Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
File:                     hesz_RfSMvvmsq22bLCv4N7pA7A.mft (raw, json)
Hash identifier:          u6yMxrAw1kgwV7gO3p8dLPJwZqaC+r+taYx9UeQDRGM=
Subject key identifier:   DF:E5:5F:89:28:92:4A:3F:B4:96:27:CE:1C:5C:DE:23:16:9A:59:27
Authority key identifier: 85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
Certificate issuer:       /CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Certificate serial:       01936A7DC5BEC6EE19E0379998432C30B93F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
Manifest number:          0208
Signing time:             Tue 26 Nov 2024 22:00:47 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:47 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:47 +0000
Files and hashes:         1: hesz_RfSMvvmsq22bLCv4N7pA7A.crl (hash: 4bmN6/vWyQiyNDpFar+lYeqpxPrntkTRU3XjqSE3gk0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:c5:be:c6:ee:19:e0:37:99:98:43:2c:30:b9:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
        Validity
            Not Before: Nov 26 22:00:47 2024 GMT
            Not After : Nov 27 22:00:47 2024 GMT
        Subject: CN=dfe55f8928924a3fb49627ce1c5cde23169a5927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:dc:c7:f8:8d:6c:8e:09:e7:9e:2e:bb:da:62:
                    56:e8:47:8e:92:52:17:3e:86:26:ae:3b:fb:3e:e4:
                    c2:ee:c2:1f:f3:c1:1b:0a:bf:82:3b:e7:aa:fc:61:
                    35:88:3a:49:a6:09:0f:c5:a8:e2:70:68:d3:ad:91:
                    6a:98:e0:66:bc:11:0a:61:40:33:6f:9d:23:1e:32:
                    a8:ef:a7:78:29:8c:ea:74:6a:a2:05:47:de:b2:a5:
                    a0:f7:10:42:53:cf:54:c7:27:de:8d:8c:1a:05:c5:
                    07:36:ed:98:b6:79:d4:0e:d8:cb:9b:3d:fb:b3:61:
                    9c:0a:10:9c:05:68:bc:18:38:64:bd:85:36:40:db:
                    01:ee:4e:66:cf:71:8d:d5:6e:ae:45:76:cd:d5:7e:
                    23:c7:cc:b2:d5:02:19:08:24:f6:12:0b:00:63:b8:
                    85:47:60:93:30:2d:11:80:c7:e3:77:7c:18:c1:1b:
                    da:4c:33:da:a9:85:fa:89:5e:00:b5:59:9a:29:a5:
                    95:74:23:92:07:8c:af:b2:dc:cc:ae:10:41:d5:84:
                    e5:b6:e0:b7:fa:49:91:c1:82:78:e0:06:06:34:0e:
                    aa:3d:f6:2e:6f:da:d4:cc:ce:68:d7:93:6f:b5:e6:
                    0b:2f:2b:2b:a1:67:45:a8:56:ad:86:02:d3:88:8a:
                    6c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E5:5F:89:28:92:4A:3F:B4:96:27:CE:1C:5C:DE:23:16:9A:59:27
            X509v3 Authority Key Identifier:
                keyid:85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:81:d9:b5:57:8c:4e:85:24:b1:c8:42:f8:48:e3:6f:54:06:
         7e:b1:44:f2:87:f5:1d:95:fa:f1:e6:6f:92:f9:ed:ef:f5:c2:
         f7:aa:46:7e:ec:9b:53:81:0f:24:a7:76:02:7a:25:83:f4:19:
         f1:4f:93:da:4e:1d:0e:de:93:14:9d:8d:67:4b:c6:fe:92:48:
         fd:9c:78:2f:14:d0:13:aa:00:50:f5:cb:0e:5e:46:f2:83:31:
         77:ba:8e:b0:e0:f7:02:8f:a1:40:cb:87:4d:f6:9b:5d:4c:cd:
         35:9a:61:c3:d3:54:bc:f1:46:6c:39:91:a3:1d:98:9a:3f:b3:
         60:a8:8c:4a:7c:75:4b:93:dd:a1:75:ea:75:bc:1d:9d:83:c0:
         25:c1:71:f1:49:47:5e:7e:92:41:f0:d3:d7:b7:e6:da:ea:42:
         31:48:e2:58:b6:16:ae:54:f4:7d:89:07:82:63:37:dc:9d:78:
         cc:8b:8e:b6:bd:69:48:44:46:2d:6e:55:db:76:9f:95:a4:ff:
         2d:f6:cf:7d:5c:f5:f8:12:35:1d:e3:fc:9d:f8:7a:5c:eb:9f:
         e4:08:2a:de:db:92:46:1b:39:06:e6:24:be:24:67:c1:c0:cd:
         bd:29:d8:b4:78:ae:53:a4:23:f3:16:7a:da:09:41:db:55:a0:
         b7:71:30:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfcW+xu4Z4DeZmEMsMLk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZWIzM2ZkMTdkMjMyZmJlNmIyYWRiNjZjYjBhZmUwZGVl
OTAzYjAwHhcNMjQxMTI2MjIwMDQ3WhcNMjQxMTI3MjIwMDQ3WjAzMTEwLwYDVQQD
EyhkZmU1NWY4OTI4OTI0YTNmYjQ5NjI3Y2UxYzVjZGUyMzE2OWE1OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotzH+I1sjgnnni672mJW6EeOklIX
PoYmrjv7PuTC7sIf88EbCr+CO+eq/GE1iDpJpgkPxajicGjTrZFqmOBmvBEKYUAz
b50jHjKo76d4KYzqdGqiBUfesqWg9xBCU89UxyfejYwaBcUHNu2YtnnUDtjLmz37
s2GcChCcBWi8GDhkvYU2QNsB7k5mz3GN1W6uRXbN1X4jx8yy1QIZCCT2EgsAY7iF
R2CTMC0RgMfjd3wYwRvaTDPaqYX6iV4AtVmaKaWVdCOSB4yvstzMrhBB1YTltuC3
+kmRwYJ44AYGNA6qPfYub9rUzM5o15NvteYLLysroWdFqFathgLTiIps/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/lX4kokko/tJYnzhxc3iMWmlknMB8GA1UdIwQY
MBaAFIXrM/0X0jL75rKttmywr+De6QOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMt
OGEzOGVhMmIxZjU0LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMtOGEzOGVhMmIxZjU0
LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABYHZtVeM
ToUkschC+Ejjb1QGfrFE8of1HZX68eZvkvnt7/XC96pGfuybU4EPJKd2Anolg/QZ
8U+T2k4dDt6TFJ2NZ0vG/pJI/Zx4LxTQE6oAUPXLDl5G8oMxd7qOsOD3Ao+hQMuH
TfabXUzNNZphw9NUvPFGbDmRox2Ymj+zYKiMSnx1S5PdoXXqdbwdnYPAJcFx8UlH
Xn6SQfDT17fm2upCMUjiWLYWrlT0fYkHgmM33J14zIuOtr1pSERGLW5V23aflaT/
LfbPfVz1+BI1HeP8nfh6XOuf5Agq3tuSRhs5BuYkviRnwcDNvSnYtHiuU6Qj8xZ6
2glB21Wgt3EwJQ==
-----END CERTIFICATE-----