Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          DwQopqPWuGflF11rRurqF9oQIKHspTwjQ03b/zGNdmY=
Subject key identifier:   9E:A6:03:86:3A:22:C1:D0:04:C4:1D:6F:35:10:E2:1B:86:E8:EE:E1
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       018F877F404B20C2ED4BACEE831131CBC6DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          EE
Signing time:             Fri 17 May 2024 17:00:14 +0000
Manifest this update:     Fri 17 May 2024 17:00:14 +0000
Manifest next update:     Sat 18 May 2024 17:00:14 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: oJnrPCgEl+c3P71OcZ4Zn1a+kF1DukTWfwbtpuKB7XQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:7f:40:4b:20:c2:ed:4b:ac:ee:83:11:31:cb:c6:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: May 17 17:00:14 2024 GMT
            Not After : May 18 17:00:14 2024 GMT
        Subject: CN=9ea603863a22c1d004c41d6f3510e21b86e8eee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:25:6c:6b:93:fc:10:9f:5f:9d:4f:43:64:53:
                    b2:84:32:75:72:40:06:3b:bd:c7:50:00:14:32:eb:
                    9d:38:27:12:33:21:e7:76:79:0e:cb:a4:cf:6e:d2:
                    b6:87:70:b9:54:db:67:f2:48:cd:ef:72:90:d2:ce:
                    23:5c:1f:57:a1:b9:84:07:01:26:1c:28:b4:23:88:
                    fb:88:ec:eb:68:da:58:d5:f1:32:8b:b1:24:a5:00:
                    38:cd:9d:a9:05:a7:7d:b2:15:58:bd:21:3e:14:00:
                    6c:15:97:84:1f:48:6f:af:fe:c1:10:c0:0a:a5:b4:
                    d8:28:7b:22:38:3f:e3:b1:36:ae:57:76:00:e8:de:
                    c3:cd:72:09:79:2d:db:bc:cf:4e:51:e5:73:40:83:
                    57:38:7f:0e:c9:aa:1b:4a:e3:3d:f4:d1:a8:b4:26:
                    88:d8:a0:00:f2:f6:0c:14:d3:1e:c6:98:df:92:d4:
                    6e:30:d8:f9:d1:ca:18:8d:10:34:36:87:01:5b:8b:
                    da:6d:9a:25:5b:bb:4d:f8:6b:a1:ca:c0:08:41:5f:
                    1e:e3:c8:13:97:17:30:cd:da:91:3f:23:12:6f:46:
                    2b:bf:c0:de:f0:f4:90:a7:89:46:87:d6:cd:de:fb:
                    5e:ef:76:9a:f5:f4:10:de:52:31:a0:43:a8:9b:10:
                    b6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A6:03:86:3A:22:C1:D0:04:C4:1D:6F:35:10:E2:1B:86:E8:EE:E1
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:bd:57:b1:15:16:3d:71:92:90:75:c4:88:52:15:10:cc:2b:
         08:73:98:8c:22:f8:ab:7c:c6:30:7d:12:4b:a6:fb:0b:62:88:
         39:45:d3:bc:b3:02:bc:ac:a9:09:54:29:5b:da:28:e2:65:fe:
         96:9a:2a:7c:d3:39:d3:c5:ba:51:28:86:db:02:24:90:1a:b3:
         9e:c8:3e:79:09:51:c1:92:07:8e:8b:b9:ba:af:c2:8d:ee:9a:
         84:00:58:ef:ac:b9:51:cd:bf:51:ea:38:dc:dd:5f:46:72:60:
         08:12:30:a7:9f:89:08:5f:0a:bc:06:b6:19:55:48:04:2f:9a:
         aa:b9:83:71:80:85:a7:97:02:30:cc:a9:f4:29:f0:84:15:c5:
         b5:93:3c:c6:32:6c:d6:e8:46:89:4a:11:05:d3:ee:ee:02:a8:
         2a:0a:6c:b9:8d:8c:ce:54:59:12:67:3e:9f:37:4b:14:f1:83:
         06:50:bc:26:a9:50:fe:8e:e7:91:86:12:ff:28:4a:c6:5d:8d:
         03:73:60:a5:b7:36:a5:bc:93:d4:35:6e:ce:78:de:77:4d:59:
         65:4e:c9:ed:35:56:61:4a:29:29:f6:ba:f1:a9:97:cf:71:41:
         49:38:36:63:c3:e7:00:73:95:74:7f:b2:ac:9b:98:c8:d2:6f:
         d8:77:35:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hf0BLIMLtS6zugxExy8bbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjQwNTE3MTcwMDE0WhcNMjQwNTE4MTcwMDE0WjAzMTEwLwYDVQQD
Eyg5ZWE2MDM4NjNhMjJjMWQwMDRjNDFkNmYzNTEwZTIxYjg2ZThlZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCVsa5P8EJ9fnU9DZFOyhDJ1ckAG
O73HUAAUMuudOCcSMyHndnkOy6TPbtK2h3C5VNtn8kjN73KQ0s4jXB9XobmEBwEm
HCi0I4j7iOzraNpY1fEyi7EkpQA4zZ2pBad9shVYvSE+FABsFZeEH0hvr/7BEMAK
pbTYKHsiOD/jsTauV3YA6N7DzXIJeS3bvM9OUeVzQINXOH8OyaobSuM99NGotCaI
2KAA8vYMFNMexpjfktRuMNj50coYjRA0NocBW4vabZolW7tN+GuhysAIQV8e48gT
lxcwzdqRPyMSb0Yrv8De8PSQp4lGh9bN3vte73aa9fQQ3lIxoEOomxC2MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ6mA4Y6IsHQBMQdbzUQ4huG6O7hMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbr1XsRUW
PXGSkHXEiFIVEMwrCHOYjCL4q3zGMH0SS6b7C2KIOUXTvLMCvKypCVQpW9oo4mX+
lpoqfNM508W6USiG2wIkkBqznsg+eQlRwZIHjou5uq/Cje6ahABY76y5Uc2/Ueo4
3N1fRnJgCBIwp5+JCF8KvAa2GVVIBC+aqrmDcYCFp5cCMMyp9CnwhBXFtZM8xjJs
1uhGiUoRBdPu7gKoKgpsuY2MzlRZEmc+nzdLFPGDBlC8JqlQ/o7nkYYS/yhKxl2N
A3Ngpbc2pbyT1DVuznjed01ZZU7J7TVWYUopKfa68amXz3FBSTg2Y8PnAHOVdH+y
rJuYyNJv2Hc11A==
-----END CERTIFICATE-----