Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
File:                     THHp8j7qymjHIcvkKAYQC3XhV3A.mft (raw, json)
Hash identifier:          8kl7u9q0pWZU7DbtclewW/Bt1XeX8N+j/YrBr+9m+tY=
Subject key identifier:   6A:4F:3A:CE:09:32:A9:D2:4D:95:18:9B:FB:88:F5:67:1C:33:14:81
Authority key identifier: 4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70
Certificate issuer:       /CN=4c71e9f23eeaca68c721cbe42806100b75e15770
Certificate serial:       019355E477A70211B3616108BD6699FF7226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
Manifest number:          022E
Signing time:             Fri 22 Nov 2024 22:00:56 +0000
Manifest this update:     Fri 22 Nov 2024 22:00:56 +0000
Manifest next update:     Sat 23 Nov 2024 22:00:56 +0000
Files and hashes:         1: THHp8j7qymjHIcvkKAYQC3XhV3A.crl (hash: OtxPrQQM/xDitxSX1LnLF4wVtYUY63sGYLWJmJ785as=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:e4:77:a7:02:11:b3:61:61:08:bd:66:99:ff:72:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c71e9f23eeaca68c721cbe42806100b75e15770
        Validity
            Not Before: Nov 22 22:00:56 2024 GMT
            Not After : Nov 23 22:00:56 2024 GMT
        Subject: CN=6a4f3ace0932a9d24d95189bfb88f5671c331481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ef:5b:48:29:05:4d:cd:e1:08:6b:6f:4d:b3:
                    8d:d0:a2:a5:45:00:ae:2a:ec:81:e6:d6:58:0c:07:
                    b9:dd:ae:dc:02:20:cb:9f:67:52:83:ab:ec:14:d8:
                    24:12:2b:8a:b1:fa:51:77:0e:a9:56:f4:26:03:b9:
                    02:4a:a6:33:f2:58:6b:d6:ee:3f:a6:b9:65:76:a3:
                    a1:2a:68:4f:1c:42:a5:8d:36:93:14:4e:54:d6:8a:
                    8e:8d:61:35:55:a5:7e:95:7d:0a:04:29:19:54:b6:
                    8f:22:81:67:ad:2f:94:b6:42:7c:e4:71:27:2e:0c:
                    0e:56:b0:51:f9:7e:a3:c4:f1:b4:29:31:9c:12:9a:
                    97:15:45:8f:87:e9:3d:d0:93:a9:c8:24:9c:c9:58:
                    81:a6:35:86:95:ce:fd:d0:35:bc:77:b0:96:98:8f:
                    c8:c8:f3:f8:9d:d5:55:f5:b7:ef:72:00:1b:b6:e1:
                    0b:c3:42:5e:2d:1d:89:73:70:61:cf:bd:ec:58:0e:
                    bd:67:55:9b:17:64:94:3d:ac:59:ef:07:1c:b8:8f:
                    ad:d6:c4:c2:a3:72:73:43:4a:f9:85:7b:da:03:44:
                    f4:12:9a:54:61:45:18:37:39:3d:60:91:1d:b3:59:
                    53:ea:a7:3d:d5:46:3b:29:d2:10:53:a5:1a:ac:e7:
                    ef:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:4F:3A:CE:09:32:A9:D2:4D:95:18:9B:FB:88:F5:67:1C:33:14:81
            X509v3 Authority Key Identifier:
                keyid:4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:17:a6:ad:d9:ae:1d:2f:e1:d4:15:90:73:b9:10:41:55:1d:
         fd:11:35:e7:f7:f7:f7:8a:11:83:c9:f5:01:e5:38:74:66:24:
         ad:4b:d7:b4:45:8d:66:a9:d4:91:cb:7d:bf:6c:e5:0a:bc:f7:
         cb:69:7e:4b:57:3c:f5:82:d0:41:44:d8:33:3f:c9:fc:f9:ee:
         87:7e:04:ae:1c:4a:55:f7:a3:df:ca:68:92:b9:97:35:b5:49:
         e9:cc:2a:13:ff:b5:15:70:d2:1e:52:be:5a:cb:a8:23:4e:d5:
         4b:15:1a:ab:4e:e3:fc:2a:49:ad:3a:84:69:a0:49:62:02:b2:
         b4:fe:ee:04:54:89:c1:28:2c:05:1f:64:50:3a:9e:82:0a:05:
         6c:22:39:44:e2:82:c6:e3:93:3f:ed:7d:80:c5:cb:c8:e1:7a:
         23:b2:75:82:ca:c8:ec:e9:aa:61:ca:08:92:e7:c6:f5:00:0a:
         cf:a9:a9:da:25:1a:8f:53:b4:1b:bc:7b:23:f6:6d:4e:c9:71:
         55:81:f6:0c:d8:47:f6:cd:8c:30:47:c5:d6:6d:a3:2f:94:bc:
         27:dc:e3:7a:b8:50:aa:54:38:e1:bf:6a:f0:6a:99:38:34:50:
         f5:bc:23:76:61:a8:46:14:9b:60:48:5c:fa:b1:71:89:f1:9d:
         3d:39:96:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNV5HenAhGzYWEIvWaZ/3ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFlOWYyM2VlYWNhNjhjNzIxY2JlNDI4MDYxMDBiNzVl
MTU3NzAwHhcNMjQxMTIyMjIwMDU2WhcNMjQxMTIzMjIwMDU2WjAzMTEwLwYDVQQD
Eyg2YTRmM2FjZTA5MzJhOWQyNGQ5NTE4OWJmYjg4ZjU2NzFjMzMxNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+9bSCkFTc3hCGtvTbON0KKlRQCu
KuyB5tZYDAe53a7cAiDLn2dSg6vsFNgkEiuKsfpRdw6pVvQmA7kCSqYz8lhr1u4/
prlldqOhKmhPHEKljTaTFE5U1oqOjWE1VaV+lX0KBCkZVLaPIoFnrS+UtkJ85HEn
LgwOVrBR+X6jxPG0KTGcEpqXFUWPh+k90JOpyCScyViBpjWGlc790DW8d7CWmI/I
yPP4ndVV9bfvcgAbtuELw0JeLR2Jc3Bhz73sWA69Z1WbF2SUPaxZ7wccuI+t1sTC
o3JzQ0r5hXvaA0T0EppUYUUYNzk9YJEds1lT6qc91UY7KdIQU6UarOfvHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGpPOs4JMqnSTZUYm/uI9WccMxSBMB8GA1UdIwQY
MBaAFExx6fI+6spoxyHL5CgGEAt14VdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEt
YzliN2ViMmNlYTU3LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEtYzliN2ViMmNlYTU3
LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGBemrdmu
HS/h1BWQc7kQQVUd/RE15/f394oRg8n1AeU4dGYkrUvXtEWNZqnUkct9v2zlCrz3
y2l+S1c89YLQQUTYMz/J/Pnuh34ErhxKVfej38pokrmXNbVJ6cwqE/+1FXDSHlK+
WsuoI07VSxUaq07j/CpJrTqEaaBJYgKytP7uBFSJwSgsBR9kUDqeggoFbCI5ROKC
xuOTP+19gMXLyOF6I7J1gsrI7OmqYcoIkufG9QAKz6mp2iUaj1O0G7x7I/ZtTslx
VYH2DNhH9s2MMEfF1m2jL5S8J9zjerhQqlQ44b9q8GqZODRQ9bwjdmGoRhSbYEhc
+rFxifGdPTmW/w==
-----END CERTIFICATE-----