Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File:                     h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier:          Z2x71iCXnuQ7xfcgxMpCAhkdancgLlPjZ8goXlls5dI=
Subject key identifier:   8B:C5:0E:46:15:73:84:08:B3:6A:11:81:1C:B3:CB:CC:D5:4F:48:F1
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer:       /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial:       019369D9BD537C1612C94617763A6B2DB276
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number:          0C3C
Signing time:             Tue 26 Nov 2024 19:01:37 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:37 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:37 +0000
Files and hashes:         1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: RB2LXpC8QjWKepbyvkiv0hiaGPrVKy9CPDMVEXV3Q5U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:bd:53:7c:16:12:c9:46:17:76:3a:6b:2d:b2:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
        Validity
            Not Before: Nov 26 19:01:37 2024 GMT
            Not After : Nov 27 19:01:37 2024 GMT
        Subject: CN=8bc50e4615738408b36a11811cb3cbccd54f48f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:6f:85:7a:b6:22:c7:33:5e:8b:ae:5c:08:18:
                    3f:03:f9:d8:2a:82:87:3b:0b:ce:8e:c3:87:24:94:
                    80:eb:6a:5d:ff:61:8d:1f:a4:d5:d1:42:bb:b1:d3:
                    63:08:81:f4:f9:11:ca:66:43:2f:3b:f9:4b:7d:10:
                    3b:9e:1d:de:9d:86:9e:2b:31:46:e4:0d:3e:23:23:
                    a5:df:ad:c8:78:bf:a3:9d:9f:fc:fe:0a:e6:93:f0:
                    b4:70:66:e8:19:f8:3e:e7:9b:ea:ed:17:99:3f:7b:
                    ba:aa:fe:25:4c:88:9b:1d:cf:fd:1e:a3:92:d6:5e:
                    6b:b0:4c:82:8c:a3:18:2a:5a:b8:cf:83:94:a4:ab:
                    91:c0:b1:41:a9:33:4f:1a:e9:59:7b:5a:5c:07:72:
                    c1:30:2d:34:34:14:11:d9:64:eb:39:29:d9:4d:3e:
                    a3:53:64:2f:aa:a0:47:12:8d:0e:d6:46:ae:6a:df:
                    05:1d:bc:48:c5:46:cb:95:54:ca:cd:10:ae:39:97:
                    c8:ce:eb:c6:bf:d3:1d:d5:f0:09:f9:4c:49:e0:1a:
                    e6:72:f9:37:3b:56:8e:dd:54:72:71:63:c5:7a:17:
                    32:bc:de:55:ea:1c:04:ac:d6:c7:a3:72:31:eb:e2:
                    61:f9:ba:16:72:bc:4c:eb:cb:03:c1:2f:d6:01:c8:
                    69:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:C5:0E:46:15:73:84:08:B3:6A:11:81:1C:B3:CB:CC:D5:4F:48:F1
            X509v3 Authority Key Identifier:
                keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:5c:ee:c1:43:40:e8:5c:9c:19:91:c0:55:15:72:e2:0d:81:
         3a:91:a8:80:27:e2:2d:23:30:d5:47:96:86:8d:6a:78:01:4a:
         0d:f5:a2:a1:62:8b:bd:89:ed:fe:2c:d2:57:51:1b:72:dc:60:
         67:09:c0:c0:b8:b1:0a:50:c2:8e:f7:a3:c2:09:40:3c:91:f7:
         8b:91:01:78:fb:83:80:e9:8b:6c:f7:56:fb:17:c1:fd:3e:50:
         82:d7:00:1e:d1:2f:69:25:b1:c6:20:2a:a4:0c:d6:d8:92:1a:
         56:e6:a4:c7:06:cf:0d:29:6c:c8:9f:cf:bb:f4:4d:6b:50:10:
         d2:07:b7:69:e2:22:e1:7d:8b:a6:aa:c1:f0:f1:75:93:8c:f6:
         54:73:9f:a6:87:de:69:d7:7b:ed:c2:76:1f:10:71:2a:a8:02:
         01:a9:d9:23:9f:b5:e1:95:52:c7:94:67:5e:1a:87:d3:71:8b:
         33:64:ac:58:d6:2c:ac:a5:79:e2:cf:04:02:11:7f:68:7b:99:
         9b:fa:a6:3e:7f:6c:e3:18:64:1a:87:ff:88:b6:3b:ca:c6:09:
         51:dd:b6:4e:53:66:3b:9d:65:cf:4c:fd:e8:d9:96:7b:af:d1:
         e1:a8:de:36:ec:b8:cc:f4:7a:8e:25:c1:60:d3:48:a9:22:9f:
         d7:3c:bf:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2b1TfBYSyUYXdjprLbJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjQxMTI2MTkwMTM3WhcNMjQxMTI3MTkwMTM3WjAzMTEwLwYDVQQD
Eyg4YmM1MGU0NjE1NzM4NDA4YjM2YTExODExY2IzY2JjY2Q1NGY0OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G+FerYixzNei65cCBg/A/nYKoKH
OwvOjsOHJJSA62pd/2GNH6TV0UK7sdNjCIH0+RHKZkMvO/lLfRA7nh3enYaeKzFG
5A0+IyOl363IeL+jnZ/8/grmk/C0cGboGfg+55vq7ReZP3u6qv4lTIibHc/9HqOS
1l5rsEyCjKMYKlq4z4OUpKuRwLFBqTNPGulZe1pcB3LBMC00NBQR2WTrOSnZTT6j
U2QvqqBHEo0O1kauat8FHbxIxUbLlVTKzRCuOZfIzuvGv9Md1fAJ+UxJ4Brmcvk3
O1aO3VRycWPFehcyvN5V6hwErNbHo3Ix6+Jh+boWcrxM68sDwS/WAchp2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvFDkYVc4QIs2oRgRyzy8zVT0jxMB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi1zuwUNA
6FycGZHAVRVy4g2BOpGogCfiLSMw1UeWho1qeAFKDfWioWKLvYnt/izSV1Ebctxg
ZwnAwLixClDCjvejwglAPJH3i5EBePuDgOmLbPdW+xfB/T5QgtcAHtEvaSWxxiAq
pAzW2JIaVuakxwbPDSlsyJ/Pu/RNa1AQ0ge3aeIi4X2LpqrB8PF1k4z2VHOfpofe
add77cJ2HxBxKqgCAanZI5+14ZVSx5RnXhqH03GLM2SsWNYsrKV54s8EAhF/aHuZ
m/qmPn9s4xhkGof/iLY7ysYJUd22TlNmO51lz0z96NmWe6/R4ajeNuy4zPR6jiXB
YNNIqSKf1zy/1A==
-----END CERTIFICATE-----