Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
File:                     hGhM2vJd5AvvwejkIoWo1ew4kEc.mft (raw, json)
Hash identifier:          UsV+EJPT4MxG8BgWP2rklzXTz9G4nKIVku6+tGI1IwU=
Subject key identifier:   77:42:B2:9B:A7:44:86:F6:74:3E:24:91:AB:D4:A9:3E:2B:E9:41:0C
Authority key identifier: 84:68:4C:DA:F2:5D:E4:0B:EF:C1:E8:E4:22:85:A8:D5:EC:38:90:47
Certificate issuer:       /CN=84684cdaf25de40befc1e8e42285a8d5ec389047
Certificate serial:       019357D28FC0063DE5AD1999CED7AE1B6534
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
Manifest number:          018E
Signing time:             Sat 23 Nov 2024 07:00:36 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:36 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:36 +0000
Files and hashes:         1: hGhM2vJd5AvvwejkIoWo1ew4kEc.crl (hash: rto/y7WSPcnjkM1Dq1DaWC1n/10jYNzihEvAPM7mREM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:8f:c0:06:3d:e5:ad:19:99:ce:d7:ae:1b:65:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84684cdaf25de40befc1e8e42285a8d5ec389047
        Validity
            Not Before: Nov 23 07:00:36 2024 GMT
            Not After : Nov 24 07:00:36 2024 GMT
        Subject: CN=7742b29ba74486f6743e2491abd4a93e2be9410c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:10:7b:50:62:92:a4:73:09:b3:5a:c8:9f:a8:
                    a8:cf:f9:0a:7a:00:f7:37:97:3c:7c:74:e6:81:37:
                    9c:9e:11:0b:37:34:45:b6:1d:34:77:da:ab:06:c6:
                    b4:be:7a:5a:64:5f:fb:f8:2b:79:68:0b:28:ad:4e:
                    15:23:40:f0:e3:6d:79:8d:8d:46:ac:4f:55:09:25:
                    61:0c:a2:d2:da:46:32:5b:c0:80:5f:bb:4a:cb:4a:
                    a3:9f:98:ee:13:48:f7:86:d9:91:2f:78:9c:fd:e8:
                    dc:e3:c9:a0:40:f5:66:4d:ac:e3:c1:35:43:0f:e8:
                    5b:23:b7:a1:cd:f5:86:fc:4e:d0:c8:90:ff:53:01:
                    de:61:68:f8:3e:c0:f4:43:25:7a:f6:ef:f5:b8:3a:
                    62:66:3b:1b:92:53:03:cc:db:50:04:03:5e:3f:9b:
                    41:21:ff:79:58:a9:54:6c:83:f4:b9:10:1a:c5:7b:
                    23:f9:42:57:1e:0a:dd:97:d9:20:ee:43:64:79:c9:
                    91:7a:87:a9:37:8a:55:45:6c:1e:c9:1a:9b:5e:fb:
                    3b:6b:5c:27:20:6f:85:4c:46:d4:75:7d:f1:66:da:
                    0e:5f:15:89:cd:3e:35:73:92:8d:b8:13:f0:74:d2:
                    73:e5:1a:6c:5f:65:e0:8f:d7:7d:86:84:70:66:4d:
                    49:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:42:B2:9B:A7:44:86:F6:74:3E:24:91:AB:D4:A9:3E:2B:E9:41:0C
            X509v3 Authority Key Identifier:
