Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          x3vIH8+PDmW7Du0Iv1VjpNMdVtllhLwhg0zUttNWQNk=
Subject key identifier:   1B:93:DB:34:62:D7:83:54:A2:C9:5A:96:A5:FA:76:E3:98:8E:2B:92
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019355E3FE05D782C0444C35ACD3A8E30F77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          136F
Signing time:             Fri 22 Nov 2024 22:00:25 +0000
Manifest this update:     Fri 22 Nov 2024 22:00:25 +0000
Manifest next update:     Sat 23 Nov 2024 22:00:25 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: U4feNTWLgMbGGltVVZuv7f794cnFp31OCa+skwJYxAU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:e3:fe:05:d7:82:c0:44:4c:35:ac:d3:a8:e3:0f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Nov 22 22:00:25 2024 GMT
            Not After : Nov 23 22:00:25 2024 GMT
        Subject: CN=1b93db3462d78354a2c95a96a5fa76e3988e2b92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:4f:34:86:d6:78:8f:4c:e9:4f:71:95:1b:26:
                    30:e7:99:a6:8f:dd:43:48:af:6f:63:42:f2:cd:38:
                    69:0f:f6:14:ee:1e:88:c5:b8:ce:a7:28:7d:54:a9:
                    33:44:10:d1:7c:d6:a6:70:4e:98:34:86:44:e1:1f:
                    3c:0b:e0:b3:12:a1:3f:fe:71:2f:4a:0b:9b:77:39:
                    05:47:1e:fc:1b:aa:7b:a4:24:c7:9b:4c:3b:0a:71:
                    aa:33:1b:5a:9b:2c:ff:68:7b:4b:6d:bd:70:8d:78:
                    b2:2f:a0:91:3e:a7:b0:a2:41:64:39:dd:91:3f:3f:
                    d0:8b:6b:ec:c3:c9:48:37:77:8f:f7:9e:9d:44:3b:
                    72:ce:9d:d1:e4:18:dc:1b:e5:89:d5:2e:2b:83:ad:
                    e8:fa:33:d5:af:96:8c:ad:9c:7f:b1:fb:f9:8d:ea:
                    c2:ba:a7:b3:95:f3:cc:32:25:b4:3e:7d:b8:8a:ae:
                    e5:5b:41:e9:ce:06:94:08:f9:e1:eb:47:f8:7d:26:
                    3e:ee:2c:27:fb:4d:fc:e1:52:d9:b5:9d:83:8e:13:
                    4b:90:9c:cf:a3:2a:1c:d1:2a:d7:2c:51:45:a0:3a:
                    68:44:e4:f5:75:8c:0a:78:aa:18:5f:95:53:c4:18:
                    9b:b6:62:7e:0f:50:7d:ee:d1:55:67:61:7a:fd:b0:
                    4c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:93:DB:34:62:D7:83:54:A2:C9:5A:96:A5:FA:76:E3:98:8E:2B:92
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:03:28:5f:eb:98:b6:53:b7:34:cb:bf:3f:d9:1e:79:e6:99:
         b6:a1:56:6e:95:b9:00:e8:ab:72:d2:20:65:41:f2:1b:a1:ab:
         6c:b6:e6:6b:83:5d:66:9d:d3:dc:bd:93:b7:32:76:d8:56:89:
         ea:3e:24:a2:50:d1:df:a3:b2:b9:0b:12:cd:39:95:c5:c8:5e:
         2b:0b:2f:a5:bb:64:fd:ca:52:55:0a:f8:be:16:b5:6f:0c:51:
         1f:9f:b4:59:c4:54:55:8f:6e:16:c9:30:81:5c:71:2c:b4:17:
         62:62:8e:8f:a9:7b:d0:13:d0:a6:98:f7:88:ba:a0:3e:7e:67:
         d0:22:d2:e7:7c:ed:ad:d1:01:a5:72:00:1c:84:87:e3:a7:a8:
         21:93:8d:77:43:41:7e:22:85:7e:2e:d1:c0:c5:9f:c2:66:90:
         80:34:ab:ea:55:53:6f:76:24:27:fa:1e:96:11:f6:94:ab:f3:
         87:c7:ce:36:3b:c4:99:47:62:2f:22:6a:8f:f2:73:3f:e0:0a:
         87:1a:26:c7:14:eb:3a:07:12:59:c2:04:fc:c4:fe:d1:ae:63:
         2f:02:e4:48:d3:aa:5c:2a:e2:81:fa:0d:ba:9b:a5:39:d4:12:
         9d:91:51:20:4c:d8:f3:17:d1:d9:1b:23:b0:9d:c6:3b:39:e1:
         48:86:94:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNV4/4F14LAREw1rNOo4w93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjQxMTIyMjIwMDI1WhcNMjQxMTIzMjIwMDI1WjAzMTEwLwYDVQQD
EygxYjkzZGIzNDYyZDc4MzU0YTJjOTVhOTZhNWZhNzZlMzk4OGUyYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1E80htZ4j0zpT3GVGyYw55mmj91D
SK9vY0LyzThpD/YU7h6IxbjOpyh9VKkzRBDRfNamcE6YNIZE4R88C+CzEqE//nEv
SgubdzkFRx78G6p7pCTHm0w7CnGqMxtamyz/aHtLbb1wjXiyL6CRPqewokFkOd2R
Pz/Qi2vsw8lIN3eP956dRDtyzp3R5BjcG+WJ1S4rg63o+jPVr5aMrZx/sfv5jerC
uqezlfPMMiW0Pn24iq7lW0HpzgaUCPnh60f4fSY+7iwn+0384VLZtZ2DjhNLkJzP
oyoc0SrXLFFFoDpoROT1dYwKeKoYX5VTxBibtmJ+D1B97tFVZ2F6/bBMHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuT2zRi14NUoslalqX6duOYjiuSMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgMoX+uY
tlO3NMu/P9keeeaZtqFWbpW5AOirctIgZUHyG6GrbLbma4NdZp3T3L2TtzJ22FaJ
6j4kolDR36OyuQsSzTmVxcheKwsvpbtk/cpSVQr4vha1bwxRH5+0WcRUVY9uFskw
gVxxLLQXYmKOj6l70BPQppj3iLqgPn5n0CLS53ztrdEBpXIAHISH46eoIZONd0NB
fiKFfi7RwMWfwmaQgDSr6lVTb3YkJ/oelhH2lKvzh8fONjvEmUdiLyJqj/JzP+AK
hxomxxTrOgcSWcIE/MT+0a5jLwLkSNOqXCrigfoNupulOdQSnZFRIEzY8xfR2Rsj
sJ3GOznhSIaUng==
-----END CERTIFICATE-----