Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          Xk/b8UsGDzBXn8bkH6agi4mKybSaAwPjuGns7jePckI=
Subject key identifier:   84:6E:B1:1C:A9:1F:6F:3F:99:4F:83:76:EF:9C:61:30:B3:1E:11:2A
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       01923AA72B35D157D345D9D1E2F474B1E493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          0C23
Signing time:             Sat 28 Sep 2024 22:01:27 +0000
Manifest this update:     Sat 28 Sep 2024 22:01:27 +0000
Manifest next update:     Sun 29 Sep 2024 22:01:27 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: VfVhmjIFsOReL7LWVB4esuFyzDoAbBdQecW+olYnzlo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:3a:a7:2b:35:d1:57:d3:45:d9:d1:e2:f4:74:b1:e4:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Sep 28 22:01:27 2024 GMT
            Not After : Sep 29 22:01:27 2024 GMT
        Subject: CN=846eb11ca91f6f3f994f8376ef9c6130b31e112a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:bc:6c:7f:1c:1e:b3:9a:f0:73:07:f8:96:6e:
                    54:49:0f:ac:1d:5f:3b:d1:77:d6:b1:d8:55:92:07:
                    72:1e:b8:c3:3a:43:f3:fd:cc:e5:90:03:55:df:71:
                    39:98:bf:6c:ca:b8:0d:72:4f:7a:b9:ec:d6:cf:ce:
                    6d:a1:9b:c7:92:ef:86:a2:f9:af:6e:8f:09:3b:42:
                    ee:9f:bc:17:06:ce:74:0e:81:38:cf:fe:90:f2:95:
                    77:c0:bc:6a:f7:47:4d:b1:63:a8:6e:97:bc:19:b7:
                    0c:59:e7:24:e0:fe:ce:74:9d:fb:66:aa:23:9f:23:
                    c4:59:71:e7:9d:a9:19:92:54:01:f0:ef:cc:9e:12:
                    3f:23:33:16:c1:ef:fa:81:26:f8:c4:b9:10:22:dd:
                    33:60:82:89:1c:fb:7a:e1:87:0d:6c:d8:13:cf:79:
                    f0:a5:b5:81:f6:5e:6a:04:8e:c9:84:20:d7:70:f8:
                    03:52:2d:bb:b8:39:85:97:4b:c6:eb:8d:42:cc:0f:
                    0c:80:30:d9:30:34:b8:77:2b:4c:9b:39:4c:5f:1c:
                    11:72:6a:21:b2:38:16:91:6c:ef:02:f1:6c:06:28:
                    c0:ed:93:44:e6:f3:ee:e2:dc:fb:fb:e4:fa:ad:4c:
                    4d:8e:93:94:75:d7:d3:a2:ac:62:0b:a9:30:05:6c:
                    57:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6E:B1:1C:A9:1F:6F:3F:99:4F:83:76:EF:9C:61:30:B3:1E:11:2A
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:51:55:5d:e0:8d:e7:16:3e:17:cc:af:34:de:6e:8f:bc:d6:
         75:d5:68:91:74:68:92:a5:8d:72:4a:bb:a4:ea:bd:20:0a:c8:
         bf:84:c5:41:03:81:4c:be:1a:43:65:6c:df:73:55:5a:39:4a:
         84:ac:e6:e0:3d:8c:f2:b6:81:dd:29:81:27:4a:92:72:05:a2:
         94:5b:a4:71:f1:2a:82:8b:a9:12:cc:25:fd:7a:3e:b4:cc:80:
         d0:d3:36:82:2e:5e:92:7f:7c:d7:23:91:b2:63:73:dd:b9:fe:
         46:ee:f8:b6:55:5c:8e:31:8c:ba:75:ae:3b:64:b1:b2:51:ec:
         d7:1c:2f:23:90:30:d8:a9:41:73:a1:2f:56:da:05:07:ba:bb:
         e1:55:b3:44:63:b2:75:9d:27:f9:cc:c6:fd:0d:f1:d3:2f:64:
         86:3c:2b:e6:2f:c2:e6:ca:20:a3:b4:54:cd:08:97:b8:44:68:
         23:2c:2d:db:e8:95:95:29:20:f3:9a:1c:66:31:42:16:88:de:
         b1:15:26:03:bc:12:df:2b:88:ce:32:cc:83:2c:56:45:68:72:
         d1:cf:c0:61:b1:78:65:cd:00:70:e8:59:93:e7:e6:39:b7:37:
         0b:1e:48:94:70:ea:fc:eb:0e:66:7c:64:a8:0d:5e:ad:ec:84:
         59:25:35:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI6pys10VfTRdnR4vR0seSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjQwOTI4MjIwMTI3WhcNMjQwOTI5MjIwMTI3WjAzMTEwLwYDVQQD
Eyg4NDZlYjExY2E5MWY2ZjNmOTk0ZjgzNzZlZjljNjEzMGIzMWUxMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLxsfxwes5rwcwf4lm5USQ+sHV87
0XfWsdhVkgdyHrjDOkPz/czlkANV33E5mL9syrgNck96uezWz85toZvHku+Govmv
bo8JO0Lun7wXBs50DoE4z/6Q8pV3wLxq90dNsWOobpe8GbcMWeck4P7OdJ37Zqoj
nyPEWXHnnakZklQB8O/MnhI/IzMWwe/6gSb4xLkQIt0zYIKJHPt64YcNbNgTz3nw
pbWB9l5qBI7JhCDXcPgDUi27uDmFl0vG641CzA8MgDDZMDS4dytMmzlMXxwRcmoh
sjgWkWzvAvFsBijA7ZNE5vPu4tz7++T6rUxNjpOUddfToqxiC6kwBWxXmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRusRypH28/mU+Ddu+cYTCzHhEqMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ1FVXeCN
5xY+F8yvNN5uj7zWddVokXRokqWNckq7pOq9IArIv4TFQQOBTL4aQ2Vs33NVWjlK
hKzm4D2M8raB3SmBJ0qScgWilFukcfEqgoupEswl/Xo+tMyA0NM2gi5ekn981yOR
smNz3bn+Ru74tlVcjjGMunWuO2SxslHs1xwvI5Aw2KlBc6EvVtoFB7q74VWzRGOy
dZ0n+czG/Q3x0y9khjwr5i/C5sogo7RUzQiXuERoIywt2+iVlSkg85ocZjFCFoje
sRUmA7wS3yuIzjLMgyxWRWhy0c/AYbF4Zc0AcOhZk+fmObc3Cx5IlHDq/OsOZnxk
qA1ereyEWSU1Cg==
-----END CERTIFICATE-----