Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          +lTX224Wg+xUBIO09KnSMx32dn03/gKjnzuFJgX7RtE=
Subject key identifier:   0E:9A:0A:B8:43:13:19:CF:57:DB:06:C4:A8:DD:40:8F:BC:9A:46:8D
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       019369DA53BF8F5AB31FEB8AE636CC161AF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          0CC0
Signing time:             Tue 26 Nov 2024 19:02:16 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:16 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:16 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: YYwkmH0rRElMKaQEmG2MPPY1UkOAcTAtV+eL9t4UuzI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:53:bf:8f:5a:b3:1f:eb:8a:e6:36:cc:16:1a:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Nov 26 19:02:16 2024 GMT
            Not After : Nov 27 19:02:16 2024 GMT
        Subject: CN=0e9a0ab8431319cf57db06c4a8dd408fbc9a468d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:38:eb:da:2a:f1:53:02:f4:6b:e6:d2:94:1b:
                    65:29:6c:d2:8b:92:c4:57:5b:5d:64:4f:4e:05:a0:
                    ea:f4:50:d2:1d:12:07:c5:3b:94:39:2f:33:c3:e1:
                    d4:b6:ba:97:96:79:59:10:3b:7e:b2:7b:1b:0f:e0:
                    6a:72:f6:8a:5c:b6:49:5b:0f:98:cb:e6:38:aa:fe:
                    61:dc:6a:50:4a:9f:fd:2a:01:78:c3:4a:5f:14:11:
                    62:47:82:8f:8c:c2:50:4a:5b:bf:97:5f:01:c5:b2:
                    4f:e7:e9:e4:da:9a:55:30:a7:42:80:cd:0a:dc:7d:
                    d9:be:4e:ae:4d:5b:fa:4f:c4:ad:eb:50:35:7d:d5:
                    44:69:65:69:fe:4b:46:b9:4d:d6:5e:14:89:03:bd:
                    87:af:31:3c:db:41:4d:20:e0:aa:17:2c:58:83:69:
                    28:41:82:d7:2c:d3:d4:d4:56:76:4f:af:34:fe:cb:
                    63:2d:11:96:62:74:a0:5c:f5:c5:99:a6:20:e9:10:
                    fc:de:1f:34:3c:81:d2:93:a7:a7:a0:14:0a:1c:96:
                    3b:4c:87:f1:c0:96:de:6d:c0:15:13:ae:8e:c2:48:
                    9a:4e:05:ad:a2:ca:2b:a2:da:40:d9:82:5c:93:22:
                    07:d4:38:55:61:29:1d:ca:d4:73:66:06:eb:e7:1c:
                    a6:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:9A:0A:B8:43:13:19:CF:57:DB:06:C4:A8:DD:40:8F:BC:9A:46:8D
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:aa:69:d4:93:7e:ad:03:d7:ca:d7:c5:52:bf:2e:fa:d2:97:
         38:7f:ff:36:69:1e:c5:7e:30:fc:00:bd:3b:c7:6c:d5:e9:cb:
         10:66:18:bd:ec:0e:74:74:8b:56:09:83:1c:03:18:76:4e:a7:
         22:49:5a:0e:74:bd:e0:9d:05:85:c8:f6:3a:78:1e:d6:d2:5b:
         66:35:ad:72:d1:5e:89:aa:03:73:92:49:f5:75:65:7e:f8:17:
         ce:91:99:7a:c4:b2:50:b7:8d:ed:a8:74:5c:e9:cb:ed:94:55:
         fb:6c:27:99:99:ed:ae:47:f2:5a:db:db:a9:a3:b3:80:94:a5:
         0d:11:7f:3a:37:e2:94:36:09:e2:b0:6c:53:9e:1d:20:8a:73:
         b7:cb:a4:a6:e6:d0:15:15:e8:18:20:a7:d7:b9:6e:dc:68:1c:
         aa:83:a9:92:0a:58:97:b2:09:5c:17:fb:9b:b1:4c:ba:17:e4:
         5a:2f:b0:99:ff:52:d9:49:5f:10:f1:a4:e8:12:de:11:13:57:
         10:c9:a2:48:0d:b8:f6:98:92:02:71:a2:a2:e6:dc:54:a7:01:
         83:64:33:38:3a:37:45:92:dc:9d:f4:23:ff:b8:38:82:f6:49:
         58:8c:6b:67:56:61:bf:86:a8:7b:5e:b9:23:2a:0f:12:7a:d4:
         fa:ca:76:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2lO/j1qzH+uK5jbMFhr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjQxMTI2MTkwMjE2WhcNMjQxMTI3MTkwMjE2WjAzMTEwLwYDVQQD
EygwZTlhMGFiODQzMTMxOWNmNTdkYjA2YzRhOGRkNDA4ZmJjOWE0NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjjr2irxUwL0a+bSlBtlKWzSi5LE
V1tdZE9OBaDq9FDSHRIHxTuUOS8zw+HUtrqXlnlZEDt+snsbD+BqcvaKXLZJWw+Y
y+Y4qv5h3GpQSp/9KgF4w0pfFBFiR4KPjMJQSlu/l18BxbJP5+nk2ppVMKdCgM0K
3H3Zvk6uTVv6T8St61A1fdVEaWVp/ktGuU3WXhSJA72HrzE820FNIOCqFyxYg2ko
QYLXLNPU1FZ2T680/stjLRGWYnSgXPXFmaYg6RD83h80PIHSk6enoBQKHJY7TIfx
wJbebcAVE66OwkiaTgWtosorotpA2YJckyIH1DhVYSkdytRzZgbr5xym+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6aCrhDExnPV9sGxKjdQI+8mkaNMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu6pp1JN+
rQPXytfFUr8u+tKXOH//NmkexX4w/AC9O8ds1enLEGYYvewOdHSLVgmDHAMYdk6n
IklaDnS94J0Fhcj2Onge1tJbZjWtctFeiaoDc5JJ9XVlfvgXzpGZesSyULeN7ah0
XOnL7ZRV+2wnmZntrkfyWtvbqaOzgJSlDRF/OjfilDYJ4rBsU54dIIpzt8ukpubQ
FRXoGCCn17lu3GgcqoOpkgpYl7IJXBf7m7FMuhfkWi+wmf9S2UlfEPGk6BLeERNX
EMmiSA249piSAnGioubcVKcBg2QzODo3RZLcnfQj/7g4gvZJWIxrZ1Zhv4aoe165
IyoPEnrU+sp2Mg==
-----END CERTIFICATE-----