Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          EnB2vdyb0vkPh0RVpNuakbudt6YFnHJtwaYCFf0OqQQ=
Subject key identifier:   CB:81:77:F4:81:F9:E1:C1:79:85:4F:FB:75:91:F7:BE:47:CB:0D:B3
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       0193568B6835384476E795F442BCF56CF704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          0F3E
Signing time:             Sat 23 Nov 2024 01:03:16 +0000
Manifest this update:     Sat 23 Nov 2024 01:03:16 +0000
Manifest next update:     Sun 24 Nov 2024 01:03:16 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: ceXp7J65NsokXfH7juQxKdlFetN3zmdyEM89omDANCI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:03:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8b:68:35:38:44:76:e7:95:f4:42:bc:f5:6c:f7:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Nov 23 01:03:16 2024 GMT
            Not After : Nov 24 01:03:16 2024 GMT
        Subject: CN=cb8177f481f9e1c179854ffb7591f7be47cb0db3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:13:1a:74:2a:87:20:40:95:54:0e:e2:84:53:
                    5d:d2:be:63:f1:e3:35:21:42:90:70:00:5e:a9:dc:
                    82:bf:b9:54:b8:db:5c:8d:50:d3:36:7a:9e:07:11:
                    26:19:5a:95:54:90:99:b0:e9:da:a0:06:e5:74:4a:
                    41:61:5c:9d:ba:39:a5:fb:3c:d8:c3:c0:a0:56:87:
                    c1:fa:8a:87:36:90:90:1d:57:31:a3:66:6e:b2:60:
                    3a:9f:03:0c:e1:c4:c4:ac:f7:35:01:d3:dd:9a:5a:
                    44:08:90:32:40:62:b7:e6:b7:5b:13:8f:8c:66:a8:
                    8d:9c:c8:01:38:1b:5d:d8:34:65:b2:83:af:1c:d5:
                    1d:5e:3b:e8:09:43:6a:d0:d8:0e:85:67:51:8a:97:
                    79:eb:b9:a4:68:ef:4e:4e:ac:2e:ce:5e:33:05:2b:
                    7f:28:65:e4:78:2e:fd:e0:e8:1e:b6:60:6b:ef:39:
                    34:e4:ee:a4:bb:ad:e6:b1:3f:f9:66:09:6d:98:ef:
                    7e:db:55:10:16:1b:34:5d:d6:ad:79:3e:00:2b:97:
                    26:43:46:ed:b7:3d:d4:b9:d5:72:19:39:da:16:e4:
                    b0:6e:e1:1c:0a:d6:9f:a2:ac:fd:fe:5b:0c:72:e6:
                    a8:34:8f:02:46:f1:39:3b:6f:ab:f7:9b:0b:cf:7d:
                    a1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:81:77:F4:81:F9:E1:C1:79:85:4F:FB:75:91:F7:BE:47:CB:0D:B3
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:65:b5:ca:0f:f6:20:96:2a:6a:fb:57:36:b4:71:a3:94:f7:
         e9:75:f0:68:48:89:92:2a:99:c4:c0:c1:69:18:c6:f6:ef:69:
         f8:88:6d:bb:c5:b4:7a:0b:3b:5b:7b:cf:28:14:d6:d7:cb:a4:
         e6:41:8c:21:22:54:2e:ac:bf:94:5f:f3:db:bc:43:03:a7:09:
         88:34:db:a4:3a:57:38:e6:c0:d0:25:1a:25:ad:81:43:cf:be:
         41:9d:b3:00:79:0f:8a:f3:51:12:66:e9:b2:db:23:db:aa:0b:
         46:4b:ac:f1:e2:1e:9b:fe:ff:d4:58:05:e4:ba:5e:38:8c:af:
         2a:f6:91:8c:1a:a3:45:a4:d3:42:91:42:92:65:88:29:37:cd:
         b0:86:18:ed:cd:b9:b8:e2:bf:b3:8b:b7:9f:05:60:d3:d5:ca:
         73:47:37:3c:b1:0b:14:2a:c7:a1:17:23:fa:9e:d6:87:b4:4c:
         02:fc:dc:1b:d0:a0:f9:13:aa:c7:4d:61:c8:83:17:47:f9:02:
         b7:4d:40:9d:22:ce:8c:77:f4:ec:95:61:47:76:d6:e0:a3:cc:
         77:02:78:ce:40:98:99:cf:e2:30:8b:2c:aa:d7:bc:76:bd:a3:
         db:d0:7a:20:c8:fc:42:62:c4:e9:b9:c1:9e:88:10:27:52:ab:
         19:3b:fb:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWi2g1OER255X0Qrz1bPcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjQxMTIzMDEwMzE2WhcNMjQxMTI0MDEwMzE2WjAzMTEwLwYDVQQD
EyhjYjgxNzdmNDgxZjllMWMxNzk4NTRmZmI3NTkxZjdiZTQ3Y2IwZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/hMadCqHIECVVA7ihFNd0r5j8eM1
IUKQcABeqdyCv7lUuNtcjVDTNnqeBxEmGVqVVJCZsOnaoAbldEpBYVydujml+zzY
w8CgVofB+oqHNpCQHVcxo2ZusmA6nwMM4cTErPc1AdPdmlpECJAyQGK35rdbE4+M
ZqiNnMgBOBtd2DRlsoOvHNUdXjvoCUNq0NgOhWdRipd567mkaO9OTqwuzl4zBSt/
KGXkeC794OgetmBr7zk05O6ku63msT/5ZgltmO9+21UQFhs0XdateT4AK5cmQ0bt
tz3UudVyGTnaFuSwbuEcCtafoqz9/lsMcuaoNI8CRvE5O2+r95sLz32hdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuBd/SB+eHBeYVP+3WR975Hyw2zMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsmW1yg/2
IJYqavtXNrRxo5T36XXwaEiJkiqZxMDBaRjG9u9p+Ihtu8W0egs7W3vPKBTW18uk
5kGMISJULqy/lF/z27xDA6cJiDTbpDpXOObA0CUaJa2BQ8++QZ2zAHkPivNREmbp
stsj26oLRkus8eIem/7/1FgF5LpeOIyvKvaRjBqjRaTTQpFCkmWIKTfNsIYY7c25
uOK/s4u3nwVg09XKc0c3PLELFCrHoRcj+p7Wh7RMAvzcG9Cg+ROqx01hyIMXR/kC
t01AnSLOjHf07JVhR3bW4KPMdwJ4zkCYmc/iMIssqte8dr2j29B6IMj8QmLE6bnB
nogQJ1KrGTv74A==
-----END CERTIFICATE-----