Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          WECGEMpWIU/AR7apC94Dw9J+eKYCdcgNEcIoENx2fQM=
Subject key identifier:   A0:1E:32:ED:A1:88:FD:8A:0C:2F:DA:70:04:29:C8:27:29:1D:CF:A9
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       018F234A85FAF063C10427D5BC916E1A0B32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          113E
Signing time:             Sun 28 Apr 2024 06:00:37 +0000
Manifest this update:     Sun 28 Apr 2024 06:00:37 +0000
Manifest next update:     Mon 29 Apr 2024 06:00:37 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: vxorUo/eGm+LzPSJxFtZ8ZTBCO7X70Z+ftAZ49qZ9Bg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 05:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:23:4a:85:fa:f0:63:c1:04:27:d5:bc:91:6e:1a:0b:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: Apr 28 06:00:37 2024 GMT
            Not After : Apr 29 06:00:37 2024 GMT
        Subject: CN=a01e32eda188fd8a0c2fda700429c827291dcfa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e6:46:50:36:78:b7:2c:17:d8:7e:27:8c:0e:
                    0b:5d:ad:cb:5e:8d:df:71:64:82:9a:24:28:42:d4:
                    6f:57:1e:c6:44:3a:7f:ca:1e:ee:ef:b8:aa:66:4b:
                    86:58:68:6f:e3:e6:e1:03:3e:07:e9:f3:1c:7e:38:
                    2a:00:f4:6f:ce:c2:db:04:28:5c:cd:c2:b4:4b:12:
                    8c:06:45:3f:cd:aa:c3:8c:6b:36:6e:20:e3:42:f9:
                    da:1e:9b:81:50:eb:dc:44:65:25:04:90:cb:24:9a:
                    ea:f1:ee:e4:d8:62:42:9a:0b:a3:84:27:91:df:2f:
                    f6:9c:70:4e:33:6f:cc:36:02:09:a6:2c:15:67:45:
                    ef:3c:3a:2f:25:3a:cf:92:aa:3f:1b:dd:2b:a1:64:
                    00:61:56:58:dd:4e:60:ea:42:1f:37:cd:71:32:5d:
                    ee:1d:cc:2c:ff:96:de:88:5e:fa:96:09:04:78:90:
                    5b:45:bd:52:f6:c2:86:b5:5d:59:66:1f:5d:8a:74:
                    10:7c:04:0f:84:18:f5:2b:97:c4:4c:e4:59:66:d9:
                    8d:0b:8b:c3:99:09:13:d9:87:de:65:98:52:e3:20:
                    5d:1c:d8:5c:ca:69:a8:a3:41:20:d1:bd:ec:b1:89:
                    06:f2:6c:b2:1c:f4:f6:64:77:3a:16:7e:60:8b:78:
                    d1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1E:32:ED:A1:88:FD:8A:0C:2F:DA:70:04:29:C8:27:29:1D:CF:A9
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:e5:2f:be:9e:90:89:56:52:f3:70:21:de:76:b1:60:0b:92:
         8d:74:a4:38:f6:30:94:4c:51:6e:b0:92:fa:5f:9f:6c:81:96:
         bd:23:fe:48:3d:ff:fd:6d:74:dc:72:4d:ba:b2:62:30:28:96:
         53:81:f0:fb:42:2b:d5:e7:88:cb:4a:ca:19:1e:46:6f:71:5a:
         fc:51:96:76:b9:6c:15:ba:11:e9:cc:e5:46:a0:5d:a1:05:26:
         5e:eb:22:60:66:86:7f:f7:46:48:a1:88:0e:25:7b:94:e4:8a:
         ca:31:c4:bd:ae:6e:d9:14:30:11:f1:f2:9c:c9:59:90:d4:34:
         ad:ba:b0:00:9d:54:cb:b7:18:06:0b:31:a8:bf:de:11:75:40:
         a3:75:63:7a:ce:58:89:6e:90:24:4e:b8:80:1c:b1:0b:52:83:
         42:80:7c:77:01:1f:37:7e:d0:15:28:d2:ff:e0:95:6e:8c:d5:
         49:e9:3b:c3:d6:c9:4b:a1:2a:91:44:db:b3:4e:be:fd:04:f9:
         7b:b2:74:c1:6c:7f:6e:07:e5:3c:59:88:fa:96:0d:d5:66:f2:
         07:88:e1:dc:4e:69:98:c1:6e:99:17:6b:cc:69:dd:69:5d:de:
         36:e8:0a:d1:a4:a3:c7:77:82:03:65:2c:d0:1e:4c:1a:91:60:
         84:6c:a4:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8jSoX68GPBBCfVvJFuGgsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjQwNDI4MDYwMDM3WhcNMjQwNDI5MDYwMDM3WjAzMTEwLwYDVQQD
EyhhMDFlMzJlZGExODhmZDhhMGMyZmRhNzAwNDI5YzgyNzI5MWRjZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOZGUDZ4tywX2H4njA4LXa3LXo3f
cWSCmiQoQtRvVx7GRDp/yh7u77iqZkuGWGhv4+bhAz4H6fMcfjgqAPRvzsLbBChc
zcK0SxKMBkU/zarDjGs2biDjQvnaHpuBUOvcRGUlBJDLJJrq8e7k2GJCmgujhCeR
3y/2nHBOM2/MNgIJpiwVZ0XvPDovJTrPkqo/G90roWQAYVZY3U5g6kIfN81xMl3u
Hcws/5beiF76lgkEeJBbRb1S9sKGtV1ZZh9dinQQfAQPhBj1K5fETORZZtmNC4vD
mQkT2YfeZZhS4yBdHNhcymmoo0Eg0b3ssYkG8myyHPT2ZHc6Fn5gi3jRUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAeMu2hiP2KDC/acAQpyCcpHc+pMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH+Uvvp6Q
iVZS83Ah3naxYAuSjXSkOPYwlExRbrCS+l+fbIGWvSP+SD3//W103HJNurJiMCiW
U4Hw+0Ir1eeIy0rKGR5Gb3Fa/FGWdrlsFboR6czlRqBdoQUmXusiYGaGf/dGSKGI
DiV7lOSKyjHEva5u2RQwEfHynMlZkNQ0rbqwAJ1Uy7cYBgsxqL/eEXVAo3Vjes5Y
iW6QJE64gByxC1KDQoB8dwEfN37QFSjS/+CVbozVSek7w9bJS6EqkUTbs06+/QT5
e7J0wWx/bgflPFmI+pYN1WbyB4jh3E5pmMFumRdrzGndaV3eNugK0aSjx3eCA2Us
0B5MGpFghGykPg==
-----END CERTIFICATE-----