Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          QHEGoFdmu3jiNPNh7J/X6OhSG/XD+33rYvxRJnV51JU=
Subject key identifier:   B1:E5:4A:84:A0:02:48:B7:48:B7:E7:43:AA:5F:11:7E:15:95:A4:DD
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       0191FA47198428E138077EB4DF1A2BCCAB44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          F2
Signing time:             Mon 16 Sep 2024 10:00:49 +0000
Manifest this update:     Mon 16 Sep 2024 10:00:49 +0000
Manifest next update:     Tue 17 Sep 2024 10:00:49 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: w9wjMzHw2F+Lpd7hArNs1JxoeLzldLZ9SgE5pvjpDok=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 10:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:47:19:84:28:e1:38:07:7e:b4:df:1a:2b:cc:ab:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Sep 16 10:00:49 2024 GMT
            Not After : Sep 17 10:00:49 2024 GMT
        Subject: CN=b1e54a84a00248b748b7e743aa5f117e1595a4dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2f:b1:e1:f6:21:cc:45:1c:50:0e:d2:19:86:
                    9e:05:8d:b0:58:84:73:65:9b:ee:45:93:aa:b6:36:
                    f8:2e:17:b5:c3:67:1e:eb:82:bf:3a:d5:67:94:a9:
                    fc:13:83:4e:66:c8:5c:ba:39:eb:46:c0:3e:7e:82:
                    e0:36:6a:97:06:e7:dc:04:c5:1e:9b:2b:a2:18:01:
                    e1:b0:3a:38:4a:bd:d5:d9:7f:9d:75:85:0d:7c:10:
                    b7:f1:25:a7:71:76:d1:4d:75:94:4d:9f:a2:09:1e:
                    a2:aa:75:e9:7b:48:24:13:66:84:c8:37:af:39:71:
                    46:de:73:1e:2d:38:a3:05:e3:cd:c3:e4:b8:b2:95:
                    39:26:a3:e9:6b:0b:ca:70:8f:33:ea:9c:5a:ed:8a:
                    c0:33:ed:a9:0e:81:8e:84:11:d4:62:62:94:fc:34:
                    5a:69:61:fe:e4:64:8c:8c:88:d5:a1:b7:42:f3:b0:
                    e8:a8:82:1d:12:3c:80:4d:76:92:a9:bb:29:ea:03:
                    57:f5:3a:0d:40:7e:b8:5b:c0:a0:86:1d:bf:93:b7:
                    42:2c:c5:91:77:98:9d:a1:50:c4:a2:ae:1d:b3:31:
                    42:79:17:dd:ea:34:e6:96:2c:c4:73:c2:c7:75:5a:
                    93:17:52:6b:2b:00:e4:61:b9:6c:61:b3:67:71:25:
                    78:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:E5:4A:84:A0:02:48:B7:48:B7:E7:43:AA:5F:11:7E:15:95:A4:DD
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:0b:03:30:42:a2:a6:d7:e9:87:61:1d:db:eb:36:6d:65:b8:
         55:15:18:03:19:34:98:43:b1:9d:ca:0e:e7:46:c8:c1:29:fa:
         94:a1:54:31:01:0a:8e:74:b1:d4:88:3f:d8:88:1d:3a:83:fc:
         18:4d:28:38:ff:7e:53:ee:35:84:fc:a6:e9:ac:80:cd:93:c4:
         c6:c9:b2:a7:a9:c3:d5:2c:0e:a5:d1:38:0d:38:9e:b4:d0:2b:
         f6:a9:08:ea:93:49:ee:cb:b7:95:43:1e:8d:34:31:f7:f3:86:
         13:4a:97:15:d8:a7:42:d6:91:65:d8:aa:35:cf:6e:62:10:84:
         48:a4:1e:fb:4b:30:aa:df:7a:6f:c3:2d:2a:07:68:ad:06:46:
         50:6d:9f:4a:3c:f6:f1:0d:55:78:c9:96:09:13:52:31:ea:6c:
         58:d9:f0:ed:be:21:ce:c9:a4:87:2d:aa:f5:7a:96:1f:90:a4:
         ec:c0:2d:fb:c7:2a:f8:74:2d:2f:bc:3c:a0:c0:47:d4:b7:c3:
         79:4f:44:71:c1:a2:5a:8a:36:0b:82:8e:7e:72:1c:6b:c2:72:
         a3:d2:fa:76:d1:0d:31:63:c4:0d:32:ef:62:a3:e8:87:2e:71:
         e8:15:c6:7c:cf:b8:58:7d:e6:6c:2a:10:82:c8:16:f5:02:0e:
         3e:a3:ec:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6RxmEKOE4B3603xorzKtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjQwOTE2MTAwMDQ5WhcNMjQwOTE3MTAwMDQ5WjAzMTEwLwYDVQQD
EyhiMWU1NGE4NGEwMDI0OGI3NDhiN2U3NDNhYTVmMTE3ZTE1OTVhNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty+x4fYhzEUcUA7SGYaeBY2wWIRz
ZZvuRZOqtjb4Lhe1w2ce64K/OtVnlKn8E4NOZshcujnrRsA+foLgNmqXBufcBMUe
myuiGAHhsDo4Sr3V2X+ddYUNfBC38SWncXbRTXWUTZ+iCR6iqnXpe0gkE2aEyDev
OXFG3nMeLTijBePNw+S4spU5JqPpawvKcI8z6pxa7YrAM+2pDoGOhBHUYmKU/DRa
aWH+5GSMjIjVobdC87DoqIIdEjyATXaSqbsp6gNX9ToNQH64W8Cghh2/k7dCLMWR
d5idoVDEoq4dszFCeRfd6jTmlizEc8LHdVqTF1JrKwDkYblsYbNncSV47QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHlSoSgAki3SLfnQ6pfEX4VlaTdMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXQsDMEKi
ptfph2Ed2+s2bWW4VRUYAxk0mEOxncoO50bIwSn6lKFUMQEKjnSx1Ig/2IgdOoP8
GE0oOP9+U+41hPym6ayAzZPExsmyp6nD1SwOpdE4DTietNAr9qkI6pNJ7su3lUMe
jTQx9/OGE0qXFdinQtaRZdiqNc9uYhCESKQe+0swqt96b8MtKgdorQZGUG2fSjz2
8Q1VeMmWCRNSMepsWNnw7b4hzsmkhy2q9XqWH5Ck7MAt+8cq+HQtL7w8oMBH1LfD
eU9EccGiWoo2C4KOfnIca8Jyo9L6dtENMWPEDTLvYqPohy5x6BXGfM+4WH3mbCoQ
gsgW9QIOPqPsVA==
-----END CERTIFICATE-----