Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          drPStfXQvcDIKYzd3+6chP/rgMMm8hGT+jK5pcSeo6A=
Subject key identifier:   DC:F1:FA:43:6A:F5:21:68:3A:69:05:FA:40:BF:B7:0C:7C:60:7C:D7
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       018F87ED62682B199BA7035228326F4619C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0407
Signing time:             Fri 17 May 2024 19:00:32 +0000
Manifest this update:     Fri 17 May 2024 19:00:32 +0000
Manifest next update:     Sat 18 May 2024 19:00:32 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: WCEa1gAK7FSPUU3G9IAwCN31f1U20yIHCFIW5aArYSw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:62:68:2b:19:9b:a7:03:52:28:32:6f:46:19:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: May 17 19:00:32 2024 GMT
            Not After : May 18 19:00:32 2024 GMT
        Subject: CN=dcf1fa436af521683a6905fa40bfb70c7c607cd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:95:83:85:6b:89:2a:e9:8f:51:a8:24:9c:6d:
                    39:09:b3:9e:99:42:57:0a:30:35:fb:98:f1:c2:68:
                    5c:fd:25:2a:4d:0d:3d:fa:2d:65:20:a6:eb:a1:b8:
                    5f:c1:bf:3b:ab:02:7b:07:f5:b9:13:b1:fe:24:25:
                    56:3d:62:a9:9b:a8:09:3f:8b:5c:32:a7:e6:27:fc:
                    c7:e3:46:de:59:72:d2:89:9e:3d:ef:89:45:cb:eb:
                    13:80:00:06:16:be:7a:87:40:76:74:31:64:38:25:
                    dd:e6:d1:c4:59:d5:8e:2a:fa:20:f8:f0:19:90:18:
                    31:b0:9d:bf:66:18:f0:93:b3:52:3e:21:85:03:c5:
                    07:3a:5b:d1:8c:b5:91:b2:11:25:2f:e3:00:7e:41:
                    5d:1e:23:73:9d:9c:22:90:10:73:18:67:9b:1c:9c:
                    b2:58:e6:e1:aa:21:76:93:67:b8:3d:b5:df:37:d0:
                    ff:27:c4:4f:a5:54:cf:d4:d6:be:36:f3:55:ba:76:
                    56:23:37:bf:a7:e9:89:fa:e6:81:9d:8f:95:03:4b:
                    08:ef:42:ce:11:43:61:f8:f8:a2:ef:c5:99:81:39:
                    e2:d8:1f:0f:e3:2b:f3:08:bb:fd:c8:41:e0:8d:81:
                    96:09:cc:96:de:61:03:e2:e7:f7:da:91:b1:e6:38:
                    a4:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:F1:FA:43:6A:F5:21:68:3A:69:05:FA:40:BF:B7:0C:7C:60:7C:D7
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:2b:5e:0d:4c:bf:83:77:69:5e:2b:f7:c6:25:05:b9:df:a6:
         e4:fd:e0:d1:c5:6f:b6:c0:1b:f3:74:94:06:ed:0c:44:06:f5:
         38:fd:f5:92:95:67:b1:51:20:8e:aa:4f:3d:b4:be:ba:8e:e8:
         88:cb:d2:3c:f9:7b:9d:b6:25:95:b8:9e:b5:06:37:31:03:04:
         1f:fd:ad:6d:30:13:e6:77:2b:22:83:b3:6c:c2:6e:e5:e0:9f:
         c8:74:4c:eb:88:d9:c9:d6:7f:1c:dd:9b:3d:5f:b6:89:aa:3f:
         57:62:5c:e9:ac:05:d3:c6:a4:f2:ca:e9:cb:20:9e:96:d8:5a:
         32:46:13:47:53:12:7b:ca:84:24:58:90:27:0c:55:69:52:1b:
         da:9e:37:34:64:27:bf:e4:1d:e8:16:7e:5c:62:83:65:71:ea:
         d4:f2:23:6c:a6:8d:ee:1a:2f:47:76:f6:10:48:f8:d6:8c:79:
         b9:e6:d8:d6:3c:ea:42:1c:ed:52:02:e6:85:ab:f5:ac:5e:32:
         77:ce:f4:38:0a:e0:ab:51:ad:b2:e5:55:70:d6:fa:bb:6f:a3:
         d9:2e:e1:21:3b:bb:a5:f1:81:fa:22:e4:3b:4b:dc:69:38:e2:
         f0:38:fd:bc:08:51:f6:6d:fd:f3:e5:bc:80:e4:62:01:c0:6f:
         65:61:7f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7WJoKxmbpwNSKDJvRhnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjQwNTE3MTkwMDMyWhcNMjQwNTE4MTkwMDMyWjAzMTEwLwYDVQQD
EyhkY2YxZmE0MzZhZjUyMTY4M2E2OTA1ZmE0MGJmYjcwYzdjNjA3Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZWDhWuJKumPUagknG05CbOemUJX
CjA1+5jxwmhc/SUqTQ09+i1lIKbrobhfwb87qwJ7B/W5E7H+JCVWPWKpm6gJP4tc
MqfmJ/zH40beWXLSiZ4974lFy+sTgAAGFr56h0B2dDFkOCXd5tHEWdWOKvog+PAZ
kBgxsJ2/Zhjwk7NSPiGFA8UHOlvRjLWRshElL+MAfkFdHiNznZwikBBzGGebHJyy
WObhqiF2k2e4PbXfN9D/J8RPpVTP1Na+NvNVunZWIze/p+mJ+uaBnY+VA0sI70LO
EUNh+Pii78WZgTni2B8P4yvzCLv9yEHgjYGWCcyW3mED4uf32pGx5jikPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzx+kNq9SFoOmkF+kC/twx8YHzXMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbSteDUy/
g3dpXiv3xiUFud+m5P3g0cVvtsAb83SUBu0MRAb1OP31kpVnsVEgjqpPPbS+uo7o
iMvSPPl7nbYllbietQY3MQMEH/2tbTAT5ncrIoOzbMJu5eCfyHRM64jZydZ/HN2b
PV+2iao/V2Jc6awF08ak8srpyyCelthaMkYTR1MSe8qEJFiQJwxVaVIb2p43NGQn
v+Qd6BZ+XGKDZXHq1PIjbKaN7hovR3b2EEj41ox5uebY1jzqQhztUgLmhav1rF4y
d870OArgq1GtsuVVcNb6u2+j2S7hITu7pfGB+iLkO0vcaTji8Dj9vAhR9m398+W8
gORiAcBvZWF/Yg==
-----END CERTIFICATE-----