Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
File:                     hGhM2vJd5AvvwejkIoWo1ew4kEc.mft (raw, json)
Hash identifier:          //iCByFzzzuMe3U3vkI/kqg/U9Nn3LeYQJ13ZuEXXJA=
Subject key identifier:   23:29:F1:B5:06:7C:85:1C:14:2C:AA:D8:04:EB:D3:CE:17:B4:F9:D9
Authority key identifier: 84:68:4C:DA:F2:5D:E4:0B:EF:C1:E8:E4:22:85:A8:D5:EC:38:90:47
Certificate issuer:       /CN=84684cdaf25de40befc1e8e42285a8d5ec389047
Certificate serial:       0192EF8982FA53203DBEFD7B27E993009F88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
Manifest number:          0158
Signing time:             Sun 03 Nov 2024 01:00:19 +0000
Manifest this update:     Sun 03 Nov 2024 01:00:19 +0000
Manifest next update:     Mon 04 Nov 2024 01:00:19 +0000
Files and hashes:         1: hGhM2vJd5AvvwejkIoWo1ew4kEc.crl (hash: 5R+B+59OJ3JMADpxonYlNv3JUbOe5AigKqz3sZeE+ao=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 01:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:ef:89:82:fa:53:20:3d:be:fd:7b:27:e9:93:00:9f:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84684cdaf25de40befc1e8e42285a8d5ec389047
        Validity
            Not Before: Nov  3 01:00:19 2024 GMT
            Not After : Nov  4 01:00:19 2024 GMT
        Subject: CN=2329f1b5067c851c142caad804ebd3ce17b4f9d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1b:34:e5:87:e7:28:27:0e:c1:81:41:cf:88:
                    8e:2b:b4:1d:1c:8f:c2:0c:1c:69:44:bb:2a:e7:b7:
                    c1:03:32:63:52:3c:2e:a2:c1:19:0c:b2:d5:2b:f2:
                    f0:77:f6:5c:90:70:7a:4c:26:05:e9:83:22:12:a2:
                    b6:e9:03:50:8b:3e:ce:81:1f:f5:ca:d4:a7:0d:51:
                    e7:a6:c4:6b:c2:94:5b:69:ea:13:be:d8:03:69:93:
                    8a:20:82:7b:8d:98:e7:bf:ca:fd:a8:ad:66:90:f6:
                    ca:65:94:59:ed:19:e4:cb:25:05:28:97:87:3b:8b:
                    36:5a:2b:72:04:7d:2d:a0:41:0b:9f:f2:29:e2:ce:
                    87:d7:4b:0a:62:f1:2b:92:a3:09:34:db:5b:33:1d:
                    18:c2:eb:f7:6c:d1:48:f0:62:0b:e5:bf:40:77:da:
                    42:9b:af:50:e2:35:a0:18:5b:31:01:37:43:e5:8d:
                    6d:bb:c8:a7:e3:fc:96:c0:ed:63:74:0a:2f:89:36:
                    43:9b:c1:1d:2c:53:28:24:d1:9b:bb:f7:27:81:5f:
                    44:37:74:dd:a8:35:5d:9e:f3:cf:3d:5f:23:1a:26:
                    34:3d:bf:5b:93:e1:2b:b1:04:fa:51:47:a4:01:3a:
                    54:55:ef:a9:c8:4f:98:78:df:84:98:89:59:fb:5a:
                    ac:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:29:F1:B5:06:7C:85:1C:14:2C:AA:D8:04:EB:D3:CE:17:B4:F9:D9
