Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
File:                     Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json)
Hash identifier:          AT1umuJO78Te2LEClaBUPJmLQVjWUFH+AjOzA1rfS/E=
Subject key identifier:   B2:62:64:BA:91:02:C5:A5:05:E4:CF:04:36:DE:AA:96:11:43:3A:C2
Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48
Certificate issuer:       /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
Certificate serial:       019405A15EE898EAF63B39B922CBF69169BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
Manifest number:          13C9
Signing time:             Fri 27 Dec 2024 01:00:49 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:49 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:49 +0000
Files and hashes:         1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: JfMWkyB/l9EEBp3uxDnvDxcOK6RCckS/opR1desDi9M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 01:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a1:5e:e8:98:ea:f6:3b:39:b9:22:cb:f6:91:69:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48
        Validity
            Not Before: Dec 27 01:00:49 2024 GMT
            Not After : Dec 28 01:00:49 2024 GMT
        Subject: CN=b26264ba9102c5a505e4cf0436deaa9611433ac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ce:d8:2f:8d:b1:20:03:ba:f6:25:d7:ef:9f:
                    e2:2f:4d:e2:63:12:3f:22:79:c7:d0:a4:26:14:08:
                    60:91:51:3f:51:be:94:fc:33:02:9f:41:5a:3e:82:
                    ce:4e:45:88:3e:ef:16:81:4e:21:03:3a:01:ad:49:
                    73:cb:88:17:9a:65:38:ac:95:a7:07:c0:40:24:fa:
                    3a:72:72:44:38:22:ec:68:3a:70:f4:f2:ab:a2:e1:
                    fa:77:6b:e9:a2:ed:46:69:db:87:e4:c2:39:4a:35:
                    5b:2c:6e:39:6b:e9:19:30:7f:5e:c6:b0:8d:00:86:
                    30:63:82:03:f3:8a:82:1d:3d:11:c5:4c:b6:11:f4:
                    8d:34:3b:d5:be:b8:cc:c6:53:bb:76:54:6a:a3:4b:
                    a1:b9:c6:82:27:83:a3:5b:a2:cf:a9:d4:53:fb:75:
                    80:ef:d1:dc:0b:36:c3:17:72:c7:49:e1:a4:8c:25:
                    0d:dc:02:34:2e:0a:bf:69:91:83:2b:d9:7a:fc:19:
                    a2:f8:93:ba:9d:6a:8b:ec:bf:8c:3e:77:bb:97:c5:
                    28:f0:69:1a:d2:3b:2f:0c:70:1e:c7:56:d8:fd:71:
                    96:46:20:8a:c4:de:a0:f6:21:b1:4e:a4:44:37:30:
                    31:e4:c6:1e:e3:c1:c4:39:fc:27:1c:9d:41:d4:4b:
                    4d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:62:64:BA:91:02:C5:A5:05:E4:CF:04:36:DE:AA:96:11:43:3A:C2
            X509v3 Authority Key Identifier:
                keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:ce:fd:21:14:d7:66:02:ac:f1:fb:b8:bd:f7:65:f8:6e:fc:
         9e:48:41:ce:8f:9c:d3:f6:d6:34:fa:1a:6b:e7:9b:ff:72:53:
         08:de:1e:97:58:7f:75:0f:8e:4a:6d:19:d9:c8:00:c4:37:82:
         47:5f:48:c5:2a:09:d7:55:9b:33:48:1a:9d:f7:40:0a:1a:17:
         2a:d2:10:65:00:7d:06:8c:2e:30:f3:f1:26:86:b3:fe:44:a4:
         19:b5:a2:26:6d:b9:29:00:3d:e7:81:61:53:94:06:f0:03:1d:
         76:12:54:25:79:d5:46:3b:5f:49:cf:ae:11:d5:59:46:62:dd:
         ec:ea:0f:88:be:42:e0:37:38:32:18:12:7d:e0:7e:5c:a4:ed:
         05:73:3c:66:4b:77:95:c5:d9:07:c9:eb:ec:63:6f:3a:23:a0:
         24:97:69:f8:0f:49:3e:a4:a1:cb:fe:18:5b:7c:58:b6:f3:87:
         57:11:d0:94:22:42:ae:95:ec:1d:3e:8c:1f:cd:75:bc:a1:71:
         9d:38:6c:0f:ad:18:1a:16:ab:d8:b9:51:68:a6:28:6a:06:48:
         a9:e9:54:04:b6:3b:7a:4a:a1:7c:82:13:89:a9:65:67:9a:94:
         c3:a7:2b:7f:6e:4e:b2:80:88:97:4c:12:87:96:94:6c:97:30:
         4e:97:10:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoV7omOr2Ozm5Isv2kWm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2
NGRmNDgwHhcNMjQxMjI3MDEwMDQ5WhcNMjQxMjI4MDEwMDQ5WjAzMTEwLwYDVQQD
EyhiMjYyNjRiYTkxMDJjNWE1MDVlNGNmMDQzNmRlYWE5NjExNDMzYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy87YL42xIAO69iXX75/iL03iYxI/
InnH0KQmFAhgkVE/Ub6U/DMCn0FaPoLOTkWIPu8WgU4hAzoBrUlzy4gXmmU4rJWn
B8BAJPo6cnJEOCLsaDpw9PKrouH6d2vpou1GaduH5MI5SjVbLG45a+kZMH9exrCN
AIYwY4ID84qCHT0RxUy2EfSNNDvVvrjMxlO7dlRqo0uhucaCJ4OjW6LPqdRT+3WA
79HcCzbDF3LHSeGkjCUN3AI0Lgq/aZGDK9l6/Bmi+JO6nWqL7L+MPne7l8Uo8Gka
0jsvDHAex1bY/XGWRiCKxN6g9iGxTqRENzAx5MYe48HEOfwnHJ1B1EtN4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJiZLqRAsWlBeTPBDbeqpYRQzrCMB8GA1UdIwQY
MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt
NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy
LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkM79IRTX
ZgKs8fu4vfdl+G78nkhBzo+c0/bWNPoaa+eb/3JTCN4el1h/dQ+OSm0Z2cgAxDeC
R19IxSoJ11WbM0ganfdAChoXKtIQZQB9BowuMPPxJoaz/kSkGbWiJm25KQA954Fh
U5QG8AMddhJUJXnVRjtfSc+uEdVZRmLd7OoPiL5C4Dc4MhgSfeB+XKTtBXM8Zkt3
lcXZB8nr7GNvOiOgJJdp+A9JPqShy/4YW3xYtvOHVxHQlCJCrpXsHT6MH811vKFx
nThsD60YGhar2LlRaKYoagZIqelUBLY7ekqhfIITiallZ5qUw6crf25OsoCIl0wS
h5aUbJcwTpcQxQ==
-----END CERTIFICATE-----