Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          7E5MFFktQECzA69v9IHZ90ftUxq+K/2I73yjfHhrIx4=
Subject key identifier:   8B:F2:07:64:7C:5C:33:80:AC:B6:C0:36:24:25:D3:2B:F4:C5:32:8C
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       018F8824147C9CFF4CA95FEED10C03B90725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          01B8
Signing time:             Fri 17 May 2024 20:00:16 +0000
Manifest this update:     Fri 17 May 2024 20:00:16 +0000
Manifest next update:     Sat 18 May 2024 20:00:16 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: jqRKI8ZWeMNdAsH201hYMf4PFLoVDqlvrJYpBER12HU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:14:7c:9c:ff:4c:a9:5f:ee:d1:0c:03:b9:07:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: May 17 20:00:16 2024 GMT
            Not After : May 18 20:00:16 2024 GMT
        Subject: CN=8bf207647c5c3380acb6c0362425d32bf4c5328c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:55:30:f4:be:a2:6c:0b:b2:75:50:89:09:04:
                    9d:17:a0:58:43:17:ae:14:c1:11:e3:6c:c4:c3:34:
                    af:b8:6f:ac:19:2f:05:4c:43:91:b9:cf:9b:b7:59:
                    87:07:ef:ec:8f:38:5b:b9:82:e6:16:db:61:aa:d4:
                    dd:cc:ac:22:6b:30:6c:93:d2:74:74:23:59:13:cc:
                    59:a7:f4:12:a8:6c:47:ec:c9:77:1c:5f:e3:86:4d:
                    55:39:e6:45:09:8f:8b:40:1d:28:f2:e8:0d:51:f3:
                    f5:c4:7a:8c:79:1f:09:83:a9:b4:98:e6:cd:60:a9:
                    ae:59:97:1d:73:15:c4:a0:5b:4e:e9:c2:5b:d3:8d:
                    2b:38:51:b8:a8:6b:63:df:96:5a:f2:d5:16:69:b0:
                    5b:91:c1:6d:d3:b8:c8:27:e2:8f:4e:c4:fe:17:7d:
                    34:e3:cd:57:0a:2f:75:d8:6c:c9:53:c9:95:e1:4b:
                    5f:02:09:99:5a:90:2d:f2:ca:80:5e:dc:38:7b:9c:
                    1c:ed:63:01:5a:83:07:7f:be:69:d4:85:12:14:4d:
                    42:77:8e:7f:3b:7e:96:ad:38:36:71:d7:b0:8d:b5:
                    23:72:b4:dc:ad:96:3d:b3:b3:2b:c7:e1:7d:07:f4:
                    36:79:25:27:03:f7:7f:43:c5:31:82:77:3f:a0:ab:
                    2e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F2:07:64:7C:5C:33:80:AC:B6:C0:36:24:25:D3:2B:F4:C5:32:8C
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:8e:dd:b0:d7:78:69:48:0a:4b:45:db:f0:d5:59:21:48:72:
         01:26:81:ab:68:15:87:89:b2:10:64:2a:cc:e5:fd:63:de:43:
         5c:74:cf:8c:a2:bf:29:1d:56:90:00:60:23:c8:2f:55:7c:02:
         c5:b5:fa:5a:d1:e5:da:de:dc:b3:99:d6:3a:0f:45:1f:ef:a9:
         25:c2:61:a4:06:29:05:24:13:f5:c0:31:23:3e:ac:12:d6:f7:
         8b:a1:c4:8d:57:57:71:b9:2f:0f:d8:28:b0:67:c9:cc:9b:bd:
         2c:91:43:ab:ae:fa:66:2c:00:14:08:f4:25:a6:5d:59:18:e0:
         f0:c5:58:4c:18:7f:74:84:d9:a7:32:e3:79:53:bd:1e:4c:91:
         26:fc:69:f4:c1:e3:00:25:2f:eb:b7:04:11:99:22:b7:a5:fa:
         3a:0b:02:37:71:b9:89:29:39:c6:ec:aa:49:a6:09:6d:44:4b:
         48:06:e8:38:4f:4f:b1:d1:d6:6a:1f:ee:3a:2e:98:ef:b8:83:
         98:e4:a6:08:7b:16:25:45:41:a1:32:87:e2:73:96:8e:7e:e7:
         2f:2a:11:64:52:01:58:2a:59:2d:83:57:32:6d:43:c2:31:88:
         06:35:f8:24:d3:e9:77:f1:8a:08:d6:9a:60:bb:5d:f8:c5:9d:
         64:3a:17:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJBR8nP9MqV/u0QwDuQclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjQwNTE3MjAwMDE2WhcNMjQwNTE4MjAwMDE2WjAzMTEwLwYDVQQD
Eyg4YmYyMDc2NDdjNWMzMzgwYWNiNmMwMzYyNDI1ZDMyYmY0YzUzMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1Uw9L6ibAuydVCJCQSdF6BYQxeu
FMER42zEwzSvuG+sGS8FTEORuc+bt1mHB+/sjzhbuYLmFtthqtTdzKwiazBsk9J0
dCNZE8xZp/QSqGxH7Ml3HF/jhk1VOeZFCY+LQB0o8ugNUfP1xHqMeR8Jg6m0mObN
YKmuWZcdcxXEoFtO6cJb040rOFG4qGtj35Za8tUWabBbkcFt07jIJ+KPTsT+F300
481XCi912GzJU8mV4UtfAgmZWpAt8sqAXtw4e5wc7WMBWoMHf75p1IUSFE1Cd45/
O36WrTg2cdewjbUjcrTcrZY9s7Mrx+F9B/Q2eSUnA/d/Q8Uxgnc/oKsuIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvyB2R8XDOArLbANiQl0yv0xTKMMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaI7dsNd4
aUgKS0Xb8NVZIUhyASaBq2gVh4myEGQqzOX9Y95DXHTPjKK/KR1WkABgI8gvVXwC
xbX6WtHl2t7cs5nWOg9FH++pJcJhpAYpBSQT9cAxIz6sEtb3i6HEjVdXcbkvD9go
sGfJzJu9LJFDq676ZiwAFAj0JaZdWRjg8MVYTBh/dITZpzLjeVO9HkyRJvxp9MHj
ACUv67cEEZkit6X6OgsCN3G5iSk5xuyqSaYJbURLSAboOE9PsdHWah/uOi6Y77iD
mOSmCHsWJUVBoTKH4nOWjn7nLyoRZFIBWCpZLYNXMm1DwjGIBjX4JNPpd/GKCNaa
YLtd+MWdZDoXEw==
-----END CERTIFICATE-----