            X509v3 Authority Key Identifier:
                keyid:84:68:4C:DA:F2:5D:E4:0B:EF:C1:E8:E4:22:85:A8:D5:EC:38:90:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:76:cf:a9:9f:b0:da:bc:96:96:e0:30:50:2a:30:8f:bb:ad:
         ee:81:b8:db:88:12:43:93:4c:5d:e4:0c:a6:ba:b2:d4:d5:a2:
         ac:72:20:f2:49:fe:68:e2:13:b3:c2:be:c8:45:33:ea:15:34:
         e6:b3:a1:6e:b7:2a:5c:c2:01:dc:ef:37:3c:fd:e1:22:8c:a7:
         8a:1c:2b:d2:c2:4c:ca:03:c1:7c:49:e8:26:e4:89:e9:c4:69:
         0b:67:c5:78:c7:38:fb:0d:75:64:e6:d6:6a:10:ab:e0:9e:06:
         72:2a:02:a5:a1:d1:41:67:e8:4e:cb:2b:d5:a0:5e:5e:24:1e:
         6b:5d:5f:e2:80:a3:86:99:51:43:eb:ce:0e:2f:08:00:bd:78:
         ec:ee:ac:08:7d:23:d9:c6:bc:77:cb:2b:37:7f:23:51:d7:92:
         48:84:f6:71:3a:56:8e:c7:e2:a0:ae:61:94:16:0d:a6:43:2c:
         95:b2:22:91:06:dc:3b:ed:23:43:44:18:9e:0a:c2:af:06:07:
         19:68:9c:34:35:49:6d:4e:93:20:66:cc:0f:3a:a9:ce:c1:d3:
         33:82:15:f0:5d:11:63:5a:c8:f0:9e:8c:70:fa:90:45:9d:c9:
         a0:31:3c:0a:97:7e:bc:75:c6:c0:a6:bc:c8:5c:4d:37:87:ae:
         a0:3d:d4:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZLviYL6UyA9vv17J+mTAJ+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njg0Y2RhZjI1ZGU0MGJlZmMxZThlNDIyODVhOGQ1ZWMz
ODkwNDcwHhcNMjQxMTAzMDEwMDE5WhcNMjQxMTA0MDEwMDE5WjAzMTEwLwYDVQQD
EygyMzI5ZjFiNTA2N2M4NTFjMTQyY2FhZDgwNGViZDNjZTE3YjRmOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xs05YfnKCcOwYFBz4iOK7QdHI/C
DBxpRLsq57fBAzJjUjwuosEZDLLVK/Lwd/ZckHB6TCYF6YMiEqK26QNQiz7OgR/1
ytSnDVHnpsRrwpRbaeoTvtgDaZOKIIJ7jZjnv8r9qK1mkPbKZZRZ7RnkyyUFKJeH
O4s2WityBH0toEELn/Ip4s6H10sKYvErkqMJNNtbMx0Ywuv3bNFI8GIL5b9Ad9pC
m69Q4jWgGFsxATdD5Y1tu8in4/yWwO1jdAoviTZDm8EdLFMoJNGbu/cngV9EN3Td
qDVdnvPPPV8jGiY0Pb9bk+ErsQT6UUekATpUVe+pyE+YeN+EmIlZ+1qsqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMp8bUGfIUcFCyq2ATr084XtPnZMB8GA1UdIwQY
MBaAFIRoTNryXeQL78Ho5CKFqNXsOJBHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDM4M2EtZjI3MS00YzFlLWI1Y2Et
ZGVjYjIyMDYyYzcwLzEvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDM4M2EtZjI3MS00YzFlLWI1Y2EtZGVjYjIyMDYyYzcw
LzEvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHbPqZ+w
2ryWluAwUCowj7ut7oG424gSQ5NMXeQMprqy1NWirHIg8kn+aOITs8K+yEUz6hU0
5rOhbrcqXMIB3O83PP3hIoynihwr0sJMygPBfEnoJuSJ6cRpC2fFeMc4+w11ZObW
ahCr4J4GcioCpaHRQWfoTssr1aBeXiQea11f4oCjhplRQ+vODi8IAL147O6sCH0j
2ca8d8srN38jUdeSSIT2cTpWjsfioK5hlBYNpkMslbIikQbcO+0jQ0QYngrCrwYH
GWicNDVJbU6TIGbMDzqpzsHTM4IV8F0RY1rI8J6McPqQRZ3JoDE8Cpd+vHXGwKa8
yFxNN4euoD3UMA==
-----END CERTIFICATE-----