Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
File:                     hlonCgsIptsPlMdDV96OSC1944Y.mft (raw, json)
Hash identifier:          9etuIjsZVDZH6vErx4geuUVhMxCmIlXCfHOz1RI1f/8=
Subject key identifier:   C4:DE:DD:6E:95:91:2D:0D:33:6F:C5:4F:63:5E:0F:D3:71:62:36:FA
Authority key identifier: 86:5A:27:0A:0B:08:A6:DB:0F:94:C7:43:57:DE:8E:48:2D:7D:E3:86
Certificate issuer:       /CN=865a270a0b08a6db0f94c74357de8e482d7de386
Certificate serial:       01936A7D33C8AEAAC5F5479F0E2D50A19131
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
Manifest number:          054D
Signing time:             Tue 26 Nov 2024 22:00:10 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:10 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:10 +0000
Files and hashes:         1: hlonCgsIptsPlMdDV96OSC1944Y.crl (hash: YqUTCLFz8gqsuLbQRZoaUaywsMODzjldpmsnGL0yx7A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:33:c8:ae:aa:c5:f5:47:9f:0e:2d:50:a1:91:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=865a270a0b08a6db0f94c74357de8e482d7de386
        Validity
            Not Before: Nov 26 22:00:10 2024 GMT
            Not After : Nov 27 22:00:10 2024 GMT
        Subject: CN=c4dedd6e95912d0d336fc54f635e0fd3716236fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4f:8d:95:f5:2b:bb:0b:28:08:03:03:43:81:
                    8e:cc:91:e4:9f:4e:df:1e:89:8a:a6:a5:c2:a4:41:
                    57:c2:1d:8c:66:b8:fb:26:9d:e3:9a:bc:3f:f0:21:
                    f8:7c:a2:1d:29:3a:05:60:54:ca:3c:75:ca:05:08:
                    31:0b:e5:e4:23:45:81:e8:2f:ad:54:15:06:33:68:
                    93:bc:6e:7a:32:2d:bf:03:49:83:d7:7b:c1:76:41:
                    99:25:50:78:6b:9a:c4:66:ce:3e:39:7b:f0:5f:d0:
                    e2:c5:2e:31:14:e7:41:1e:90:d6:c7:ef:2e:62:1c:
                    ee:58:27:c1:60:f6:35:06:42:02:7a:a0:a5:22:38:
                    45:94:c8:a0:64:c1:13:69:66:39:f4:61:ef:0c:4e:
                    a1:5e:6b:be:84:a0:6d:ab:f0:3f:2e:db:8e:9f:69:
                    42:e8:e1:36:ab:c5:3a:d8:cb:81:89:71:58:95:3c:
                    77:33:3a:c2:a1:1e:32:7c:00:f5:44:07:8f:21:24:
                    69:7a:08:df:66:e3:f6:f7:5d:8c:37:e0:dd:77:a9:
                    df:81:cb:b6:ae:c6:a1:0f:fd:4e:8d:f4:6c:45:40:
                    e9:ae:38:2e:fc:53:df:3a:6d:f9:88:59:32:b5:04:
                    19:13:6e:61:f7:93:bb:1b:74:73:50:59:9d:d5:6c:
                    66:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:DE:DD:6E:95:91:2D:0D:33:6F:C5:4F:63:5E:0F:D3:71:62:36:FA
