Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          JiYqn6XpTZyR5wjVT1tZV1UgLBPrU5DqrKJzqmpHnx8=
Subject key identifier:   71:9D:02:E6:7D:D0:A1:9F:B4:8D:D8:06:55:BA:AD:38:CD:0C:FE:1F
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       0193572DCD039252A37C551E3F07475157A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0600
Signing time:             Sat 23 Nov 2024 04:00:39 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:39 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:39 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: 38gf84gfH7icMEusJcACUOv/wY63bZqatz/q4OIBFno=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:cd:03:92:52:a3:7c:55:1e:3f:07:47:51:57:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Nov 23 04:00:39 2024 GMT
            Not After : Nov 24 04:00:39 2024 GMT
        Subject: CN=719d02e67dd0a19fb48dd80655baad38cd0cfe1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b5:8d:3c:49:95:fe:e5:84:7f:dc:35:0f:2c:
                    ce:c6:85:c9:67:13:3b:ab:96:9b:a9:2d:4b:5e:85:
                    22:c0:70:a6:1d:bb:d9:81:da:4a:f5:1e:5f:32:8a:
                    40:fb:53:7d:83:88:48:33:15:e2:06:87:23:b0:af:
                    fd:d1:20:65:41:1b:7a:26:cc:d8:f6:4b:65:e4:1b:
                    a1:75:3c:32:86:df:5f:c7:c0:75:c6:98:fe:f4:7e:
                    ed:79:2d:44:da:46:11:fe:d1:fc:8e:c7:d8:fa:2d:
                    5a:22:e0:a2:06:2c:b0:2a:dd:07:71:74:0e:6f:58:
                    ea:97:ae:9e:bd:78:b0:ce:76:cb:c5:89:ec:c2:cf:
                    52:59:cc:14:bb:f2:ac:9a:e8:cb:2d:8c:b7:da:c9:
                    52:39:db:6c:44:76:22:3e:5f:8a:ae:a4:08:6b:b8:
                    c0:14:68:16:52:8d:44:95:08:be:ec:a6:c7:18:67:
                    b1:99:b4:05:7e:26:be:4d:ad:86:ee:41:23:4c:55:
                    cf:93:c9:12:9a:74:5e:16:b4:87:c4:70:35:43:d9:
                    a4:7a:7a:f5:28:b2:e8:1b:80:e1:95:e6:8e:bc:a8:
                    91:6a:94:4f:0f:ad:cf:e5:4d:d6:f3:e2:6f:c7:e9:
                    4a:58:34:99:58:e5:f0:9d:de:04:54:b8:d6:2a:3f:
                    af:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:9D:02:E6:7D:D0:A1:9F:B4:8D:D8:06:55:BA:AD:38:CD:0C:FE:1F
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:67:6f:94:4a:ab:1e:bd:f8:43:2c:4b:ef:ee:84:1f:bc:1b:
         16:84:30:87:d7:98:5d:60:2f:f6:f2:48:00:e9:a2:4d:61:aa:
         16:0a:c9:a6:c3:e1:d4:86:98:45:71:77:c6:0e:a3:3b:ac:26:
         6a:72:ba:49:07:0b:70:63:23:fd:c9:94:74:fa:dd:47:e3:84:
         fc:5a:ed:a6:19:d6:a6:38:0c:58:43:b5:ff:af:85:5a:24:12:
         b3:28:2c:c8:33:f4:91:89:9e:63:49:37:34:34:d8:17:7f:d5:
         02:03:c9:dc:1d:f8:8a:cc:09:76:40:d2:e0:ab:52:ed:5e:2b:
         6e:38:dd:dd:56:ad:11:f8:cf:84:59:cb:4a:0c:cf:f0:ca:f6:
         73:44:14:59:df:d7:c5:17:da:34:86:c1:d3:d1:71:e2:da:0f:
         39:f7:93:35:73:58:2c:10:db:58:5f:c5:78:b5:13:91:48:a1:
         2b:90:21:d4:43:f0:e1:18:04:8e:bc:11:ea:75:3c:45:22:d6:
         71:1c:45:53:d0:b7:99:bb:43:be:1d:3b:3c:85:58:0d:84:d3:
         fa:58:01:69:5b:ca:b5:50:65:fd:24:08:fb:69:09:f0:cc:6a:
         68:49:6b:d1:3a:fe:5e:81:ce:de:2b:29:ac:c7:22:c5:5b:6c:
         18:ae:29:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLc0DklKjfFUePwdHUVenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjQxMTIzMDQwMDM5WhcNMjQxMTI0MDQwMDM5WjAzMTEwLwYDVQQD
Eyg3MTlkMDJlNjdkZDBhMTlmYjQ4ZGQ4MDY1NWJhYWQzOGNkMGNmZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrWNPEmV/uWEf9w1DyzOxoXJZxM7
q5abqS1LXoUiwHCmHbvZgdpK9R5fMopA+1N9g4hIMxXiBocjsK/90SBlQRt6JszY
9ktl5BuhdTwyht9fx8B1xpj+9H7teS1E2kYR/tH8jsfY+i1aIuCiBiywKt0HcXQO
b1jql66evXiwznbLxYnsws9SWcwUu/KsmujLLYy32slSOdtsRHYiPl+KrqQIa7jA
FGgWUo1ElQi+7KbHGGexmbQFfia+Ta2G7kEjTFXPk8kSmnReFrSHxHA1Q9mkenr1
KLLoG4DhleaOvKiRapRPD63P5U3W8+Jvx+lKWDSZWOXwnd4EVLjWKj+vLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGdAuZ90KGftI3YBlW6rTjNDP4fMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvWdvlEqr
Hr34QyxL7+6EH7wbFoQwh9eYXWAv9vJIAOmiTWGqFgrJpsPh1IaYRXF3xg6jO6wm
anK6SQcLcGMj/cmUdPrdR+OE/FrtphnWpjgMWEO1/6+FWiQSsygsyDP0kYmeY0k3
NDTYF3/VAgPJ3B34iswJdkDS4KtS7V4rbjjd3VatEfjPhFnLSgzP8Mr2c0QUWd/X
xRfaNIbB09Fx4toPOfeTNXNYLBDbWF/FeLUTkUihK5Ah1EPw4RgEjrwR6nU8RSLW
cRxFU9C3mbtDvh07PIVYDYTT+lgBaVvKtVBl/SQI+2kJ8MxqaElr0Tr+XoHO3isp
rMcixVtsGK4plw==
-----END CERTIFICATE-----