Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          eIwTF9WGxQW2NON/Iz6rBDN0fo27I90QckuoBjsOgjg=
Subject key identifier:   72:10:DC:E8:94:7B:04:34:2F:C0:0A:D1:35:29:DE:DA:74:EB:2C:E2
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       018F3C9CE4F9B0CDF5CE999ACBB934751848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          1152
Signing time:             Fri 03 May 2024 04:01:06 +0000
Manifest this update:     Fri 03 May 2024 04:01:06 +0000
Manifest next update:     Sat 04 May 2024 04:01:06 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: sgl09pqI2wpmUUcHO8QYEaOY7Zeo1nJbKVWJKwKIPfo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3c:9c:e4:f9:b0:cd:f5:ce:99:9a:cb:b9:34:75:18:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: May  3 04:01:06 2024 GMT
            Not After : May  4 04:01:06 2024 GMT
        Subject: CN=7210dce8947b04342fc00ad13529deda74eb2ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8e:b7:6f:6a:03:e0:8c:28:46:ee:9e:fb:49:
                    c1:d7:03:04:83:51:41:39:71:a7:ba:23:c6:4a:ac:
                    37:e3:f4:95:df:ca:9c:dc:c0:8b:56:2f:06:09:32:
                    51:4c:57:95:42:71:20:fa:25:fc:92:46:7f:1f:04:
                    cb:a1:25:2d:c9:84:72:f2:a3:7c:13:7d:47:5c:2e:
                    b5:23:c7:79:56:70:2d:4b:64:91:81:63:e2:6c:24:
                    9f:49:c0:7f:d6:60:74:76:65:08:3e:38:3e:02:1d:
                    fc:65:e8:b8:1f:a3:aa:23:a5:d4:83:3c:12:02:60:
                    56:e6:6e:13:9d:ab:3d:e3:95:d2:f5:44:2d:36:00:
                    0f:19:19:02:de:b2:38:7a:9e:eb:90:95:bd:2d:f5:
                    12:6b:1d:93:ac:05:d2:c4:bf:fa:23:29:aa:7c:3a:
                    c6:78:49:6e:11:ed:8e:53:8d:29:3e:53:c2:9b:fd:
                    9a:f8:cb:5a:bf:fe:bd:7e:4f:5c:0e:bb:17:75:41:
                    7d:f5:c1:f7:15:d9:68:ff:ac:2a:a6:f4:7d:89:66:
                    66:80:00:80:3f:c5:ce:c4:56:d9:86:1d:4d:15:7b:
                    38:43:c5:07:70:6d:c0:73:3f:85:2b:1b:18:0a:65:
                    3e:8c:89:b1:dd:33:96:c4:f0:98:31:22:29:7e:d5:
                    b3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:10:DC:E8:94:7B:04:34:2F:C0:0A:D1:35:29:DE:DA:74:EB:2C:E2
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:06:ea:39:c6:60:98:0a:c9:09:65:46:d5:e7:88:8d:d2:36:
         6d:46:70:4e:31:44:08:b7:23:ec:65:1f:48:99:7a:d6:ab:de:
         5e:37:80:44:98:f6:22:77:4c:ae:e2:4e:a9:c9:79:47:26:0c:
         f7:f2:73:dd:bf:8a:30:e7:af:1e:e8:e0:3c:66:8f:7c:5e:85:
         09:c9:9d:36:9f:ed:88:47:7b:5d:20:d4:9f:e2:08:aa:0c:05:
         5f:aa:73:95:92:82:57:43:0d:ce:8d:d0:9d:16:d6:aa:36:21:
         50:fc:4f:68:f7:3b:ce:6a:64:6f:bd:57:07:82:a3:0e:90:83:
         4a:24:85:fd:69:46:5b:e1:48:4f:5d:8f:b6:95:18:93:5f:a0:
         17:5d:b3:b5:06:1d:30:0d:f5:f7:eb:f4:dd:5b:5c:64:41:80:
         eb:41:5c:56:72:0d:f8:34:d0:07:e9:f7:00:d2:d4:ac:80:76:
         2c:b9:64:3b:6f:b4:d8:53:13:b7:ac:21:9c:c6:c0:60:c9:e4:
         b9:93:03:c5:19:5f:49:5f:b7:31:2c:3e:a0:d4:ee:b2:08:cc:
         97:1f:ee:46:f4:dc:8a:57:47:ca:33:f0:63:da:40:e6:39:54:
         87:82:dd:18:7c:8f:68:b5:d5:8e:fb:f1:25:af:02:46:fe:b0:
         0b:49:40:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY88nOT5sM31zpmay7k0dRhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjQwNTAzMDQwMTA2WhcNMjQwNTA0MDQwMTA2WjAzMTEwLwYDVQQD
Eyg3MjEwZGNlODk0N2IwNDM0MmZjMDBhZDEzNTI5ZGVkYTc0ZWIyY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y63b2oD4IwoRu6e+0nB1wMEg1FB
OXGnuiPGSqw34/SV38qc3MCLVi8GCTJRTFeVQnEg+iX8kkZ/HwTLoSUtyYRy8qN8
E31HXC61I8d5VnAtS2SRgWPibCSfScB/1mB0dmUIPjg+Ah38Zei4H6OqI6XUgzwS
AmBW5m4Tnas945XS9UQtNgAPGRkC3rI4ep7rkJW9LfUSax2TrAXSxL/6IymqfDrG
eEluEe2OU40pPlPCm/2a+Mtav/69fk9cDrsXdUF99cH3Fdlo/6wqpvR9iWZmgACA
P8XOxFbZhh1NFXs4Q8UHcG3Acz+FKxsYCmU+jImx3TOWxPCYMSIpftWzwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIQ3OiUewQ0L8AK0TUp3tp06yziMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwbqOcZg
mArJCWVG1eeIjdI2bUZwTjFECLcj7GUfSJl61qveXjeARJj2IndMruJOqcl5RyYM
9/Jz3b+KMOevHujgPGaPfF6FCcmdNp/tiEd7XSDUn+IIqgwFX6pzlZKCV0MNzo3Q
nRbWqjYhUPxPaPc7zmpkb71XB4KjDpCDSiSF/WlGW+FIT12PtpUYk1+gF12ztQYd
MA319+v03VtcZEGA60FcVnIN+DTQB+n3ANLUrIB2LLlkO2+02FMTt6whnMbAYMnk
uZMDxRlfSV+3MSw+oNTusgjMlx/uRvTcildHyjPwY9pA5jlUh4LdGHyPaLXVjvvx
Ja8CRv6wC0lAjg==
-----END CERTIFICATE-----