Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          gIDV7aAGNY9VJE1hiP6onUpxsoYo/FUiYRj4gi3gb54=
Subject key identifier:   C7:9F:0A:BA:94:BD:30:B9:42:45:9C:3C:9F:2C:A9:71:C0:D4:BD:E5
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       0191FA7E0F995068DD7E22749639B08529CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          F0
Signing time:             Mon 16 Sep 2024 11:00:50 +0000
Manifest this update:     Mon 16 Sep 2024 11:00:50 +0000
Manifest next update:     Tue 17 Sep 2024 11:00:50 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: zjj6kdEIPF8iyYwqlzi7MzxOuxmSu6g58+xUNe7bsz8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 11:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:7e:0f:99:50:68:dd:7e:22:74:96:39:b0:85:29:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Sep 16 11:00:50 2024 GMT
            Not After : Sep 17 11:00:50 2024 GMT
        Subject: CN=c79f0aba94bd30b942459c3c9f2ca971c0d4bde5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a2:ca:b4:b0:d0:69:d7:bc:ba:0f:43:d4:6c:
                    9c:4f:e3:f1:35:4a:1b:96:e8:fe:bd:aa:11:aa:4c:
                    2d:41:9a:35:5c:41:d7:14:0d:af:ef:e2:97:3d:55:
                    05:40:f8:8e:9f:61:a9:58:49:6e:73:4f:ec:b5:20:
                    5d:1f:30:a2:2a:0e:b4:10:84:cb:e4:dd:df:0a:da:
                    6c:2a:c5:c8:0e:6d:6a:1e:b4:ff:2d:e6:3d:82:3a:
                    89:b7:8f:8e:04:ca:60:3c:a1:ab:41:1c:56:79:36:
                    17:b5:61:ab:73:48:09:06:ef:9a:bf:d7:89:7a:f9:
                    4e:d8:97:a5:a7:1b:d2:f4:7c:9c:3a:b9:be:81:87:
                    a5:15:7b:e6:d4:14:33:e4:0a:27:5a:35:c7:53:0a:
                    ec:8e:ad:29:0c:28:c6:e2:96:ef:62:75:af:17:54:
                    c1:3b:a1:a5:f1:47:c7:3b:f2:bc:32:03:3d:f9:7a:
                    f8:3b:b1:94:52:e3:4b:60:93:4c:3a:b4:fc:46:ea:
                    f7:91:ca:59:d2:f3:80:12:8d:a5:a4:f5:71:81:0a:
                    50:f5:50:aa:11:c4:52:44:d6:77:5e:f1:af:62:06:
                    bd:ef:10:fd:a1:89:e4:66:e7:c9:e6:9a:80:7c:ee:
                    28:97:67:a3:ff:06:0c:ae:f3:7a:49:8c:e4:8e:cf:
                    e1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:9F:0A:BA:94:BD:30:B9:42:45:9C:3C:9F:2C:A9:71:C0:D4:BD:E5
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b1:53:f5:96:ed:43:54:d3:43:fc:f7:b8:d5:2a:54:3c:c8:
         27:04:c2:1d:7a:5b:19:47:4f:41:9a:03:6a:5b:18:3c:47:54:
         3c:c3:ec:0c:52:1d:29:d3:b2:2b:60:52:d5:63:69:2c:56:f7:
         95:e0:b8:00:27:3c:1d:84:8c:7f:f7:12:74:38:60:5b:26:6b:
         78:85:8c:4a:4d:31:da:00:18:58:98:bf:6d:cd:d0:a1:6d:44:
         b6:70:7c:35:ab:7c:b3:c6:dd:d6:43:72:ed:b6:d6:2c:99:39:
         9b:12:ca:80:21:00:a9:5a:55:12:67:94:4e:18:89:05:7f:2c:
         c1:4a:62:11:f2:9f:f8:7f:ef:e1:8e:60:d6:20:a8:33:50:73:
         ad:9b:d1:3d:07:a0:d9:01:fc:da:e5:85:b0:0d:47:7c:fb:49:
         2e:3b:79:f4:50:29:20:58:65:bc:c1:7c:c6:29:03:be:d8:c6:
         92:fb:c9:97:58:3e:25:19:78:c0:1e:81:2a:61:c7:42:67:5f:
         61:66:51:f9:c4:76:20:08:3a:9b:b4:4f:eb:db:e0:40:75:ed:
         a3:0a:21:d6:b0:94:44:dc:97:ce:b7:b2:2e:80:a0:eb:47:44:
         0a:75:19:53:e5:dd:0b:ab:fc:a4:44:49:60:cd:f3:7f:d4:e0:
         57:26:60:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6fg+ZUGjdfiJ0ljmwhSnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjQwOTE2MTEwMDUwWhcNMjQwOTE3MTEwMDUwWjAzMTEwLwYDVQQD
EyhjNzlmMGFiYTk0YmQzMGI5NDI0NTljM2M5ZjJjYTk3MWMwZDRiZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqLKtLDQade8ug9D1GycT+PxNUob
luj+vaoRqkwtQZo1XEHXFA2v7+KXPVUFQPiOn2GpWEluc0/stSBdHzCiKg60EITL
5N3fCtpsKsXIDm1qHrT/LeY9gjqJt4+OBMpgPKGrQRxWeTYXtWGrc0gJBu+av9eJ
evlO2JelpxvS9HycOrm+gYelFXvm1BQz5AonWjXHUwrsjq0pDCjG4pbvYnWvF1TB
O6Gl8UfHO/K8MgM9+Xr4O7GUUuNLYJNMOrT8Rur3kcpZ0vOAEo2lpPVxgQpQ9VCq
EcRSRNZ3XvGvYga97xD9oYnkZufJ5pqAfO4ol2ej/wYMrvN6SYzkjs/hHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMefCrqUvTC5QkWcPJ8sqXHA1L3lMB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWLFT9Zbt
Q1TTQ/z3uNUqVDzIJwTCHXpbGUdPQZoDalsYPEdUPMPsDFIdKdOyK2BS1WNpLFb3
leC4ACc8HYSMf/cSdDhgWyZreIWMSk0x2gAYWJi/bc3QoW1EtnB8Nat8s8bd1kNy
7bbWLJk5mxLKgCEAqVpVEmeUThiJBX8swUpiEfKf+H/v4Y5g1iCoM1BzrZvRPQeg
2QH82uWFsA1HfPtJLjt59FApIFhlvMF8xikDvtjGkvvJl1g+JRl4wB6BKmHHQmdf
YWZR+cR2IAg6m7RP69vgQHXtowoh1rCURNyXzreyLoCg60dECnUZU+XdC6v8pERJ
YM3zf9TgVyZgPw==
-----END CERTIFICATE-----