            X509v3 Authority Key Identifier:
                keyid:86:5A:27:0A:0B:08:A6:DB:0F:94:C7:43:57:DE:8E:48:2D:7D:E3:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:2f:b5:1d:65:64:9c:97:2b:70:2c:fc:e0:3a:f5:5c:d0:8e:
         e5:80:a9:f2:7b:95:42:15:ae:5f:3e:7f:65:c0:9d:ef:25:40:
         c8:6d:2a:d0:3e:d2:14:a7:b0:70:ec:d1:0d:59:3b:70:97:47:
         f9:77:62:e1:67:d8:f0:86:24:d1:a3:4a:08:dc:74:6a:0c:23:
         ff:d6:c7:77:f9:5e:95:0d:50:5a:b3:47:00:79:44:19:02:13:
         a8:25:5f:f3:a1:da:0c:5a:2c:29:f2:b0:19:b9:8c:d3:a5:76:
         bf:58:d0:e5:c4:d2:dd:c1:75:6c:c1:2f:7f:73:1a:1b:7e:04:
         c0:28:87:bf:bc:37:9a:ea:f2:ec:81:45:fd:98:6e:bc:b8:51:
         31:2e:75:8d:1a:2b:ad:81:d8:f2:2e:7c:ff:af:17:ab:a0:4c:
         9d:e4:cb:55:03:67:e8:77:4f:38:38:46:e4:8f:b1:9d:37:a1:
         bb:60:48:03:38:a1:9f:67:81:b7:f7:16:60:8f:51:3b:69:d6:
         bd:2f:11:59:c4:3e:e4:58:53:36:f3:a7:80:09:c8:07:ba:b8:
         5b:31:e2:5d:91:d6:1d:c8:68:0a:68:b7:d8:9a:c8:00:68:8e:
         bb:6a:a1:eb:68:3b:12:cd:ba:42:86:42:a8:59:2b:e7:9b:25:
         3b:b5:af:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfTPIrqrF9UefDi1QoZExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NWEyNzBhMGIwOGE2ZGIwZjk0Yzc0MzU3ZGU4ZTQ4MmQ3
ZGUzODYwHhcNMjQxMTI2MjIwMDEwWhcNMjQxMTI3MjIwMDEwWjAzMTEwLwYDVQQD
EyhjNGRlZGQ2ZTk1OTEyZDBkMzM2ZmM1NGY2MzVlMGZkMzcxNjIzNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE+NlfUruwsoCAMDQ4GOzJHkn07f
HomKpqXCpEFXwh2MZrj7Jp3jmrw/8CH4fKIdKToFYFTKPHXKBQgxC+XkI0WB6C+t
VBUGM2iTvG56Mi2/A0mD13vBdkGZJVB4a5rEZs4+OXvwX9DixS4xFOdBHpDWx+8u
YhzuWCfBYPY1BkICeqClIjhFlMigZMETaWY59GHvDE6hXmu+hKBtq/A/LtuOn2lC
6OE2q8U62MuBiXFYlTx3MzrCoR4yfAD1RAePISRpegjfZuP2912MN+Ddd6nfgcu2
rsahD/1OjfRsRUDprjgu/FPfOm35iFkytQQZE25h95O7G3RzUFmd1WxmdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTe3W6VkS0NM2/FT2NeD9NxYjb6MB8GA1UdIwQY
MBaAFIZaJwoLCKbbD5THQ1fejkgtfeOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZjgyNzgtOWI2ZS00YjhjLWEwZDAt
NjVhOTllZWU1MGM1LzEvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZjgyNzgtOWI2ZS00YjhjLWEwZDAtNjVhOTllZWU1MGM1
LzEvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFC+1HWVk
nJcrcCz84Dr1XNCO5YCp8nuVQhWuXz5/ZcCd7yVAyG0q0D7SFKewcOzRDVk7cJdH
+Xdi4WfY8IYk0aNKCNx0agwj/9bHd/lelQ1QWrNHAHlEGQITqCVf86HaDFosKfKw
GbmM06V2v1jQ5cTS3cF1bMEvf3MaG34EwCiHv7w3mury7IFF/ZhuvLhRMS51jRor
rYHY8i58/68Xq6BMneTLVQNn6HdPODhG5I+xnTehu2BIAzihn2eBt/cWYI9RO2nW
vS8RWcQ+5FhTNvOngAnIB7q4WzHiXZHWHchoCmi32JrIAGiOu2qh62g7Es26QoZC
qFkr55slO7Wvkg==
-----END CERTIFICATE-----