                keyid:84:68:4C:DA:F2:5D:E4:0B:EF:C1:E8:E4:22:85:A8:D5:EC:38:90:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGhM2vJd5AvvwejkIoWo1ew4kEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c0383a-f271-4c1e-b5ca-decb22062c70/1/hGhM2vJd5AvvwejkIoWo1ew4kEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:55:59:32:24:7e:c5:4c:98:f4:f6:2e:ad:7c:09:76:90:9b:
         7a:38:9c:bf:09:a6:b5:c1:fc:79:13:df:ac:6b:5d:dd:bf:58:
         3e:a9:f6:75:02:ff:6a:04:83:8e:db:41:62:87:71:be:34:e5:
         ee:1c:86:14:f5:c8:c2:f7:2b:d4:77:03:d2:4a:97:46:28:7a:
         73:49:5d:08:f6:83:da:b6:a9:2e:9c:a2:c4:ed:bf:fa:29:02:
         4e:c7:36:50:6e:67:b1:3b:f7:c5:e8:14:ac:07:f5:12:10:d1:
         c3:5b:ce:1c:07:80:8d:af:d8:ef:f2:1d:10:1c:55:50:19:7b:
         96:ed:87:e8:35:44:b3:ef:72:94:52:c2:37:8c:e1:48:98:b3:
         c8:0b:30:23:c5:20:3c:ab:49:0f:00:d0:4c:ec:da:9d:f8:4c:
         06:ab:29:fa:01:cb:3a:2c:35:a1:d4:3a:84:7c:a3:63:7c:ef:
         80:bb:2d:0b:6f:cc:2d:6d:ee:8c:4f:ef:66:9d:62:e1:f1:96:
         f7:70:5c:fd:77:bd:37:e1:4e:de:c0:89:84:03:11:f8:62:59:
         8a:bb:19:ae:3d:84:d2:df:10:54:0c:7e:dc:b8:27:a0:8b:93:
         87:06:73:bc:0d:d9:8d:26:95:f3:05:50:68:79:a1:10:9b:60:
         85:55:6a:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0o/ABj3lrRmZzteuG2U0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Njg0Y2RhZjI1ZGU0MGJlZmMxZThlNDIyODVhOGQ1ZWMz
ODkwNDcwHhcNMjQxMTIzMDcwMDM2WhcNMjQxMTI0MDcwMDM2WjAzMTEwLwYDVQQD
Eyg3NzQyYjI5YmE3NDQ4NmY2NzQzZTI0OTFhYmQ0YTkzZTJiZTk0MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRB7UGKSpHMJs1rIn6ioz/kKegD3
N5c8fHTmgTecnhELNzRFth00d9qrBsa0vnpaZF/7+Ct5aAsorU4VI0Dw4215jY1G
rE9VCSVhDKLS2kYyW8CAX7tKy0qjn5juE0j3htmRL3ic/ejc48mgQPVmTazjwTVD
D+hbI7ehzfWG/E7QyJD/UwHeYWj4PsD0QyV69u/1uDpiZjsbklMDzNtQBANeP5tB
If95WKlUbIP0uRAaxXsj+UJXHgrdl9kg7kNkecmReoepN4pVRWweyRqbXvs7a1wn
IG+FTEbUdX3xZtoOXxWJzT41c5KNuBPwdNJz5RpsX2Xgj9d9hoRwZk1JRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHdCspunRIb2dD4kkavUqT4r6UEMMB8GA1UdIwQY
MBaAFIRoTNryXeQL78Ho5CKFqNXsOJBHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDM4M2EtZjI3MS00YzFlLWI1Y2Et
ZGVjYjIyMDYyYzcwLzEvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDM4M2EtZjI3MS00YzFlLWI1Y2EtZGVjYjIyMDYyYzcw
LzEvaEdoTTJ2SmQ1QXZ2d2Vqa0lvV28xZXc0a0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlVZMiR+
xUyY9PYurXwJdpCbejicvwmmtcH8eRPfrGtd3b9YPqn2dQL/agSDjttBYodxvjTl
7hyGFPXIwvcr1HcD0kqXRih6c0ldCPaD2rapLpyixO2/+ikCTsc2UG5nsTv3xegU
rAf1EhDRw1vOHAeAja/Y7/IdEBxVUBl7lu2H6DVEs+9ylFLCN4zhSJizyAswI8Ug
PKtJDwDQTOzanfhMBqsp+gHLOiw1odQ6hHyjY3zvgLstC2/MLW3ujE/vZp1i4fGW
93Bc/Xe9N+FO3sCJhAMR+GJZirsZrj2E0t8QVAx+3LgnoIuThwZzvA3ZjSaV8wVQ
aHmhEJtghVVqLA==
-----END CERTIFICATE-----