Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          sceZlIzFjChaBoHJTA+PEi9w0/bTzTNh/4hmbr76Vog=
Subject key identifier:   AF:3A:9E:DA:AC:09:47:57:86:3F:F2:3F:AF:F1:21:FB:34:4A:AB:C4
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019362210987B50AF6A58FE4C9E4D9D4D123
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          1374
Signing time:             Mon 25 Nov 2024 07:02:32 +0000
Manifest this update:     Mon 25 Nov 2024 07:02:32 +0000
Manifest next update:     Tue 26 Nov 2024 07:02:32 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: wQauAYexlJrdg1B/5AlBQJ1rSwovGpOAaY04rJKHUq4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:62:21:09:87:b5:0a:f6:a5:8f:e4:c9:e4:d9:d4:d1:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Nov 25 07:02:32 2024 GMT
            Not After : Nov 26 07:02:32 2024 GMT
        Subject: CN=af3a9edaac094757863ff23faff121fb344aabc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b6:4c:3c:eb:e0:ff:19:b1:5f:01:f6:b0:5f:
                    2d:4c:c9:66:af:f5:b5:f0:d3:25:15:66:0b:26:4e:
                    d9:e8:49:95:00:b7:69:6e:0a:e1:e6:bb:bb:bb:47:
                    40:6e:93:83:34:c3:88:3c:95:bc:0c:49:29:76:93:
                    13:76:a4:69:9e:b2:26:e8:3e:6d:00:09:c0:06:12:
                    d1:73:c9:e4:d4:5b:f1:65:1a:f7:cd:76:51:2b:93:
                    72:ee:e9:12:1c:14:9f:9d:2a:a6:16:46:9e:35:5b:
                    ad:ed:56:55:ab:79:75:f8:50:bf:33:a8:85:a6:af:
                    f9:18:a8:04:6a:e2:71:2c:a4:e5:31:5b:6a:e3:16:
                    c9:7b:2f:f4:b2:d7:1c:d0:e5:a9:e3:31:48:98:65:
                    5a:61:4f:a4:44:39:94:d6:e6:72:87:dc:1a:60:89:
                    19:8f:f8:2e:ff:bc:28:33:fc:a7:31:fc:fc:32:ef:
                    d8:cb:21:88:ec:c6:c9:6e:e3:fa:a9:c4:8d:0a:11:
                    47:a5:f6:22:22:34:41:2e:6a:bf:c7:60:2c:ed:90:
                    22:ec:9b:d3:ae:bb:e0:54:8c:7d:43:e8:c9:e8:d6:
                    af:f8:45:f2:07:64:82:ff:9d:de:5c:97:4a:fb:1d:
                    71:c6:e2:30:c6:29:87:7d:be:08:b5:22:5e:82:f0:
                    96:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:3A:9E:DA:AC:09:47:57:86:3F:F2:3F:AF:F1:21:FB:34:4A:AB:C4
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:b3:24:4a:15:8c:5f:82:a5:c0:d5:fb:7f:49:ed:31:04:00:
         cb:cf:c2:d9:46:6b:93:41:fd:8f:4b:0e:6b:1c:30:4d:10:7f:
         36:71:b2:73:ee:de:59:f8:f6:63:af:3c:f7:2b:47:c4:da:1d:
         94:9a:be:f9:f3:91:a1:1f:6c:fc:05:92:7e:0f:16:ba:ae:23:
         b1:b8:42:b8:85:89:5b:59:9d:c5:6e:0f:d6:ec:e9:82:46:d7:
         bb:7f:08:99:35:67:68:d8:91:89:32:59:d2:12:96:fa:99:a1:
         f7:c8:49:d2:be:bb:96:5b:a1:a8:bf:e6:08:28:3d:59:b2:b4:
         44:97:e5:40:76:e7:64:67:88:7c:7f:db:14:44:8f:da:b4:be:
         aa:17:37:02:6b:b6:d8:5a:3c:09:a8:ba:f8:3d:c1:44:ee:16:
         05:aa:29:a9:0b:f0:e6:ba:15:6e:51:8e:f7:41:dc:64:30:1e:
         1f:ab:bf:41:cd:6e:ca:5c:53:0c:09:ec:46:ee:09:3b:09:a9:
         15:df:c7:f6:17:b3:2e:f0:82:76:89:b0:70:a7:79:6d:0a:4e:
         12:21:5d:71:ea:da:fa:01:2f:7b:f0:3a:b6:d7:03:80:26:63:
         48:c7:c3:1f:07:94:5c:09:93:dd:fb:25:1f:c4:59:fe:87:ea:
         14:d2:c4:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNiIQmHtQr2pY/kyeTZ1NEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjQxMTI1MDcwMjMyWhcNMjQxMTI2MDcwMjMyWjAzMTEwLwYDVQQD
EyhhZjNhOWVkYWFjMDk0NzU3ODYzZmYyM2ZhZmYxMjFmYjM0NGFhYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLZMPOvg/xmxXwH2sF8tTMlmr/W1
8NMlFWYLJk7Z6EmVALdpbgrh5ru7u0dAbpODNMOIPJW8DEkpdpMTdqRpnrIm6D5t
AAnABhLRc8nk1FvxZRr3zXZRK5Ny7ukSHBSfnSqmFkaeNVut7VZVq3l1+FC/M6iF
pq/5GKgEauJxLKTlMVtq4xbJey/0stcc0OWp4zFImGVaYU+kRDmU1uZyh9waYIkZ
j/gu/7woM/ynMfz8Mu/YyyGI7MbJbuP6qcSNChFHpfYiIjRBLmq/x2As7ZAi7JvT
rrvgVIx9Q+jJ6Nav+EXyB2SC/53eXJdK+x1xxuIwximHfb4ItSJegvCWfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK86ntqsCUdXhj/yP6/xIfs0SqvEMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLMkShWM
X4KlwNX7f0ntMQQAy8/C2UZrk0H9j0sOaxwwTRB/NnGyc+7eWfj2Y6889ytHxNod
lJq++fORoR9s/AWSfg8Wuq4jsbhCuIWJW1mdxW4P1uzpgkbXu38ImTVnaNiRiTJZ
0hKW+pmh98hJ0r67lluhqL/mCCg9WbK0RJflQHbnZGeIfH/bFESP2rS+qhc3Amu2
2Fo8Cai6+D3BRO4WBaopqQvw5roVblGO90HcZDAeH6u/Qc1uylxTDAnsRu4JOwmp
Fd/H9hezLvCCdomwcKd5bQpOEiFdcera+gEve/A6ttcDgCZjSMfDHweUXAmT3fsl
H8RZ/ofqFNLE1A==
-----END CERTIFICATE-----