Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          wTuPzN5cV8lZ6FVr3oc8A8MCNo3JNFlRrEjQJJckziM=
Subject key identifier:   C2:35:15:36:CF:3D:12:25:DD:BD:B2:A6:06:7B:FD:93:CB:30:25:0B
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       018F45A0C05097DF18BE360F3E32D4483A29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          0D38
Signing time:             Sat 04 May 2024 22:01:53 +0000
Manifest this update:     Sat 04 May 2024 22:01:53 +0000
Manifest next update:     Sun 05 May 2024 22:01:53 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: wdojQhEDGW8PGlQCYTeDOjFRxY8PdilfLMM3r2zGwDU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 20:58:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:45:a0:c0:50:97:df:18:be:36:0f:3e:32:d4:48:3a:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: May  4 22:01:53 2024 GMT
            Not After : May  5 22:01:53 2024 GMT
        Subject: CN=c2351536cf3d1225ddbdb2a6067bfd93cb30250b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ae:ff:a8:85:e4:cc:60:f7:38:6a:55:73:2a:
                    a4:dc:a7:c6:8d:f1:64:36:ad:96:f9:81:38:e2:43:
                    47:9e:2a:26:a8:9c:a7:ca:ef:82:c1:bb:f2:48:30:
                    d4:33:e6:8a:e1:28:50:72:25:71:57:91:d4:2f:f7:
                    3b:2a:06:03:07:8f:82:6a:63:0c:4c:13:bd:5c:1b:
                    26:d9:3d:ff:c9:a6:77:15:41:bf:15:6c:eb:73:03:
                    4f:aa:66:21:2d:bb:ed:b5:4d:b7:79:54:f2:3d:da:
                    b1:48:c2:16:c9:a1:8e:21:38:8d:bc:ae:f7:3f:10:
                    d4:d9:34:7f:4a:1b:b0:a3:20:60:be:55:6f:fa:d3:
                    e9:c7:11:30:74:49:a0:db:5c:83:5f:3b:13:d0:fd:
                    41:f5:f4:5c:dd:ab:99:b7:c7:53:af:37:9f:8c:41:
                    8d:90:a6:c1:06:2c:30:90:a2:81:be:4c:73:19:dc:
                    6b:3f:25:35:eb:7b:35:52:e2:52:b5:88:a0:1c:30:
                    6a:1b:0b:4d:98:57:bc:c7:d8:1b:e9:a0:32:f5:4e:
                    9f:ef:94:9f:77:7c:b0:da:17:25:9d:83:11:6b:7f:
                    41:72:45:44:fa:72:eb:90:dd:4d:b0:da:36:31:a6:
                    05:9b:d4:99:9a:6a:d2:51:67:c7:3d:5e:fd:31:d2:
                    bb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:35:15:36:CF:3D:12:25:DD:BD:B2:A6:06:7B:FD:93:CB:30:25:0B
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:9a:2f:cc:50:94:2d:8f:5a:4c:d6:54:cf:1f:fa:a9:38:bf:
         2e:4f:b5:46:e5:a9:c7:b9:c5:aa:0e:08:2d:97:6e:2f:3d:a4:
         13:e3:c8:b0:c3:2c:4b:b3:37:61:26:4e:a4:1c:4c:b3:f4:b8:
         58:4d:ef:ad:b5:b1:b4:61:10:fd:22:e1:ba:b8:f5:91:2f:0b:
         cc:15:c2:55:15:f1:b6:34:7e:ef:19:74:1f:74:fe:b0:37:11:
         8a:0b:4d:ef:e6:a0:16:3c:a4:d0:2c:e4:56:fb:c7:16:b9:88:
         40:66:a6:5f:4a:c6:97:d6:67:22:a2:3b:2c:82:6e:41:61:c8:
         ec:83:7a:8a:14:c2:ba:85:39:92:e7:54:93:bf:23:82:2f:6e:
         62:f0:02:39:84:74:7f:a8:b0:9c:eb:44:6c:3b:46:c2:7f:8a:
         77:f5:43:75:a1:7c:12:7c:02:fc:b8:54:8c:bc:69:28:78:b9:
         6d:91:97:74:ad:2b:94:8d:36:a9:38:fc:bb:18:5d:65:95:f1:
         1f:bf:76:75:ed:17:d8:ed:33:bb:36:1e:3d:4c:e1:2a:c2:14:
         2a:94:ff:ac:cb:60:dd:56:05:71:1b:51:03:7b:75:87:51:63:
         3e:d0:88:ea:0c:b8:e4:29:39:90:b2:10:95:f6:d7:86:86:15:
         31:ec:b3:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9FoMBQl98YvjYPPjLUSDopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjQwNTA0MjIwMTUzWhcNMjQwNTA1MjIwMTUzWjAzMTEwLwYDVQQD
EyhjMjM1MTUzNmNmM2QxMjI1ZGRiZGIyYTYwNjdiZmQ5M2NiMzAyNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q7/qIXkzGD3OGpVcyqk3KfGjfFk
Nq2W+YE44kNHniomqJynyu+CwbvySDDUM+aK4ShQciVxV5HUL/c7KgYDB4+CamMM
TBO9XBsm2T3/yaZ3FUG/FWzrcwNPqmYhLbvttU23eVTyPdqxSMIWyaGOITiNvK73
PxDU2TR/ShuwoyBgvlVv+tPpxxEwdEmg21yDXzsT0P1B9fRc3auZt8dTrzefjEGN
kKbBBiwwkKKBvkxzGdxrPyU163s1UuJStYigHDBqGwtNmFe8x9gb6aAy9U6f75Sf
d3yw2hclnYMRa39BckVE+nLrkN1NsNo2MaYFm9SZmmrSUWfHPV79MdK7TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI1FTbPPRIl3b2ypgZ7/ZPLMCULMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpovzFCU
LY9aTNZUzx/6qTi/Lk+1RuWpx7nFqg4ILZduLz2kE+PIsMMsS7M3YSZOpBxMs/S4
WE3vrbWxtGEQ/SLhurj1kS8LzBXCVRXxtjR+7xl0H3T+sDcRigtN7+agFjyk0Czk
VvvHFrmIQGamX0rGl9ZnIqI7LIJuQWHI7IN6ihTCuoU5kudUk78jgi9uYvACOYR0
f6iwnOtEbDtGwn+Kd/VDdaF8EnwC/LhUjLxpKHi5bZGXdK0rlI02qTj8uxhdZZXx
H792de0X2O0zuzYePUzhKsIUKpT/rMtg3VYFcRtRA3t1h1FjPtCI6gy45Ck5kLIQ
lfbXhoYVMeyz8w==
-----END CERTIFICATE-----