Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          BfQptUVn2HmzRt61FpzVW83rwAvsiM43xPVxSX4rt7Q=
Subject key identifier:   22:6D:49:39:AD:70:50:CA:50:82:28:50:55:F6:BA:27:3E:16:97:CF
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       019407218D0D8D373DCA33760021FDAFB5E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          0651
Signing time:             Fri 27 Dec 2024 08:00:26 +0000
Manifest this update:     Fri 27 Dec 2024 08:00:26 +0000
Manifest next update:     Sat 28 Dec 2024 08:00:26 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: AKEqjoxxjZSWGfha3PqI4nRK8bBshEgjBTA1Dti1ccI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:21:8d:0d:8d:37:3d:ca:33:76:00:21:fd:af:b5:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Dec 27 08:00:26 2024 GMT
            Not After : Dec 28 08:00:26 2024 GMT
        Subject: CN=226d4939ad7050ca5082285055f6ba273e1697cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:75:bc:ed:16:36:fc:88:91:75:e0:f6:32:b0:
                    1b:60:7a:37:5d:37:d7:60:ea:f3:0e:34:7f:f8:49:
                    10:68:c0:4e:2e:43:c9:b4:37:ee:92:32:f6:8e:33:
                    5f:b7:d1:de:b4:02:3b:4e:0c:4f:dc:04:2b:7c:4d:
                    6f:2e:ec:03:5e:fb:2e:5e:c4:d3:1a:da:35:1c:61:
                    85:47:04:42:80:cd:25:77:e2:5c:12:de:93:f3:80:
                    64:0c:88:fc:89:4b:92:0c:3e:08:66:68:21:d1:33:
                    81:58:32:02:34:aa:bd:34:f2:25:4d:87:5c:97:a3:
                    89:18:c8:f2:4e:9c:2d:b2:ba:70:27:47:a9:8c:5b:
                    c3:50:96:70:bf:5e:b0:19:0c:7e:c5:60:78:fc:cb:
                    be:12:37:0f:be:ce:71:d8:37:61:e0:d0:e2:0a:95:
                    34:27:24:55:63:31:be:e8:66:3d:66:b2:5c:ba:84:
                    b2:4a:1a:c7:7c:b1:3a:16:2b:72:54:c1:1c:84:a9:
                    1a:b8:9e:46:f2:02:02:62:57:05:85:41:57:8b:22:
                    36:de:21:ba:70:f4:96:aa:53:1d:33:40:d9:a4:c9:
                    c5:ef:0c:eb:16:6c:08:02:af:c7:cb:38:86:69:f0:
                    8b:75:fc:fe:83:bb:e6:73:cd:31:81:e8:b9:89:46:
                    2d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:6D:49:39:AD:70:50:CA:50:82:28:50:55:F6:BA:27:3E:16:97:CF
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:a8:a6:ec:11:b1:3f:17:a6:05:5c:fe:25:0b:a1:18:40:c7:
         de:8f:ec:d8:14:60:8a:d2:57:0b:3b:c5:33:6a:f2:6b:1a:02:
         52:78:7f:a5:3e:2f:fd:6e:5c:68:7e:fb:26:1d:93:76:05:24:
         8a:c4:42:85:06:b2:58:b0:2f:e8:b8:c3:f6:c5:53:e9:40:64:
         d0:64:ab:05:23:61:fb:54:bc:6a:eb:c0:e5:17:5f:f8:c1:b7:
         e3:29:b5:dd:78:ca:0f:53:3c:4c:3a:f6:04:6d:f5:70:c6:04:
         22:ba:b5:bc:01:54:1b:40:fc:4d:0f:41:78:ff:f1:02:57:62:
         0c:53:7b:94:b4:53:ef:48:8a:f0:5f:a6:ff:00:7c:70:f9:25:
         ee:c9:16:6a:87:c0:ac:77:94:3e:2a:03:f6:41:40:ff:1c:ee:
         54:9c:5f:af:2a:e7:39:db:dd:a9:7d:4d:02:c5:90:d9:86:0e:
         67:c7:bb:a3:38:5d:36:9d:89:b9:4e:2a:86:1b:ae:96:63:d3:
         3e:8c:6e:60:6d:28:19:9a:73:f5:6c:e2:27:0f:aa:d2:82:56:
         80:c7:6e:81:c0:97:b6:b5:bf:26:d6:85:5f:5d:e9:bc:11:52:
         96:76:4d:37:35:ea:26:15:89:41:06:c9:72:51:1f:de:f5:aa:
         a2:a1:28:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQHIY0NjTc9yjN2ACH9r7XkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjQxMjI3MDgwMDI2WhcNMjQxMjI4MDgwMDI2WjAzMTEwLwYDVQQD
EygyMjZkNDkzOWFkNzA1MGNhNTA4MjI4NTA1NWY2YmEyNzNlMTY5N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnW87RY2/IiRdeD2MrAbYHo3XTfX
YOrzDjR/+EkQaMBOLkPJtDfukjL2jjNft9HetAI7TgxP3AQrfE1vLuwDXvsuXsTT
Gto1HGGFRwRCgM0ld+JcEt6T84BkDIj8iUuSDD4IZmgh0TOBWDICNKq9NPIlTYdc
l6OJGMjyTpwtsrpwJ0epjFvDUJZwv16wGQx+xWB4/Mu+EjcPvs5x2Ddh4NDiCpU0
JyRVYzG+6GY9ZrJcuoSyShrHfLE6FityVMEchKkauJ5G8gICYlcFhUFXiyI23iG6
cPSWqlMdM0DZpMnF7wzrFmwIAq/HyziGafCLdfz+g7vmc80xgei5iUYtQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJtSTmtcFDKUIIoUFX2uic+FpfPMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqim7BGx
PxemBVz+JQuhGEDH3o/s2BRgitJXCzvFM2ryaxoCUnh/pT4v/W5caH77Jh2TdgUk
isRChQayWLAv6LjD9sVT6UBk0GSrBSNh+1S8auvA5Rdf+MG34ym13XjKD1M8TDr2
BG31cMYEIrq1vAFUG0D8TQ9BeP/xAldiDFN7lLRT70iK8F+m/wB8cPkl7skWaofA
rHeUPioD9kFA/xzuVJxfryrnOdvdqX1NAsWQ2YYOZ8e7ozhdNp2JuU4qhhuulmPT
PoxuYG0oGZpz9WziJw+q0oJWgMdugcCXtrW/JtaFX13pvBFSlnZNNzXqJhWJQQbJ
clEf3vWqoqEoYQ==
-----END CERTIFICATE-----