Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          96wSKeVMGdT8C7VK0jJU2FuZqHanN9LhV+/kdRtCKgM=
Subject key identifier:   E9:36:71:4A:B1:D3:9E:69:0A:9B:3F:D1:EF:FC:47:FD:76:1E:F9:EE
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       018F85C84488CEE5EB93392705AE05C1F211
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0148
Signing time:             Fri 17 May 2024 09:00:45 +0000
Manifest this update:     Fri 17 May 2024 09:00:45 +0000
Manifest next update:     Sat 18 May 2024 09:00:45 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: wS+dCSoXeE2BluOhSUsIDyZSy0DsFrAutoZxncRCPV8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 09:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:85:c8:44:88:ce:e5:eb:93:39:27:05:ae:05:c1:f2:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: May 17 09:00:45 2024 GMT
            Not After : May 18 09:00:45 2024 GMT
        Subject: CN=e936714ab1d39e690a9b3fd1effc47fd761ef9ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9a:e2:d9:20:44:15:25:02:ef:e8:8f:1e:e4:
                    c6:3b:a8:7d:11:fa:e8:ac:56:bd:b0:cc:3e:d1:26:
                    96:4c:52:44:5f:53:f8:95:a2:da:1c:80:a7:f1:a8:
                    09:06:f6:73:02:6d:80:e3:19:49:30:4c:04:d3:93:
                    c1:54:6d:07:a0:2e:c7:c2:9f:9e:c8:71:49:14:5b:
                    2d:3c:24:9d:75:bf:8f:83:66:7d:0b:9f:57:07:cc:
                    26:f3:b8:0a:77:b3:c5:8d:d0:95:71:f3:d0:6e:af:
                    00:72:3a:e0:0c:19:ac:66:85:5e:7f:45:b4:4b:82:
                    7f:56:b2:e9:53:cd:8d:1e:28:ba:db:d6:47:3e:38:
                    a8:ba:a7:12:fd:54:3f:a3:b8:fb:0b:7c:84:66:db:
                    6b:e4:33:7f:8a:71:53:ef:20:70:2e:10:92:86:d6:
                    fb:6d:cc:0d:93:64:94:31:46:3c:b2:58:33:6f:02:
                    e2:56:bc:51:a0:30:eb:30:77:44:68:27:fe:53:72:
                    4e:e8:06:98:68:7c:ae:8b:80:1e:08:14:ea:37:35:
                    f0:77:4d:20:e9:98:83:0e:1f:98:32:77:d5:f5:42:
                    4e:68:0b:42:12:61:73:e9:7d:c6:15:42:01:c7:bb:
                    1b:c0:13:00:fd:65:cb:54:4a:0b:f0:11:65:79:4a:
                    b8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:36:71:4A:B1:D3:9E:69:0A:9B:3F:D1:EF:FC:47:FD:76:1E:F9:EE
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:10:87:10:f7:97:18:f7:55:00:5b:31:cb:90:fe:35:60:b3:
         95:db:01:fa:f6:86:2b:4e:7b:c2:76:d8:95:43:28:f0:36:df:
         4c:3a:3c:18:f0:22:1e:db:8d:0d:08:9c:0b:b3:ba:e1:c7:cc:
         6a:25:ee:bb:41:10:a1:81:92:49:78:16:56:6a:ff:b5:28:4a:
         c3:f1:30:da:83:1f:30:c9:70:ee:d9:8a:0c:01:d9:f1:a6:2f:
         99:cc:2a:3a:8c:72:76:3d:86:b9:45:5f:fa:18:e9:20:0e:2a:
         81:0b:3f:65:0b:91:82:73:6c:db:31:c6:81:5b:3d:6c:62:c2:
         5a:38:d4:79:ea:b4:20:4f:c1:ae:dc:d0:8a:e5:d4:0d:12:e3:
         51:a9:65:7d:81:6e:6f:0f:c4:fa:84:0e:d1:67:3c:69:43:68:
         74:de:51:66:4d:11:59:b9:9c:49:9f:77:23:e5:1c:cf:07:3d:
         47:97:58:ed:c6:f3:3a:aa:c0:c7:95:c6:46:d8:20:4b:eb:8f:
         c2:b1:02:12:c9:9d:b6:cb:06:45:35:90:01:e6:6b:f9:e8:2f:
         1a:b3:4c:be:be:85:24:ff:e6:ba:4c:bb:74:83:9a:6e:6c:c8:
         07:75:5d:19:d7:a1:4b:9e:bb:b3:4d:9a:58:b8:eb:a0:80:ec:
         ed:94:b8:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+FyESIzuXrkzknBa4FwfIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjQwNTE3MDkwMDQ1WhcNMjQwNTE4MDkwMDQ1WjAzMTEwLwYDVQQD
EyhlOTM2NzE0YWIxZDM5ZTY5MGE5YjNmZDFlZmZjNDdmZDc2MWVmOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5ri2SBEFSUC7+iPHuTGO6h9Efro
rFa9sMw+0SaWTFJEX1P4laLaHICn8agJBvZzAm2A4xlJMEwE05PBVG0HoC7Hwp+e
yHFJFFstPCSddb+Pg2Z9C59XB8wm87gKd7PFjdCVcfPQbq8AcjrgDBmsZoVef0W0
S4J/VrLpU82NHii629ZHPjiouqcS/VQ/o7j7C3yEZttr5DN/inFT7yBwLhCShtb7
bcwNk2SUMUY8slgzbwLiVrxRoDDrMHdEaCf+U3JO6AaYaHyui4AeCBTqNzXwd00g
6ZiDDh+YMnfV9UJOaAtCEmFz6X3GFUIBx7sbwBMA/WXLVEoL8BFleUq40wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk2cUqx055pCps/0e/8R/12HvnuMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATRCHEPeX
GPdVAFsxy5D+NWCzldsB+vaGK057wnbYlUMo8DbfTDo8GPAiHtuNDQicC7O64cfM
aiXuu0EQoYGSSXgWVmr/tShKw/Ew2oMfMMlw7tmKDAHZ8aYvmcwqOoxydj2GuUVf
+hjpIA4qgQs/ZQuRgnNs2zHGgVs9bGLCWjjUeeq0IE/BrtzQiuXUDRLjUallfYFu
bw/E+oQO0Wc8aUNodN5RZk0RWbmcSZ93I+Uczwc9R5dY7cbzOqrAx5XGRtggS+uP
wrECEsmdtssGRTWQAeZr+egvGrNMvr6FJP/muky7dIOabmzIB3VdGdehS567s02a
WLjroIDs7ZS4AA==
-----END CERTIFICATE-----