Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          Wjsc4BjtHfXnqh7yBsEAGwgt/ATKjKMQTEm1Vmcbqh4=
Subject key identifier:   40:29:61:C3:FD:13:2E:E1:EC:1E:01:AC:6E:3C:61:6A:6E:79:30:64
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       018F8749F2C83BA956F41160DC093CB9924D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          04E8
Signing time:             Fri 17 May 2024 16:02:01 +0000
Manifest this update:     Fri 17 May 2024 16:02:01 +0000
Manifest next update:     Sat 18 May 2024 16:02:01 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: XPl9dup5u0177awjlmwCEHka5rpwlrPWUWxcVrrw5Jk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:f2:c8:3b:a9:56:f4:11:60:dc:09:3c:b9:92:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: May 17 16:02:01 2024 GMT
            Not After : May 18 16:02:01 2024 GMT
        Subject: CN=402961c3fd132ee1ec1e01ac6e3c616a6e793064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:43:d3:36:8b:ce:7e:09:ba:72:c4:14:93:cf:
                    a8:6b:09:9e:50:1e:05:41:cc:73:bf:e6:9b:da:3c:
                    34:80:0f:82:8d:ea:67:47:25:2d:74:ef:51:fa:db:
                    5c:b9:58:11:1d:9b:a9:31:34:b0:65:42:48:cb:7c:
                    f5:61:e2:4a:81:f1:fe:d3:bc:f4:68:8e:45:5b:ff:
                    4e:8c:4c:ff:b0:c0:76:2f:d0:01:66:a6:4f:29:31:
                    68:c6:dc:70:01:16:cc:7a:db:2c:8c:39:5e:8b:3a:
                    6f:95:b4:ba:17:58:2e:3d:2a:ab:dd:1f:57:1e:b0:
                    f8:01:d6:2e:d4:0c:8c:02:d6:ab:22:b2:d0:fb:c8:
                    ef:f8:14:0b:35:11:f6:35:f3:0f:67:7b:92:ea:80:
                    4f:db:98:d7:65:83:40:80:a6:6d:63:d0:57:21:8a:
                    8a:35:69:3d:8d:e3:39:ce:7e:f6:49:4b:5d:a9:51:
                    99:e2:63:18:53:b9:14:df:89:2d:81:c7:7c:ea:3b:
                    14:d6:92:71:e1:32:5d:66:a1:fe:20:ad:e6:bd:51:
                    a7:7d:c2:e3:e5:8c:54:e7:1a:47:c1:d7:d5:59:82:
                    af:e8:ad:48:2c:12:24:ab:23:c9:c3:d0:b8:59:98:
                    70:c6:77:af:6a:5e:1e:24:5c:42:1e:bd:99:ab:3b:
                    3b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:29:61:C3:FD:13:2E:E1:EC:1E:01:AC:6E:3C:61:6A:6E:79:30:64
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:ff:cb:3a:6a:a1:7a:a6:6d:eb:03:2c:f2:5b:6b:8d:f5:dc:
         be:0f:62:de:9d:70:dc:b4:e0:6c:3a:ef:e2:5b:22:c3:c0:68:
         8d:a5:bb:66:22:4c:0a:f1:18:cd:57:c0:43:fd:4f:e3:9d:6f:
         61:28:e6:0a:1e:6b:88:f4:a9:ff:d1:7e:f9:b1:88:d7:10:55:
         2e:30:72:1e:7f:e1:8b:73:42:d3:d5:49:15:67:4b:bc:22:b8:
         f9:61:10:98:bc:a1:7e:ec:51:81:92:85:ca:ce:19:0b:02:30:
         bf:f6:13:06:2e:a2:ab:29:28:d4:89:6f:31:9e:6d:db:f0:0b:
         07:1f:03:d7:c4:a3:d7:30:ca:02:f5:03:5f:73:96:e2:fe:df:
         c4:18:6d:c2:c5:d9:25:cf:88:14:03:e6:b0:ab:2d:5d:ee:43:
         79:b1:32:44:d7:ec:1f:42:de:79:9d:bf:48:74:6e:9e:e4:fb:
         ac:96:96:94:14:5a:d0:f6:4b:a3:7a:78:12:d0:5f:df:5f:ef:
         c5:62:07:1b:23:b1:62:60:70:ce:f8:86:b4:42:c2:a6:36:07:
         15:05:1c:79:8a:a1:13:b8:65:c8:30:da:fb:eb:eb:83:9b:5f:
         a4:3d:d6:36:39:55:ab:30:5d:e6:13:d6:0f:0d:d8:72:61:19:
         af:78:b3:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSfLIO6lW9BFg3Ak8uZJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjQwNTE3MTYwMjAxWhcNMjQwNTE4MTYwMjAxWjAzMTEwLwYDVQQD
Eyg0MDI5NjFjM2ZkMTMyZWUxZWMxZTAxYWM2ZTNjNjE2YTZlNzkzMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEPTNovOfgm6csQUk8+oawmeUB4F
Qcxzv+ab2jw0gA+CjepnRyUtdO9R+ttcuVgRHZupMTSwZUJIy3z1YeJKgfH+07z0
aI5FW/9OjEz/sMB2L9ABZqZPKTFoxtxwARbMetssjDleizpvlbS6F1guPSqr3R9X
HrD4AdYu1AyMAtarIrLQ+8jv+BQLNRH2NfMPZ3uS6oBP25jXZYNAgKZtY9BXIYqK
NWk9jeM5zn72SUtdqVGZ4mMYU7kU34ktgcd86jsU1pJx4TJdZqH+IK3mvVGnfcLj
5YxU5xpHwdfVWYKv6K1ILBIkqyPJw9C4WZhwxneval4eJFxCHr2Zqzs7HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEApYcP9Ey7h7B4BrG48YWpueTBkMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApv/LOmqh
eqZt6wMs8ltrjfXcvg9i3p1w3LTgbDrv4lsiw8BojaW7ZiJMCvEYzVfAQ/1P451v
YSjmCh5riPSp/9F++bGI1xBVLjByHn/hi3NC09VJFWdLvCK4+WEQmLyhfuxRgZKF
ys4ZCwIwv/YTBi6iqyko1IlvMZ5t2/ALBx8D18Sj1zDKAvUDX3OW4v7fxBhtwsXZ
Jc+IFAPmsKstXe5DebEyRNfsH0LeeZ2/SHRunuT7rJaWlBRa0PZLo3p4EtBf31/v
xWIHGyOxYmBwzviGtELCpjYHFQUceYqhE7hlyDDa++vrg5tfpD3WNjlVqzBd5hPW
Dw3YcmEZr3iz2A==
-----END CERTIFICATE-----