Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          IKymVAarxbHKmlMc0zsETAC3yt3V/+o32tQdtBOScMM=
Subject key identifier:   0E:75:27:E9:77:7D:63:AF:7D:6A:7D:33:A3:96:0F:01:AF:1C:6D:A7
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       018F37092EE72A61732B3483DC1A1253CA37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          03D3
Signing time:             Thu 02 May 2024 02:01:39 +0000
Manifest this update:     Thu 02 May 2024 02:01:39 +0000
Manifest next update:     Fri 03 May 2024 02:01:39 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: ObF8zbDgdm4k3jq8Cm0Taz0599jUszQHnn6Dj6FF2CI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 23:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:37:09:2e:e7:2a:61:73:2b:34:83:dc:1a:12:53:ca:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: May  2 02:01:39 2024 GMT
            Not After : May  3 02:01:39 2024 GMT
        Subject: CN=0e7527e9777d63af7d6a7d33a3960f01af1c6da7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:24:e3:45:17:47:b7:e9:18:22:30:bb:67:df:
                    d0:54:3a:9c:af:5f:76:9b:3e:f6:3a:11:56:5b:6a:
                    86:14:78:45:9b:5d:35:5f:85:b1:43:2b:63:12:73:
                    a0:ea:0d:ce:e0:87:56:04:c7:3b:22:3d:93:a7:96:
                    9d:4b:ea:94:81:21:8f:5f:07:70:7f:77:02:40:77:
                    be:19:57:e3:96:18:09:40:e1:03:0c:9c:ef:82:e9:
                    36:11:02:50:c2:a2:c3:77:55:71:6f:c8:08:88:8e:
                    49:db:80:3a:c5:7f:02:1c:bb:cf:cc:e6:2f:1c:7b:
                    0d:0c:6b:e7:38:32:30:1b:f9:06:e3:b3:8e:93:8a:
                    3c:b6:5f:34:05:ef:c0:72:b2:68:56:ac:d6:23:b7:
                    c8:7e:e5:a5:94:9e:bb:14:7b:d3:65:76:48:16:0c:
                    ed:7a:f4:98:cd:74:ab:26:82:07:b3:c2:65:4f:b6:
                    cc:0a:c5:7a:63:d5:af:92:4a:2c:4b:fa:81:40:47:
                    15:4b:85:d8:a9:5c:c4:8a:61:5d:b6:26:e3:5d:fc:
                    d3:8f:38:fc:09:4b:f8:c7:a3:e7:88:eb:d9:69:21:
                    23:b3:c5:0d:87:70:73:7c:d2:88:7a:0d:da:f3:88:
                    71:c9:a3:c2:69:06:75:fe:de:23:1c:d7:7f:9f:09:
                    9f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:75:27:E9:77:7D:63:AF:7D:6A:7D:33:A3:96:0F:01:AF:1C:6D:A7
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:46:b9:63:71:98:ce:a0:ed:29:36:9c:01:b9:dd:49:8b:2c:
         62:42:64:f4:e2:fa:8b:e5:34:88:3b:dc:07:ac:03:e6:1d:4f:
         70:71:e2:a2:67:d6:7a:34:33:fb:74:3d:98:3c:3c:fe:e0:5f:
         e3:f4:4f:fe:37:80:0a:fb:1c:f6:b1:65:b0:da:ed:32:60:3d:
         67:75:cb:1d:0c:53:07:a2:03:b2:0d:c6:92:29:a3:0c:16:df:
         2b:e5:cb:2d:c5:4f:7b:14:fa:e5:c0:c6:47:cb:72:49:8a:ce:
         f8:98:52:65:67:69:f0:ba:6c:77:7e:86:02:f2:75:ff:d2:4d:
         8c:9d:04:51:49:6e:08:d1:b9:c4:13:6a:e3:23:6f:5d:64:a8:
         c3:6e:3d:8f:e1:fa:70:00:84:70:bd:59:88:e3:6c:89:2c:60:
         0f:e5:20:41:57:31:2a:49:c9:70:13:20:69:dc:14:d9:87:4b:
         8a:cc:4a:bd:ce:0c:39:87:08:3c:7a:65:4c:27:3d:b8:37:a8:
         29:86:ed:3d:31:d1:09:68:21:dd:0c:d1:ea:6c:e5:12:b7:81:
         ae:65:65:e0:8e:fe:ad:01:09:7b:b3:f6:d1:76:1e:2f:ea:af:
         e1:1c:47:58:49:00:07:59:d0:4d:a6:63:0e:72:6a:3f:2f:6d:
         c9:41:21:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY83CS7nKmFzKzSD3BoSU8o3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjQwNTAyMDIwMTM5WhcNMjQwNTAzMDIwMTM5WjAzMTEwLwYDVQQD
EygwZTc1MjdlOTc3N2Q2M2FmN2Q2YTdkMzNhMzk2MGYwMWFmMWM2ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTjRRdHt+kYIjC7Z9/QVDqcr192
mz72OhFWW2qGFHhFm101X4WxQytjEnOg6g3O4IdWBMc7Ij2Tp5adS+qUgSGPXwdw
f3cCQHe+GVfjlhgJQOEDDJzvguk2EQJQwqLDd1Vxb8gIiI5J24A6xX8CHLvPzOYv
HHsNDGvnODIwG/kG47OOk4o8tl80Be/AcrJoVqzWI7fIfuWllJ67FHvTZXZIFgzt
evSYzXSrJoIHs8JlT7bMCsV6Y9WvkkosS/qBQEcVS4XYqVzEimFdtibjXfzTjzj8
CUv4x6PniOvZaSEjs8UNh3BzfNKIeg3a84hxyaPCaQZ1/t4jHNd/nwmfdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA51J+l3fWOvfWp9M6OWDwGvHG2nMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0a5Y3GY
zqDtKTacAbndSYssYkJk9OL6i+U0iDvcB6wD5h1PcHHiomfWejQz+3Q9mDw8/uBf
4/RP/jeACvsc9rFlsNrtMmA9Z3XLHQxTB6IDsg3GkimjDBbfK+XLLcVPexT65cDG
R8tySYrO+JhSZWdp8Lpsd36GAvJ1/9JNjJ0EUUluCNG5xBNq4yNvXWSow249j+H6
cACEcL1ZiONsiSxgD+UgQVcxKknJcBMgadwU2YdLisxKvc4MOYcIPHplTCc9uDeo
KYbtPTHRCWgh3QzR6mzlEreBrmVl4I7+rQEJe7P20XYeL+qv4RxHWEkAB1nQTaZj
DnJqPy9tyUEh6g==
-----END CERTIFICATE-----