Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
File:                     GHRUZrThRoMLlit0kG2xxtCB_HA.mft (raw, json)
Hash identifier:          4v8FQoJsZb8NJ2JOlsm9UZFN3LkFKMCl7wtJImvHajI=
Subject key identifier:   40:4D:A2:05:0E:12:8E:03:1C:F5:78:B8:6A:61:61:DB:06:79:C8:28
Authority key identifier: 18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70
Certificate issuer:       /CN=18745466b4e146830b962b74906db1c6d081fc70
Certificate serial:       018F4079BAD24A34C0EAD5FE5F3D65FDCC63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
Manifest number:          1119
Signing time:             Fri 03 May 2024 22:01:10 +0000
Manifest this update:     Fri 03 May 2024 22:01:10 +0000
Manifest next update:     Sat 04 May 2024 22:01:10 +0000
Files and hashes:         1: GHRUZrThRoMLlit0kG2xxtCB_HA.crl (hash: QjqMH+EMFZXly/QkN6MSHRVJViIMy6zEt7SpA8WgdrI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:40:79:ba:d2:4a:34:c0:ea:d5:fe:5f:3d:65:fd:cc:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18745466b4e146830b962b74906db1c6d081fc70
        Validity
            Not Before: May  3 22:01:10 2024 GMT
            Not After : May  4 22:01:10 2024 GMT
        Subject: CN=404da2050e128e031cf578b86a6161db0679c828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:aa:49:d9:55:22:69:62:03:9b:e4:18:b4:9f:
                    a3:56:d7:92:d0:c4:33:36:72:a7:e4:1b:65:2b:b5:
                    53:42:28:81:6f:d9:2d:f4:6f:b3:70:90:08:e9:d1:
                    45:54:ae:cb:3a:a3:bb:90:17:2a:6a:bc:9a:94:32:
                    8d:1e:c1:d4:28:4e:f5:a9:de:e8:47:89:ee:be:1a:
                    74:0d:67:c5:42:0b:39:ce:f9:d2:6b:0c:11:f6:0e:
                    c5:7c:50:f8:25:71:ea:7d:c5:26:bc:f0:50:c5:51:
                    9d:93:07:6a:ee:33:00:bf:3a:29:50:a2:39:a3:bd:
                    f3:05:80:1a:ac:a7:55:15:87:56:bc:93:97:67:1f:
                    66:66:c4:ce:bb:00:08:88:53:29:41:a6:b7:95:bc:
                    36:3e:a4:14:c0:95:45:33:26:ab:b5:47:6f:67:f0:
                    b5:1e:b3:39:ea:60:35:99:c5:e5:27:62:c4:6e:9b:
                    d3:c1:ee:33:35:0a:0a:e6:f0:99:a1:e9:62:5e:7a:
                    48:d0:14:b1:19:22:2b:08:bd:42:81:ed:28:63:55:
                    15:3e:2a:54:5a:0c:eb:e8:97:22:f0:b9:b8:7f:a2:
                    ac:f1:e6:0a:9f:1b:bb:55:6d:29:f1:71:70:12:9f:
                    6f:89:bf:aa:28:fc:a7:28:a2:fd:e7:04:5b:9c:8c:
                    b0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:4D:A2:05:0E:12:8E:03:1C:F5:78:B8:6A:61:61:DB:06:79:C8:28
            X509v3 Authority Key Identifier:
                keyid:18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:38:eb:00:b8:b3:97:81:cb:b8:f3:88:7a:ec:0b:3a:a6:95:
         29:e5:f1:92:3d:d8:bc:34:b9:d2:e5:bb:04:dd:31:e3:b3:ad:
         94:c8:4c:48:bc:7a:71:b5:d2:86:26:d2:52:7e:1d:d2:23:d6:
         16:82:08:3f:a8:6a:f2:b3:50:c2:c4:f0:3f:27:99:ea:61:7e:
         70:42:7d:8c:5b:c0:d3:26:7a:c9:5c:15:82:44:aa:1e:d1:af:
         45:3f:d9:04:f1:81:da:dd:24:44:37:f1:09:e3:55:30:41:b2:
         1e:8b:6c:3d:c4:15:68:6e:83:cd:d6:ed:51:46:85:b1:73:7a:
         fb:46:3f:70:d1:e2:88:91:2d:11:43:01:26:5d:7b:34:2f:18:
         a1:eb:03:b2:68:cb:c4:bc:7d:25:3f:14:28:6a:8e:dc:6e:de:
         39:5f:af:96:60:0b:9e:90:3b:d1:cb:e6:f6:95:f2:34:d0:95:
         3b:6b:b7:ed:a4:f8:f1:02:0e:b0:25:60:2b:fc:f0:7b:f3:c1:
         c0:e4:4d:0b:79:68:4b:1a:4b:04:43:4e:f5:d7:b5:2e:2e:08:
         06:b0:47:69:11:a2:02:ab:53:4e:c6:de:0e:5a:9b:0c:0c:62:
         94:44:8c:41:6e:96:7e:7b:90:2d:2d:50:a3:b6:f1:ad:31:b7:
         71:23:61:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9AebrSSjTA6tX+Xz1l/cxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzQ1NDY2YjRlMTQ2ODMwYjk2MmI3NDkwNmRiMWM2ZDA4
MWZjNzAwHhcNMjQwNTAzMjIwMTEwWhcNMjQwNTA0MjIwMTEwWjAzMTEwLwYDVQQD
Eyg0MDRkYTIwNTBlMTI4ZTAzMWNmNTc4Yjg2YTYxNjFkYjA2NzljODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwapJ2VUiaWIDm+QYtJ+jVteS0MQz
NnKn5BtlK7VTQiiBb9kt9G+zcJAI6dFFVK7LOqO7kBcqaryalDKNHsHUKE71qd7o
R4nuvhp0DWfFQgs5zvnSawwR9g7FfFD4JXHqfcUmvPBQxVGdkwdq7jMAvzopUKI5
o73zBYAarKdVFYdWvJOXZx9mZsTOuwAIiFMpQaa3lbw2PqQUwJVFMyartUdvZ/C1
HrM56mA1mcXlJ2LEbpvTwe4zNQoK5vCZoeliXnpI0BSxGSIrCL1Cge0oY1UVPipU
Wgzr6Jci8Lm4f6Ks8eYKnxu7VW0p8XFwEp9vib+qKPynKKL95wRbnIywQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBNogUOEo4DHPV4uGphYdsGecgoMB8GA1UdIwQY
MBaAFBh0VGa04UaDC5YrdJBtscbQgfxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYt
ZjFmYzA1NDFjNjQ5LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYtZjFmYzA1NDFjNjQ5
LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARzjrALiz
l4HLuPOIeuwLOqaVKeXxkj3YvDS50uW7BN0x47OtlMhMSLx6cbXShibSUn4d0iPW
FoIIP6hq8rNQwsTwPyeZ6mF+cEJ9jFvA0yZ6yVwVgkSqHtGvRT/ZBPGB2t0kRDfx
CeNVMEGyHotsPcQVaG6DzdbtUUaFsXN6+0Y/cNHiiJEtEUMBJl17NC8YoesDsmjL
xLx9JT8UKGqO3G7eOV+vlmALnpA70cvm9pXyNNCVO2u37aT48QIOsCVgK/zwe/PB
wORNC3loSxpLBENO9de1Li4IBrBHaRGiAqtTTsbeDlqbDAxilESMQW6WfnuQLS1Q
o7bxrTG3cSNhCA==
-----END CERTIFICATE-----