Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          fo4m9XKFMp+7tY6TWn8h61/gcIjO16XF+5bT8G8o56U=
Subject key identifier:   12:A8:35:1C:4D:7B:A2:29:52:CA:0B:21:EA:66:04:D9:58:79:B1:D6
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       019369DA14F0C82F4762E83CC1D649E9214D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 19:01:59 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:59 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:59 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: O2VqbATtElAeIaREckDebjiGnHvLmX2aZOEQHGvF3rs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:14:f0:c8:2f:47:62:e8:3c:c1:d6:49:e9:21:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Nov 26 19:01:59 2024 GMT
            Not After : Nov 27 19:01:59 2024 GMT
        Subject: CN=12a8351c4d7ba22952ca0b21ea6604d95879b1d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:10:c9:2b:d7:4d:5a:91:2b:e3:9d:b6:a0:6d:
                    62:e4:82:63:e5:bf:bf:50:11:38:60:27:c0:39:0c:
                    39:36:9b:81:76:f3:e6:47:7e:0a:c4:d8:65:77:62:
                    f7:7a:c3:e1:3f:dd:1d:03:41:c0:90:b3:5a:e1:eb:
                    89:80:e7:87:bc:e6:6c:41:35:0f:6d:1d:ed:cb:2f:
                    e0:c7:15:cf:ac:ca:fd:14:6f:2c:2c:f1:0d:4a:6f:
                    94:c9:a4:f7:e8:ce:82:78:e0:46:95:83:e4:86:5f:
                    01:b5:16:25:d5:66:df:1a:ee:a8:5f:4e:ed:fc:54:
                    88:c0:32:99:c7:81:19:09:32:04:97:b2:ce:d2:aa:
                    04:86:25:4a:13:a7:ca:54:15:3e:c7:5d:67:08:6e:
                    e4:91:bd:a2:98:23:0c:b1:18:ec:66:93:6d:8b:a0:
                    e3:22:63:6e:a4:17:fd:a6:93:19:99:31:5f:e9:c2:
                    26:42:fa:ac:8d:b6:9a:c8:bf:9f:82:ae:04:fb:a8:
                    f2:44:72:0a:13:49:71:f4:fa:0c:fb:72:7c:51:98:
                    f5:0d:58:6d:51:b7:ed:7e:90:3f:6d:cd:13:89:08:
                    a2:c1:ef:6e:aa:e7:ff:d4:23:06:38:21:29:72:90:
                    a5:6d:2d:b8:a4:ce:d5:77:21:ef:aa:05:04:5b:a6:
                    79:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A8:35:1C:4D:7B:A2:29:52:CA:0B:21:EA:66:04:D9:58:79:B1:D6
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:e2:ca:50:35:8f:7d:28:ab:4d:90:40:aa:7d:cb:5b:97:77:
         55:1c:1d:88:f0:39:83:f9:a2:7d:90:13:90:19:1b:8a:12:c7:
         14:79:4b:98:a7:4e:a4:b6:a5:10:3a:32:3e:92:f1:4a:f9:e5:
         55:d5:96:fc:e2:a4:f8:31:51:aa:35:d5:41:83:61:5e:02:de:
         44:a3:7c:67:07:56:f5:d0:1c:d9:47:6d:5e:19:32:35:4d:6d:
         75:5d:68:86:17:bb:df:43:18:0e:e9:19:7c:8f:99:d6:13:cd:
         2a:20:01:00:fd:1f:a6:4a:f8:cc:7f:0b:23:1e:c2:2d:c4:40:
         a9:19:51:0f:bf:07:7b:e2:68:14:8c:07:48:97:b1:4a:8b:31:
         b3:26:9a:0e:06:02:6c:7a:06:4b:a5:e0:b1:7d:86:d7:bc:55:
         a3:70:3b:09:08:97:71:9d:68:f1:ed:c8:9f:c7:6c:9e:31:6c:
         ea:70:c9:4a:06:34:af:40:d9:e6:cc:51:3a:a8:51:b0:68:95:
         57:40:ba:fc:cc:e5:ea:c8:d3:7f:24:72:83:f5:91:83:f4:79:
         47:93:72:a5:cc:f3:13:16:51:1c:74:ad:c4:89:9a:7b:ba:54:
         ce:9f:fb:a9:5b:47:77:10:af:86:3e:21:a8:32:f3:d7:f2:b0:
         d4:9b:e4:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2hTwyC9HYug8wdZJ6SFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjQxMTI2MTkwMTU5WhcNMjQxMTI3MTkwMTU5WjAzMTEwLwYDVQQD
EygxMmE4MzUxYzRkN2JhMjI5NTJjYTBiMjFlYTY2MDRkOTU4NzliMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RDJK9dNWpEr4522oG1i5IJj5b+/
UBE4YCfAOQw5NpuBdvPmR34KxNhld2L3esPhP90dA0HAkLNa4euJgOeHvOZsQTUP
bR3tyy/gxxXPrMr9FG8sLPENSm+UyaT36M6CeOBGlYPkhl8BtRYl1WbfGu6oX07t
/FSIwDKZx4EZCTIEl7LO0qoEhiVKE6fKVBU+x11nCG7kkb2imCMMsRjsZpNti6Dj
ImNupBf9ppMZmTFf6cImQvqsjbaayL+fgq4E+6jyRHIKE0lx9PoM+3J8UZj1DVht
UbftfpA/bc0TiQiiwe9uquf/1CMGOCEpcpClbS24pM7VdyHvqgUEW6Z5jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKoNRxNe6IpUsoLIepmBNlYebHWMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+LKUDWP
fSirTZBAqn3LW5d3VRwdiPA5g/mifZATkBkbihLHFHlLmKdOpLalEDoyPpLxSvnl
VdWW/OKk+DFRqjXVQYNhXgLeRKN8ZwdW9dAc2UdtXhkyNU1tdV1ohhe730MYDukZ
fI+Z1hPNKiABAP0fpkr4zH8LIx7CLcRAqRlRD78He+JoFIwHSJexSosxsyaaDgYC
bHoGS6XgsX2G17xVo3A7CQiXcZ1o8e3In8dsnjFs6nDJSgY0r0DZ5sxROqhRsGiV
V0C6/Mzl6sjTfyRyg/WRg/R5R5NypczzExZRHHStxImae7pUzp/7qVtHdxCvhj4h
qDLz1/Kw1JvkGQ==
-----END CERTIFICATE-----