Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          UaRxccoGkZsAhiUtYRH5C+wouWDRzdS6tIBi/Bf88Vs=
Subject key identifier:   AA:CF:4F:71:F1:DD:C6:46:45:EB:94:E3:24:54:F4:01:72:33:9C:05
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019406EA84D9EEAED0C88BA1322DE5430FE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          13CD
Signing time:             Fri 27 Dec 2024 07:00:20 +0000
Manifest this update:     Fri 27 Dec 2024 07:00:20 +0000
Manifest next update:     Sat 28 Dec 2024 07:00:20 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: dBr6oKlXuTys6ypad/MdvrUxGPqNVU1+pX+sbIHtG0Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:ea:84:d9:ee:ae:d0:c8:8b:a1:32:2d:e5:43:0f:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Dec 27 07:00:20 2024 GMT
            Not After : Dec 28 07:00:20 2024 GMT
        Subject: CN=aacf4f71f1ddc64645eb94e32454f40172339c05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:30:3d:ea:37:bf:39:6f:9b:8a:c9:3e:ea:cc:
                    43:4c:2f:03:c6:92:60:62:b6:98:c9:d3:12:dc:95:
                    a6:1e:2a:f7:14:0b:30:ab:e4:34:03:25:02:e2:a2:
                    ca:4a:2a:e4:90:99:40:18:ce:a1:df:be:c6:b3:7c:
                    4f:05:54:80:e5:6d:55:e9:9c:b9:12:9e:aa:31:c4:
                    3c:da:cb:94:24:e3:5f:a0:7d:41:ea:99:75:46:21:
                    cd:1e:28:eb:48:12:85:33:14:63:8b:c6:4a:fc:f6:
                    04:b3:73:40:3b:e4:a6:00:23:5b:3d:b4:59:e0:d4:
                    7f:41:bc:74:41:ad:1f:fd:02:1f:09:5a:ba:58:90:
                    b0:79:22:76:8e:e5:31:e6:79:ce:1d:5e:20:43:0f:
                    45:72:22:c5:88:82:81:d8:a8:1d:a2:d7:4e:5d:7d:
                    72:11:94:6d:91:80:74:2e:e3:d8:df:1a:72:a1:b6:
                    a7:e3:f2:2e:6b:17:c9:20:72:83:c7:09:76:63:cf:
                    76:dd:dc:86:88:58:c9:96:0c:96:66:aa:a7:23:b0:
                    59:1c:25:08:2b:ef:6f:50:d7:cc:6c:44:a1:00:e7:
                    28:4f:88:1b:e3:c1:88:72:8c:23:f0:e6:c1:56:6d:
                    b2:6a:7e:94:0d:cd:da:ab:40:f9:a0:bd:38:58:64:
                    35:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:CF:4F:71:F1:DD:C6:46:45:EB:94:E3:24:54:F4:01:72:33:9C:05
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:81:08:f3:48:11:e0:05:ae:ba:ee:ea:2f:f1:6f:05:4d:9c:
         8a:38:a1:17:6e:d8:0d:15:1e:58:ee:09:e4:4f:34:8c:7b:7a:
         32:3b:76:b7:9b:a3:4a:c6:b2:fa:2b:00:b1:22:b6:7c:b2:af:
         77:2f:d6:c1:91:3b:18:ad:be:fe:da:c9:3f:57:64:87:c4:72:
         38:d5:da:a9:c8:76:60:3f:f1:a6:b8:6c:31:3a:08:9b:19:4a:
         ac:bc:73:38:50:0a:b6:30:5f:7d:32:7b:b0:8e:e4:a3:22:ba:
         06:aa:b4:f6:6e:6d:32:59:07:50:7c:7b:36:94:1f:a7:75:69:
         17:7c:d0:69:c6:10:8e:d6:a4:7f:2d:d8:c6:6f:72:6a:19:57:
         d9:10:63:ad:a4:5a:23:7c:ad:8d:91:16:0d:4c:49:95:22:72:
         32:4f:d4:38:47:3d:86:64:90:83:d3:4c:bd:94:df:85:ef:7f:
         e9:40:85:84:62:41:ca:38:c8:a2:09:c8:c4:a2:13:83:ee:fb:
         7f:32:55:45:90:e9:1f:3c:0d:32:e8:d2:c0:db:96:5c:d3:5f:
         97:0d:ea:5f:83:38:7a:11:82:57:d8:ff:97:91:d8:9b:56:44:
         93:6f:78:5b:b5:d7:6e:c2:5d:6f:8a:4c:85:3d:84:a9:f5:94:
         42:5d:b0:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQG6oTZ7q7QyIuhMi3lQw/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjQxMjI3MDcwMDIwWhcNMjQxMjI4MDcwMDIwWjAzMTEwLwYDVQQD
EyhhYWNmNGY3MWYxZGRjNjQ2NDVlYjk0ZTMyNDU0ZjQwMTcyMzM5YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjA96je/OW+bisk+6sxDTC8DxpJg
YraYydMS3JWmHir3FAswq+Q0AyUC4qLKSirkkJlAGM6h377Gs3xPBVSA5W1V6Zy5
Ep6qMcQ82suUJONfoH1B6pl1RiHNHijrSBKFMxRji8ZK/PYEs3NAO+SmACNbPbRZ
4NR/Qbx0Qa0f/QIfCVq6WJCweSJ2juUx5nnOHV4gQw9FciLFiIKB2KgdotdOXX1y
EZRtkYB0LuPY3xpyoban4/IuaxfJIHKDxwl2Y8923dyGiFjJlgyWZqqnI7BZHCUI
K+9vUNfMbEShAOcoT4gb48GIcowj8ObBVm2yan6UDc3aq0D5oL04WGQ1KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrPT3Hx3cZGReuU4yRU9AFyM5wFMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAloEI80gR
4AWuuu7qL/FvBU2cijihF27YDRUeWO4J5E80jHt6Mjt2t5ujSsay+isAsSK2fLKv
dy/WwZE7GK2+/trJP1dkh8RyONXaqch2YD/xprhsMToImxlKrLxzOFAKtjBffTJ7
sI7koyK6Bqq09m5tMlkHUHx7NpQfp3VpF3zQacYQjtakfy3Yxm9yahlX2RBjraRa
I3ytjZEWDUxJlSJyMk/UOEc9hmSQg9NMvZTfhe9/6UCFhGJByjjIognIxKITg+77
fzJVRZDpHzwNMujSwNuWXNNflw3qX4M4ehGCV9j/l5HYm1ZEk294W7XXbsJdb4pM
hT2EqfWUQl2wLQ==
-----END CERTIFICATE-----