Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          XSXs66z34ev1DV8hfRRFBgik+lxll4+bk3JNdN3AcoM=
Subject key identifier:   E6:F9:44:C5:8F:F4:D0:FA:C6:7F:55:DB:A7:2F:3E:0C:2B:55:D3:78
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       019369DADEC8BCA6E59286C993434F145690
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0575
Signing time:             Tue 26 Nov 2024 19:02:51 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:51 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:51 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: 978BydtB4x0Mzuw1ELpWJz7Wt81IlR1j+U6+hAGG+iI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:de:c8:bc:a6:e5:92:86:c9:93:43:4f:14:56:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: Nov 26 19:02:51 2024 GMT
            Not After : Nov 27 19:02:51 2024 GMT
        Subject: CN=e6f944c58ff4d0fac67f55dba72f3e0c2b55d378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:69:f8:a9:28:30:c0:96:46:af:5f:bf:85:7c:
                    ac:07:6a:c4:f3:f5:f4:fd:7d:ac:f9:60:e8:95:ac:
                    b5:83:a5:d6:a8:d2:52:e8:aa:4d:d4:4b:5f:9e:25:
                    12:16:b7:88:17:63:8e:4c:5f:c8:a6:b6:79:56:73:
                    ed:32:ce:a2:3f:24:97:bb:ba:19:5d:4e:13:90:15:
                    25:f5:67:d4:28:ab:1c:2d:e1:f7:71:2b:04:23:be:
                    b5:05:5b:dc:87:3f:02:da:0d:dc:aa:17:ff:1f:e1:
                    ad:1b:33:c5:42:e5:9f:6d:df:a1:14:34:31:10:15:
                    15:5c:32:6a:a4:bf:a5:4b:73:13:ae:e0:38:d1:55:
                    0c:c2:54:4d:cf:28:c0:e3:39:84:05:f5:43:94:da:
                    e8:de:f1:c6:43:5d:9e:f1:d9:83:98:52:48:41:ad:
                    23:5e:93:77:8f:48:3a:c6:81:79:9d:59:e1:1a:27:
                    5a:66:4a:7e:45:32:49:2f:22:e1:8b:1e:08:60:e3:
                    10:e9:7e:79:63:6b:0f:55:89:11:30:58:79:21:2c:
                    7f:9e:b5:39:4f:88:fd:70:62:b2:a8:a6:d7:5b:8f:
                    ec:e7:7f:2b:e1:ee:0e:2f:06:6f:b1:12:9a:7d:0c:
                    76:48:db:fd:91:75:5f:87:0f:5b:ac:30:0d:d6:7a:
                    9d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:F9:44:C5:8F:F4:D0:FA:C6:7F:55:DB:A7:2F:3E:0C:2B:55:D3:78
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:cd:dd:ef:0f:39:7a:d5:dd:3b:e4:71:11:6b:00:17:eb:e2:
         46:92:e6:fc:35:db:1b:72:2c:67:40:05:4f:55:fd:53:60:e5:
         82:12:e9:2f:8c:04:33:8e:9a:0e:37:35:a7:38:1b:7c:25:94:
         af:88:91:0b:7e:60:d7:4b:65:95:78:db:d0:3e:ea:e6:58:de:
         cf:ee:6e:68:24:58:9f:03:a2:20:6f:c6:52:05:fb:51:65:d1:
         3b:02:0b:97:22:4f:0f:ab:c1:16:b4:5c:5e:86:5a:56:58:4b:
         1e:bf:85:c3:d9:97:7f:0c:ef:9a:82:ec:2d:df:8a:44:bc:d1:
         73:d5:0e:53:4e:38:37:aa:90:cb:14:94:99:8b:ea:45:84:3d:
         ee:17:03:18:18:09:e4:0e:3c:33:05:37:6c:f5:60:21:20:4f:
         31:37:d4:b8:7b:4d:e0:43:b1:31:c1:f8:f8:72:12:e3:4d:f2:
         77:d6:6e:df:f8:bc:a5:05:45:c5:d7:b2:fb:33:38:0e:38:15:
         fd:89:fd:63:c8:d9:78:14:e9:92:3c:ae:4b:1b:21:a1:49:b6:
         6a:cb:60:77:4f:7f:7d:d4:c4:42:bf:a3:37:f7:98:1b:af:38:
         f5:7f:68:cb:80:48:12:b6:1b:f8:a8:21:0d:9f:e5:a6:9d:53:
         42:cd:b0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2t7IvKblkobJk0NPFFaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjQxMTI2MTkwMjUxWhcNMjQxMTI3MTkwMjUxWjAzMTEwLwYDVQQD
EyhlNmY5NDRjNThmZjRkMGZhYzY3ZjU1ZGJhNzJmM2UwYzJiNTVkMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWn4qSgwwJZGr1+/hXysB2rE8/X0
/X2s+WDolay1g6XWqNJS6KpN1EtfniUSFreIF2OOTF/IprZ5VnPtMs6iPySXu7oZ
XU4TkBUl9WfUKKscLeH3cSsEI761BVvchz8C2g3cqhf/H+GtGzPFQuWfbd+hFDQx
EBUVXDJqpL+lS3MTruA40VUMwlRNzyjA4zmEBfVDlNro3vHGQ12e8dmDmFJIQa0j
XpN3j0g6xoF5nVnhGidaZkp+RTJJLyLhix4IYOMQ6X55Y2sPVYkRMFh5ISx/nrU5
T4j9cGKyqKbXW4/s538r4e4OLwZvsRKafQx2SNv9kXVfhw9brDAN1nqdcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOb5RMWP9ND6xn9V26cvPgwrVdN4MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj83d7w85
etXdO+RxEWsAF+viRpLm/DXbG3IsZ0AFT1X9U2DlghLpL4wEM46aDjc1pzgbfCWU
r4iRC35g10tllXjb0D7q5ljez+5uaCRYnwOiIG/GUgX7UWXROwILlyJPD6vBFrRc
XoZaVlhLHr+Fw9mXfwzvmoLsLd+KRLzRc9UOU044N6qQyxSUmYvqRYQ97hcDGBgJ
5A48MwU3bPVgISBPMTfUuHtN4EOxMcH4+HIS403yd9Zu3/i8pQVFxdey+zM4DjgV
/Yn9Y8jZeBTpkjyuSxshoUm2astgd09/fdTEQr+jN/eYG6849X9oy4BIErYb+Kgh
DZ/lpp1TQs2wqg==
-----END CERTIFICATE-----