Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
File:                     hPOAUNM24lcAb2jCTNDWRND1oTE.mft (raw, json)
Hash identifier:          D8+x8Yn1Y2kTTcIKKklYaHlvIbJgDCw1DArjs7VgMbw=
Subject key identifier:   63:FB:C6:C6:6E:B1:F3:A9:11:A3:66:CD:00:62:B9:17:6B:D2:8C:13
Authority key identifier: 84:F3:80:50:D3:36:E2:57:00:6F:68:C2:4C:D0:D6:44:D0:F5:A1:31
Certificate issuer:       /CN=84f38050d336e257006f68c24cd0d644d0f5a131
Certificate serial:       019357D2458EDF278010C0F4306D549B107C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
Manifest number:          018A
Signing time:             Sat 23 Nov 2024 07:00:18 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:18 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:18 +0000
Files and hashes:         1: hPOAUNM24lcAb2jCTNDWRND1oTE.crl (hash: up4d1ycmch0vQbYUYGNYKxYpza22h9QXhXjbaqBCkkA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:45:8e:df:27:80:10:c0:f4:30:6d:54:9b:10:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f38050d336e257006f68c24cd0d644d0f5a131
        Validity
            Not Before: Nov 23 07:00:18 2024 GMT
            Not After : Nov 24 07:00:18 2024 GMT
        Subject: CN=63fbc6c66eb1f3a911a366cd0062b9176bd28c13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b9:67:04:c0:74:cd:fb:8c:5c:d4:da:c0:fb:
                    b5:3f:df:42:5a:49:b2:6e:af:ef:d4:f0:0f:4b:32:
                    71:2c:78:f6:40:5a:c9:09:35:8b:e6:1a:42:69:3f:
                    03:f1:46:3a:6e:60:f9:d2:43:7a:af:22:fb:f9:fa:
                    2e:7f:4d:b4:65:af:30:71:0a:c9:6a:08:08:ff:cc:
                    69:74:0a:5a:26:40:e8:31:24:e8:c6:a8:1a:0e:b5:
                    17:66:16:ab:eb:a2:17:68:c6:23:2a:e9:c2:f7:72:
                    8e:34:75:5f:3d:fe:0c:69:cc:e4:58:ea:46:f4:bb:
                    cd:3b:08:e2:41:c3:3b:a2:75:78:ab:bd:83:aa:dd:
                    2d:e6:28:80:0f:a0:1d:5d:e8:49:3a:bb:8c:a5:df:
                    79:c6:cc:67:d1:4e:50:9b:35:d3:ea:51:87:af:95:
                    17:dd:9f:8b:c1:f7:78:48:ed:d3:13:0c:85:ab:df:
                    ed:1f:c3:d8:ac:51:5d:36:6d:2f:4c:86:05:34:91:
                    b3:fb:d6:21:0f:a2:a0:61:f3:47:bd:a0:f9:d4:a4:
                    46:f3:cb:f5:59:04:e4:e7:e8:54:63:9c:15:49:74:
                    94:62:18:60:d8:0a:32:fb:ae:16:37:49:23:0f:37:
                    49:4d:72:c2:c9:2d:e2:a8:9a:0e:06:6a:26:2c:ea:
                    76:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:FB:C6:C6:6E:B1:F3:A9:11:A3:66:CD:00:62:B9:17:6B:D2:8C:13
            X509v3 Authority Key Identifier:
