fe:51:81:e1:1d:e6:
                    45:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:EB:9F:03:EB:67:62:78:B6:33:4D:99:BE:DC:48:8B:93:B2:BC:24
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:db:75:5d:53:92:fc:a0:01:f4:6b:22:95:8b:b7:72:ae:2b:
         b0:a2:cf:42:b5:82:c3:ac:85:d0:d3:f8:12:82:0b:f2:ba:7c:
         86:bc:44:60:a8:1a:37:c7:c9:c7:9e:3a:4d:52:97:2b:eb:f2:
         c5:14:89:ef:fa:d8:24:5a:fe:54:33:46:91:dc:31:f5:c8:d3:
         0e:99:b3:ac:a3:13:f6:91:f0:96:90:19:e1:78:4e:0f:c8:77:
         13:6c:55:5b:7d:75:b8:19:ac:1f:75:13:2e:56:b7:54:df:87:
         45:a3:f1:97:04:f2:d2:4c:a9:19:19:57:db:00:6f:fc:1a:32:
         58:1b:cb:02:b3:06:df:1d:66:09:14:58:7f:4b:07:66:3b:06:
         c6:35:54:df:d1:44:01:46:9d:a4:fe:fd:35:7f:36:ce:2c:03:
         c6:0b:f3:d3:d9:d3:57:f8:f9:7b:fd:43:bb:d2:30:d4:8e:e1:
         ca:9e:2f:e9:d4:69:0f:0e:88:82:3a:65:b7:f4:4b:a3:fc:5d:
         65:a2:90:c0:b0:5c:d2:ba:50:1f:90:18:54:e1:61:93:ff:9b:
         55:94:ec:3c:81:28:bb:f3:b4:f1:5b:c8:f7:1b:86:d3:59:3e:
         6b:6c:40:2e:68:21:15:34:9d:eb:f3:1f:70:9a:6e:63:fc:94:
         32:f8:01:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZIQKnWzoxv9Jdh4ROCvii1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjQwOTIwMTYwMTExWhcNMjQwOTIxMTYwMTExWjAzMTEwLwYDVQQD
EygwNmViOWYwM2ViNjc2Mjc4YjYzMzRkOTliZWRjNDg4YjkzYjJiYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nvGyrj/zBddezeH+kCJxu7DBLs4
yX3Sviq80FcyfBLyxze23AVnS0mtPxyy/ByIbsnX6iGsS+C8W+fQpCR8yiaCwaoZ
8Nl6K3n/7Ba/TaH+unezYcoO09JWnXgFbRV9hlHl0pPfLM1hKIe2Z43rzH7IKaLh
Q4s9UQoVpk09qNDdSoT/eGpjIwvXCPXgOVmR0IAvPOR/a67TJte6E8hJsY3J56b0
+1TcaIA3bSxepwSw49b6syH9OADW8k6scprQDbbT7Th4gjLV7CbOPOU6Lq45vpwW
U+W+q7mJk5wfmE4yGrTcETMjvE4xim92OKSvhKVltcY6auD+UYHhHeZFUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAbrnwPrZ2J4tjNNmb7cSIuTsrwkMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF9t1XVOS
/KAB9GsilYu3cq4rsKLPQrWCw6yF0NP4EoIL8rp8hrxEYKgaN8fJx546TVKXK+vy
xRSJ7/rYJFr+VDNGkdwx9cjTDpmzrKMT9pHwlpAZ4XhOD8h3E2xVW311uBmsH3UT
Lla3VN+HRaPxlwTy0kypGRlX2wBv/BoyWBvLArMG3x1mCRRYf0sHZjsGxjVU39FE
AUadpP79NX82ziwDxgvz09nTV/j5e/1Du9Iw1I7hyp4v6dRpDw6Igjplt/RLo/xd
ZaKQwLBc0rpQH5AYVOFhk/+bVZTsPIEou/O08VvI9xuG01k+a2xALmghFTSd6/Mf
cJpuY/yUMvgBZg==
-----END CERTIFICATE-----