Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
File:                     HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json)
Hash identifier:          ZDdxJXJGubVDurzNTPI+tVNSKKRRKC5WSO8RNfZgro0=
Subject key identifier:   B1:53:1B:7C:8C:88:A3:57:8E:50:E2:C2:71:A9:D7:48:59:6D:BA:78
Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9
Certificate issuer:       /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
Certificate serial:       018F874A91B0BFFC66A3BE2B615E34033C6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
Manifest number:          0372
Signing time:             Fri 17 May 2024 16:02:42 +0000
Manifest this update:     Fri 17 May 2024 16:02:42 +0000
Manifest next update:     Sat 18 May 2024 16:02:42 +0000
Files and hashes:         1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: vl2iow1FI0XGMgrfPLJ03Id6u5KVVfV9Ybua3dmVPTQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:91:b0:bf:fc:66:a3:be:2b:61:5e:34:03:3c:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9
        Validity
            Not Before: May 17 16:02:42 2024 GMT
            Not After : May 18 16:02:42 2024 GMT
        Subject: CN=b1531b7c8c88a3578e50e2c271a9d748596dba78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f8:ff:df:3d:d7:f4:81:7e:79:4a:d9:2e:49:
                    38:46:d6:d6:a2:63:cd:0a:e2:6d:1f:98:8d:26:d5:
                    a4:90:9d:9b:31:ad:d9:8a:5b:a0:0b:97:da:eb:fc:
                    34:92:0f:5a:c7:18:95:22:cf:14:36:7d:3e:65:c1:
                    20:40:f0:cf:52:f7:b4:04:ea:93:28:6d:3b:c3:c8:
                    0d:f1:03:fb:f2:5d:55:a6:e2:2b:d7:3b:6c:c4:73:
                    c6:f6:20:3e:67:c8:b5:1d:38:2b:3f:40:d2:fc:87:
                    66:6f:96:16:df:e1:41:2f:76:6f:cf:f6:f8:e5:e6:
                    2d:28:e4:5c:d4:cd:2c:39:7f:1f:d2:3b:78:08:51:
                    2d:f6:a8:c7:6d:23:98:f4:65:82:9e:84:08:ec:df:
                    d1:68:e5:0a:be:71:24:0c:f2:10:97:f9:51:fe:0d:
                    ee:0d:77:97:69:f2:7e:5f:cb:5e:36:59:ae:34:a7:
                    ba:4b:8a:40:04:9b:39:a0:85:f0:9f:41:cb:56:3d:
                    de:e3:6e:be:1b:a9:4e:97:58:9f:f4:8d:48:9d:90:
                    d3:92:78:a1:72:1f:2a:51:80:63:a9:b4:84:ef:de:
                    dc:c7:fd:d8:da:f8:92:bc:45:0b:ce:58:c9:1e:bd:
                    48:dc:d9:56:00:7c:7f:00:7c:f9:d1:b2:69:0d:e6:
                    15:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:53:1B:7C:8C:88:A3:57:8E:50:E2:C2:71:A9:D7:48:59:6D:BA:78
            X509v3 Authority Key Identifier:
                keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:d9:a4:11:d9:ba:3a:56:ff:01:03:a3:16:5c:73:da:64:6d:
         39:8c:05:f4:ef:23:09:bc:0b:8a:3a:aa:62:3e:f1:49:05:d3:
         19:ef:a6:e6:65:c8:b4:6e:4b:d2:88:68:e7:0f:c4:3f:a4:bb:
         30:1a:92:12:1a:3a:38:43:f4:29:9a:29:f4:56:5e:7c:d1:c4:
         ae:b3:3c:2f:41:18:63:e4:9f:ba:74:99:d9:eb:cd:84:35:cb:
         f7:df:85:2d:89:79:0e:f3:c0:36:8f:7f:cd:1a:32:79:5c:d5:
         ba:56:93:89:d1:5b:58:00:bc:c3:86:74:88:92:f0:84:f9:25:
         7b:69:bc:aa:7e:01:b6:47:07:c3:55:a6:d3:44:7a:25:9a:19:
         04:07:14:86:07:62:4a:2e:2e:a3:ac:ba:d4:5a:b9:6b:57:a9:
         fd:41:08:cf:78:31:d0:32:5a:78:98:34:6f:69:58:5e:ec:83:
         cc:af:86:b1:70:7c:84:63:f7:a8:43:00:94:64:c4:8e:74:c5:
         ad:27:56:04:09:c1:f1:7b:3c:90:ad:62:d4:8c:30:f3:d2:2a:
         4c:1a:3d:87:c5:c3:ae:07:8f:53:d0:93:ce:7e:0e:44:ac:80:
         0a:36:6a:bd:3c:b5:78:5e:b5:ae:e3:4e:20:26:ab:52:c9:72:
         f4:3e:0a:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSpGwv/xmo74rYV40AzxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2
NTg0ZDkwHhcNMjQwNTE3MTYwMjQyWhcNMjQwNTE4MTYwMjQyWjAzMTEwLwYDVQQD
EyhiMTUzMWI3YzhjODhhMzU3OGU1MGUyYzI3MWE5ZDc0ODU5NmRiYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfj/3z3X9IF+eUrZLkk4RtbWomPN
CuJtH5iNJtWkkJ2bMa3ZilugC5fa6/w0kg9axxiVIs8UNn0+ZcEgQPDPUve0BOqT
KG07w8gN8QP78l1VpuIr1ztsxHPG9iA+Z8i1HTgrP0DS/Idmb5YW3+FBL3Zvz/b4
5eYtKORc1M0sOX8f0jt4CFEt9qjHbSOY9GWCnoQI7N/RaOUKvnEkDPIQl/lR/g3u
DXeXafJ+X8teNlmuNKe6S4pABJs5oIXwn0HLVj3e426+G6lOl1if9I1InZDTknih
ch8qUYBjqbSE797cx/3Y2viSvEULzljJHr1I3NlWAHx/AHz50bJpDeYVlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFTG3yMiKNXjlDiwnGp10hZbbp4MB8GA1UdIwQY
MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt
OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh
LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqdmkEdm6
Olb/AQOjFlxz2mRtOYwF9O8jCbwLijqqYj7xSQXTGe+m5mXItG5L0oho5w/EP6S7
MBqSEho6OEP0KZop9FZefNHErrM8L0EYY+SfunSZ2evNhDXL99+FLYl5DvPANo9/
zRoyeVzVulaTidFbWAC8w4Z0iJLwhPkle2m8qn4BtkcHw1Wm00R6JZoZBAcUhgdi
Si4uo6y61Fq5a1ep/UEIz3gx0DJaeJg0b2lYXuyDzK+GsXB8hGP3qEMAlGTEjnTF
rSdWBAnB8Xs8kK1i1Iww89IqTBo9h8XDrgePU9CTzn4ORKyACjZqvTy1eF61ruNO
ICarUsly9D4KMg==
-----END CERTIFICATE-----