Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          Eh3fqodrQVsaZciS+HJeDBZZ2mir/gyKuhQ/wyZ0zAg=
Subject key identifier:   9C:66:F8:79:8E:73:9F:12:95:9D:28:67:A2:29:3B:CA:CC:41:4C:78
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       01936B222162C3126685E8B793E5218C3D7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          1379
Signing time:             Wed 27 Nov 2024 01:00:19 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:19 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:19 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: K4FAOwKASEtSiMOJUrqT3qmNWS5FCLYFIlXzG1QaoZw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:21:62:c3:12:66:85:e8:b7:93:e5:21:8c:3d:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: Nov 27 01:00:19 2024 GMT
            Not After : Nov 28 01:00:19 2024 GMT
        Subject: CN=9c66f8798e739f12959d2867a2293bcacc414c78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:12:dd:09:50:ec:ee:8a:c1:27:78:3c:42:4a:
                    5e:82:09:6a:24:45:cb:30:0e:53:78:09:2d:ad:d9:
                    3b:26:10:61:60:03:8d:c7:a7:81:0e:33:cb:e3:ea:
                    f5:ec:4d:46:6d:65:68:f7:80:af:7a:4c:40:4e:cb:
                    cd:cf:f6:a3:19:9f:e4:63:54:7e:af:19:11:fc:7c:
                    70:76:c3:1f:f4:fd:2b:29:ef:3d:ed:86:da:4e:ed:
                    08:3d:16:fc:43:47:47:fd:a9:52:00:f0:1c:59:6e:
                    f5:2b:8d:c6:85:27:b2:2d:c8:a6:cc:4e:08:2d:62:
                    ec:39:3d:6b:94:c9:eb:87:24:b8:ec:69:d6:ce:6e:
                    d3:98:d8:15:fd:88:07:9d:22:63:83:ca:8b:94:e4:
                    b3:fa:b8:12:5a:65:63:11:e7:26:35:12:c1:f2:72:
                    56:33:19:cd:64:12:20:1f:a7:21:32:6b:fb:86:1a:
                    e5:53:72:f7:ce:cb:fb:18:c3:4f:a3:cb:12:1a:a3:
                    a2:ec:56:f3:1d:77:78:ce:3a:94:6d:f0:c6:c0:96:
                    d1:02:89:99:db:54:3e:88:32:22:cf:57:19:a7:e0:
                    df:7b:9d:94:98:52:d1:6b:d8:33:7b:f3:ae:86:f0:
                    37:62:54:00:e4:d1:f4:da:7c:5c:ff:14:f7:e8:2c:
                    4d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:66:F8:79:8E:73:9F:12:95:9D:28:67:A2:29:3B:CA:CC:41:4C:78
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:1a:4d:09:52:66:81:82:e4:ef:6f:fd:91:e6:a4:4b:c0:3e:
         85:81:df:23:06:df:e6:bb:7e:c3:fc:bd:83:c7:0e:5a:d9:15:
         61:51:9d:d3:39:68:a0:b1:a9:30:a0:1e:b8:fd:94:e9:75:fd:
         95:76:89:8b:53:2f:57:9e:1f:6c:47:ee:cd:54:75:41:bb:b7:
         66:5a:1a:34:46:3a:37:64:b0:8c:fb:e9:69:8e:ba:04:01:00:
         1a:2f:33:c7:95:8b:dd:7a:7a:17:24:63:2e:d9:18:22:a3:24:
         3f:23:6e:5e:82:13:8d:54:04:41:79:5d:cc:ca:28:8c:d4:32:
         31:41:b6:1f:8f:7f:09:38:42:6a:ee:d1:5d:7a:30:cc:36:a5:
         c9:31:62:79:a5:8a:33:54:99:3f:09:62:48:b6:91:a0:ac:5e:
         64:81:99:7e:8c:52:eb:df:01:2e:db:eb:aa:8e:43:68:05:3c:
         ff:8d:ca:b8:d9:57:ea:1e:b9:a5:14:3b:ba:de:e4:2b:3c:d4:
         f9:a1:74:17:99:65:da:61:20:eb:dd:c4:a8:2f:0b:40:a2:27:
         97:1a:50:51:bb:e5:98:16:c6:96:39:60:e8:ab:ca:32:7b:fe:
         dc:b6:39:b6:93:e0:bf:27:c3:73:68:4e:7c:6d:16:61:aa:4c:
         17:28:bd:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIiFiwxJmhei3k+UhjD19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjQxMTI3MDEwMDE5WhcNMjQxMTI4MDEwMDE5WjAzMTEwLwYDVQQD
Eyg5YzY2Zjg3OThlNzM5ZjEyOTU5ZDI4NjdhMjI5M2JjYWNjNDE0Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRLdCVDs7orBJ3g8QkpegglqJEXL
MA5TeAktrdk7JhBhYAONx6eBDjPL4+r17E1GbWVo94CvekxATsvNz/ajGZ/kY1R+
rxkR/HxwdsMf9P0rKe897YbaTu0IPRb8Q0dH/alSAPAcWW71K43GhSeyLcimzE4I
LWLsOT1rlMnrhyS47GnWzm7TmNgV/YgHnSJjg8qLlOSz+rgSWmVjEecmNRLB8nJW
MxnNZBIgH6chMmv7hhrlU3L3zsv7GMNPo8sSGqOi7FbzHXd4zjqUbfDGwJbRAomZ
21Q+iDIiz1cZp+Dfe52UmFLRa9gze/OuhvA3YlQA5NH02nxc/xT36CxNJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxm+HmOc58SlZ0oZ6IpO8rMQUx4MB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBpNCVJm
gYLk72/9keakS8A+hYHfIwbf5rt+w/y9g8cOWtkVYVGd0zlooLGpMKAeuP2U6XX9
lXaJi1MvV54fbEfuzVR1Qbu3ZloaNEY6N2SwjPvpaY66BAEAGi8zx5WL3Xp6FyRj
LtkYIqMkPyNuXoITjVQEQXldzMoojNQyMUG2H49/CThCau7RXXowzDalyTFieaWK
M1SZPwliSLaRoKxeZIGZfoxS698BLtvrqo5DaAU8/43KuNlX6h65pRQ7ut7kKzzU
+aF0F5ll2mEg693EqC8LQKInlxpQUbvlmBbGljlg6KvKMnv+3LY5tpPgvyfDc2hO
fG0WYapMFyi9zg==
-----END CERTIFICATE-----