                keyid:84:F3:80:50:D3:36:E2:57:00:6F:68:C2:4C:D0:D6:44:D0:F5:A1:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPOAUNM24lcAb2jCTNDWRND1oTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/028975-78bc-45c5-9915-28170cf939c6/1/hPOAUNM24lcAb2jCTNDWRND1oTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:92:f7:61:6e:9e:02:da:d5:59:9f:47:e2:e3:ef:ba:7d:bf:
         9b:31:5a:e2:80:6b:0e:d1:69:b3:36:78:3c:ab:0d:87:0f:75:
         38:44:6f:09:bc:3a:92:5d:b1:4d:44:73:fd:d2:98:37:87:9b:
         b2:cb:60:a9:94:1c:b4:36:09:b3:cc:59:e7:73:0d:29:48:6b:
         46:ba:76:65:58:52:88:23:d8:6c:10:7f:c1:74:22:8e:02:45:
         6b:28:b6:1e:93:85:e3:e7:a9:49:69:75:46:33:90:4b:2d:20:
         e6:c5:31:35:1a:c5:c9:3d:69:72:00:b6:56:f0:6b:8a:58:09:
         cd:4d:57:f4:0a:dc:be:a0:dd:15:2d:47:67:b0:57:2c:f4:f4:
         c0:a9:12:81:35:23:86:57:41:f3:69:3a:f6:f3:21:da:99:19:
         11:e4:dc:fb:f5:ef:53:05:ad:e1:f2:ef:be:05:26:7d:6a:29:
         6c:67:7a:f8:b0:0b:93:98:5a:29:5b:05:8e:b6:4d:42:34:fd:
         5e:fe:42:cc:b4:ec:c4:ee:65:c6:39:cf:a0:3f:1e:cb:b5:4f:
         13:b3:dd:22:f4:d2:f7:76:4c:57:c0:e2:33:8d:d6:d3:4e:c6:
         7e:49:8d:c0:54:77:c8:96:db:df:fd:d4:69:e3:d9:74:8b:79:
         2e:ad:d3:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0kWO3yeAEMD0MG1UmxB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjM4MDUwZDMzNmUyNTcwMDZmNjhjMjRjZDBkNjQ0ZDBm
NWExMzEwHhcNMjQxMTIzMDcwMDE4WhcNMjQxMTI0MDcwMDE4WjAzMTEwLwYDVQQD
Eyg2M2ZiYzZjNjZlYjFmM2E5MTFhMzY2Y2QwMDYyYjkxNzZiZDI4YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjblnBMB0zfuMXNTawPu1P99CWkmy
bq/v1PAPSzJxLHj2QFrJCTWL5hpCaT8D8UY6bmD50kN6ryL7+fouf020Za8wcQrJ
aggI/8xpdApaJkDoMSToxqgaDrUXZhar66IXaMYjKunC93KONHVfPf4MaczkWOpG
9LvNOwjiQcM7onV4q72Dqt0t5iiAD6AdXehJOruMpd95xsxn0U5QmzXT6lGHr5UX
3Z+Lwfd4SO3TEwyFq9/tH8PYrFFdNm0vTIYFNJGz+9YhD6KgYfNHvaD51KRG88v1
WQTk5+hUY5wVSXSUYhhg2Aoy+64WN0kjDzdJTXLCyS3iqJoOBmomLOp2AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGP7xsZusfOpEaNmzQBiuRdr0owTMB8GA1UdIwQY
MBaAFITzgFDTNuJXAG9owkzQ1kTQ9aExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjg5NzUtNzhiYy00NWM1LTk5MTUt
MjgxNzBjZjkzOWM2LzEvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjg5NzUtNzhiYy00NWM1LTk5MTUtMjgxNzBjZjkzOWM2
LzEvaFBPQVVOTTI0bGNBYjJqQ1RORFdSTkQxb1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABpL3YW6e
AtrVWZ9H4uPvun2/mzFa4oBrDtFpszZ4PKsNhw91OERvCbw6kl2xTURz/dKYN4eb
sstgqZQctDYJs8xZ53MNKUhrRrp2ZVhSiCPYbBB/wXQijgJFayi2HpOF4+epSWl1
RjOQSy0g5sUxNRrFyT1pcgC2VvBrilgJzU1X9ArcvqDdFS1HZ7BXLPT0wKkSgTUj
hldB82k69vMh2pkZEeTc+/XvUwWt4fLvvgUmfWopbGd6+LALk5haKVsFjrZNQjT9
Xv5CzLTsxO5lxjnPoD8ey7VPE7PdIvTS93ZMV8DiM43W007GfkmNwFR3yJbb3/3U
aePZdIt5Lq3TkQ==
-----END CERTIFICATE-----