Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          kW9JtyFTINtJT+sizGSSOmrigBm0+qNfNviFBIvlzsc=
Subject key identifier:   D2:62:AD:B2:5F:8B:32:5D:1F:A1:60:01:33:9A:AA:9A:3A:C4:D1:94
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       018F41C3A06AE2476177008FF9E77E9AA893
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0631
Signing time:             Sat 04 May 2024 04:01:30 +0000
Manifest this update:     Sat 04 May 2024 04:01:30 +0000
Manifest next update:     Sun 05 May 2024 04:01:30 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: b0h0WOpll6ySkVQpvHk/MdNv5Emekk6YrXf0rQmxd9A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 04:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:41:c3:a0:6a:e2:47:61:77:00:8f:f9:e7:7e:9a:a8:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: May  4 04:01:30 2024 GMT
            Not After : May  5 04:01:30 2024 GMT
        Subject: CN=d262adb25f8b325d1fa16001339aaa9a3ac4d194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fd:d2:2d:85:f2:86:d1:1e:6d:47:93:09:70:
                    4d:33:68:c0:ee:ea:a9:29:e7:73:5f:e7:36:bd:90:
                    ae:cc:c0:9a:92:90:6d:84:cc:aa:ed:7a:93:d0:84:
                    13:08:55:28:e4:1a:b6:89:8b:85:7e:c1:70:ca:47:
                    20:e6:99:fa:95:f6:f0:02:20:5b:70:2f:f8:d4:7e:
                    0a:81:f4:a9:78:02:88:1c:04:b1:c5:60:93:83:29:
                    e0:85:0c:b1:0b:4a:02:2b:91:e4:dd:16:1c:35:0c:
                    f6:55:88:de:46:63:66:72:51:fc:cc:a8:1b:10:5b:
                    b1:cf:2a:bd:eb:c5:3f:37:5a:f2:99:85:c1:91:3d:
                    f9:23:a5:79:37:df:3c:7f:31:b0:61:22:03:aa:f6:
                    82:e0:ba:89:a0:db:94:a2:69:e7:ce:cd:3e:91:df:
                    a5:79:25:27:e3:b3:2b:01:67:0f:6f:20:cc:88:a3:
                    04:4c:60:49:42:d5:f0:9b:ae:20:f4:61:a6:2b:05:
                    94:1c:1d:60:75:95:43:8f:ef:43:ec:9e:69:a2:8a:
                    b6:c4:88:55:1c:1d:d9:12:a7:88:07:ec:9d:f7:0c:
                    53:3c:33:b7:6e:17:4e:06:21:80:3c:1d:7b:78:17:
                    34:23:12:eb:d3:0e:93:dd:ff:fd:43:ac:35:25:da:
                    a1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:62:AD:B2:5F:8B:32:5D:1F:A1:60:01:33:9A:AA:9A:3A:C4:D1:94
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:f4:15:74:38:78:fd:37:55:5e:23:26:c2:4a:36:41:3c:35:
         50:dc:62:4a:95:e0:e3:79:25:c4:dd:80:de:1d:35:d1:c5:64:
         b9:4d:67:c9:b2:fa:14:93:d3:14:31:e9:39:81:30:f4:55:ca:
         2d:29:fe:d0:2f:62:d8:a7:d6:33:cd:16:08:f5:17:b0:06:63:
         c7:cb:c9:83:fe:25:c6:f4:67:6f:72:38:9a:f1:71:0a:f3:a4:
         84:c5:0e:bd:9e:37:7f:9c:11:c2:55:a6:e6:e6:d6:f8:f7:f3:
         4f:98:1d:9b:cc:10:16:36:14:93:c8:5a:37:86:ec:47:16:dd:
         92:5f:19:86:5b:bf:e2:a3:04:84:6c:21:39:ba:64:83:df:e8:
         e4:b4:ca:1b:d6:9f:54:6e:69:9a:12:09:e0:90:cf:76:cc:d8:
         8c:21:d2:d0:9c:2e:9b:ea:6d:81:d5:c5:f4:bf:f1:c5:25:52:
         67:43:8d:1d:c8:77:be:12:e0:12:7a:a5:fd:eb:a0:d8:7d:fb:
         38:a7:3b:f0:2b:38:da:b0:f2:ee:34:f9:16:97:a9:2c:1d:f7:
         72:ef:7f:d7:93:f0:bd:22:eb:14:a7:f3:46:cd:06:51:a2:35:
         a0:87:28:6a:2c:cf:89:04:23:64:74:87:88:14:c6:58:1d:c6:
         8d:7d:5a:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Bw6Bq4kdhdwCP+ed+mqiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjQwNTA0MDQwMTMwWhcNMjQwNTA1MDQwMTMwWjAzMTEwLwYDVQQD
EyhkMjYyYWRiMjVmOGIzMjVkMWZhMTYwMDEzMzlhYWE5YTNhYzRkMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv3SLYXyhtEebUeTCXBNM2jA7uqp
KedzX+c2vZCuzMCakpBthMyq7XqT0IQTCFUo5Bq2iYuFfsFwykcg5pn6lfbwAiBb
cC/41H4KgfSpeAKIHASxxWCTgynghQyxC0oCK5Hk3RYcNQz2VYjeRmNmclH8zKgb
EFuxzyq968U/N1rymYXBkT35I6V5N988fzGwYSIDqvaC4LqJoNuUomnnzs0+kd+l
eSUn47MrAWcPbyDMiKMETGBJQtXwm64g9GGmKwWUHB1gdZVDj+9D7J5pooq2xIhV
HB3ZEqeIB+yd9wxTPDO3bhdOBiGAPB17eBc0IxLr0w6T3f/9Q6w1Jdqh6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJirbJfizJdH6FgATOaqpo6xNGUMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ/QVdDh4
/TdVXiMmwko2QTw1UNxiSpXg43klxN2A3h010cVkuU1nybL6FJPTFDHpOYEw9FXK
LSn+0C9i2KfWM80WCPUXsAZjx8vJg/4lxvRnb3I4mvFxCvOkhMUOvZ43f5wRwlWm
5ubW+PfzT5gdm8wQFjYUk8haN4bsRxbdkl8Zhlu/4qMEhGwhObpkg9/o5LTKG9af
VG5pmhIJ4JDPdszYjCHS0Jwum+ptgdXF9L/xxSVSZ0ONHch3vhLgEnql/eug2H37
OKc78Cs42rDy7jT5FpepLB33cu9/15PwvSLrFKfzRs0GUaI1oIcoaizPiQQjZHSH
iBTGWB3GjX1anQ==
-----END CERTIFICATE-----