Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
File:                     SFF8v1-HKM7CSvPC6G7PuANT5g0.mft (raw, json)
Hash identifier:          9eIqsCQ9sZowNDTEOozjSs+gJecrsPZu09CgomfRMKE=
Subject key identifier:   A8:B0:A8:0A:4E:FE:4F:C8:A3:8D:6D:11:E2:31:46:5D:71:D5:67:38
Authority key identifier: 48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D
Certificate issuer:       /CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
Certificate serial:       018F87B668AED8FEE1D7E43EAB1FC2A19AF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
Manifest number:          0858
Signing time:             Fri 17 May 2024 18:00:29 +0000
Manifest this update:     Fri 17 May 2024 18:00:29 +0000
Manifest next update:     Sat 18 May 2024 18:00:29 +0000
Files and hashes:         1: SFF8v1-HKM7CSvPC6G7PuANT5g0.crl (hash: fZYbcfR/vmx+rCpobl3Yl4M7MZVUdkvdfF/U5rreA1o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:68:ae:d8:fe:e1:d7:e4:3e:ab:1f:c2:a1:9a:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
        Validity
            Not Before: May 17 18:00:29 2024 GMT
            Not After : May 18 18:00:29 2024 GMT
        Subject: CN=a8b0a80a4efe4fc8a38d6d11e231465d71d56738
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:83:0f:e0:fb:e7:1f:4f:f8:da:6e:83:95:b9:
                    79:9f:98:3a:ee:58:16:e6:fc:3d:2c:39:81:84:b4:
                    a0:37:b5:60:0a:41:7a:ed:3d:66:e5:7e:fe:b5:0a:
                    c7:01:e4:c8:d3:05:30:08:5e:79:15:18:72:a0:97:
                    2b:50:78:67:98:9e:2f:b7:cf:df:8b:0e:84:96:2e:
                    ba:41:25:f2:09:a3:0c:31:44:dd:99:bc:71:f4:be:
                    fb:8f:db:43:4c:73:08:1a:28:63:66:c1:8e:e8:09:
                    1a:87:b8:df:93:57:76:95:23:b7:4b:ce:f2:5f:c3:
                    3d:05:6e:09:ec:6f:4f:f9:d2:18:7c:5c:a3:1e:7f:
                    26:11:1d:fa:aa:dd:1b:f0:75:b5:12:0b:84:3c:b5:
                    cf:15:3b:70:7d:e2:c8:9f:11:f8:8b:c5:1e:bd:63:
                    13:3c:65:47:36:9a:3a:f3:90:ce:5c:00:cc:4d:cb:
                    e5:1f:e3:24:f1:5b:79:e1:38:1e:64:d6:29:7d:86:
                    16:52:0c:c9:16:e5:1c:4b:8d:98:2a:79:cf:5c:e5:
                    a2:17:a0:d0:0c:4d:52:b4:8a:3d:cb:f3:77:41:42:
                    6d:55:52:b9:39:34:f6:dd:11:7d:62:e3:3b:02:5d:
                    08:5c:c0:e0:ce:74:90:39:6e:ff:af:76:23:87:fc:
                    47:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B0:A8:0A:4E:FE:4F:C8:A3:8D:6D:11:E2:31:46:5D:71:D5:67:38
            X509v3 Authority Key Identifier:
                keyid:48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:18:e0:f3:02:14:5e:b7:24:c6:7c:28:65:f2:06:98:07:5d:
         08:2d:af:51:6a:70:7a:b5:bc:16:c7:89:e3:29:7a:87:00:27:
         d2:02:16:f5:cb:39:47:d8:b3:95:51:f2:b7:a2:5a:49:de:21:
         12:cf:c3:2b:59:15:a2:14:c1:ce:88:3a:77:b7:ab:57:14:77:
         bd:a4:c0:81:04:86:80:e6:fb:bb:03:32:87:b7:28:b3:60:be:
         25:7c:8d:96:e6:a4:99:21:c5:bb:e4:ec:b5:70:72:7a:fb:85:
         0a:c0:d2:c9:7f:b5:a8:7d:85:6c:a7:a5:8e:96:c9:f6:4c:6b:
         71:c3:39:08:00:f3:24:20:7a:14:6c:11:4c:72:27:55:80:32:
         a5:ff:38:30:0e:27:1c:33:5b:0b:9b:9f:ff:1b:05:92:38:bf:
         49:72:89:82:21:06:18:0e:a8:f1:90:66:d1:93:be:00:87:b1:
         6f:b1:e0:80:a1:52:9a:60:9d:df:64:8e:f0:d9:dd:23:a8:1b:
         83:2c:d8:e6:54:ae:25:2b:1d:b5:da:cd:b2:94:a7:5a:5d:2c:
         d0:cf:c0:d2:80:cc:8a:e9:51:7d:ed:56:eb:c0:4b:8d:1e:bb:
         b3:01:c0:1f:67:56:dd:5e:9f:58:c7:c7:18:3a:d3:3d:68:a6:
         7e:3f:d1:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htmiu2P7h1+Q+qx/CoZr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTE3Y2JmNWY4NzI4Y2VjMjRhZjNjMmU4NmVjZmI4MDM1
M2U2MGQwHhcNMjQwNTE3MTgwMDI5WhcNMjQwNTE4MTgwMDI5WjAzMTEwLwYDVQQD
EyhhOGIwYTgwYTRlZmU0ZmM4YTM4ZDZkMTFlMjMxNDY1ZDcxZDU2NzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroMP4PvnH0/42m6Dlbl5n5g67lgW
5vw9LDmBhLSgN7VgCkF67T1m5X7+tQrHAeTI0wUwCF55FRhyoJcrUHhnmJ4vt8/f
iw6Eli66QSXyCaMMMUTdmbxx9L77j9tDTHMIGihjZsGO6Akah7jfk1d2lSO3S87y
X8M9BW4J7G9P+dIYfFyjHn8mER36qt0b8HW1EguEPLXPFTtwfeLInxH4i8UevWMT
PGVHNpo685DOXADMTcvlH+Mk8Vt54TgeZNYpfYYWUgzJFuUcS42YKnnPXOWiF6DQ
DE1StIo9y/N3QUJtVVK5OTT23RF9YuM7Al0IXMDgznSQOW7/r3Yjh/xHfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiwqApO/k/Io41tEeIxRl1x1Wc4MB8GA1UdIwQY
MBaAFEhRfL9fhyjOwkrzwuhuz7gDU+YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQt
OGMzYjQwMjg1NTY2LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQtOGMzYjQwMjg1NTY2
LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnhjg8wIU
XrckxnwoZfIGmAddCC2vUWpwerW8FseJ4yl6hwAn0gIW9cs5R9izlVHyt6JaSd4h
Es/DK1kVohTBzog6d7erVxR3vaTAgQSGgOb7uwMyh7cos2C+JXyNluakmSHFu+Ts
tXByevuFCsDSyX+1qH2FbKeljpbJ9kxrccM5CADzJCB6FGwRTHInVYAypf84MA4n
HDNbC5uf/xsFkji/SXKJgiEGGA6o8ZBm0ZO+AIexb7HggKFSmmCd32SO8NndI6gb
gyzY5lSuJSsdtdrNspSnWl0s0M/A0oDMiulRfe1W68BLjR67swHAH2dW3V6fWMfH
GDrTPWimfj/RWw==
-----END CERTIFICATE-----