Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          Nc46a2BXXLUFYU1cmmKunCTt7q6RoGBqUzodO16ZzsU=
Subject key identifier:   7D:2F:6A:47:3F:A1:E8:FD:CB:4F:31:77:30:DD:29:54:48:17:57:F2
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       0192EFF7520CF9B163A4ADBDAE4987C233BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          0170
Signing time:             Sun 03 Nov 2024 03:00:15 +0000
Manifest this update:     Sun 03 Nov 2024 03:00:15 +0000
Manifest next update:     Mon 04 Nov 2024 03:00:15 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: LaBXGZdzhF0bQ+2dmUJyxW3ZD7qsemdfwwafeGjj3cQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 03:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:ef:f7:52:0c:f9:b1:63:a4:ad:bd:ae:49:87:c2:33:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Nov  3 03:00:15 2024 GMT
            Not After : Nov  4 03:00:15 2024 GMT
        Subject: CN=7d2f6a473fa1e8fdcb4f317730dd2954481757f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ec:85:63:94:c5:0a:38:85:08:7f:07:d9:b7:
                    49:a9:a5:86:87:ad:7b:cf:8d:54:82:1b:fd:2f:ca:
                    bb:3b:42:c2:3b:14:8b:e4:a3:27:76:65:d5:3f:58:
                    bf:cc:b1:3f:9a:cc:8c:f2:6a:ee:8c:0d:39:a2:0f:
                    79:30:5c:52:3f:a9:98:49:81:f5:ad:53:b8:b7:e0:
                    90:8e:c8:eb:e6:cd:5f:1d:42:53:a7:2c:39:9d:3f:
                    b3:8f:50:b2:4b:a5:a1:64:8f:37:41:cd:1a:b3:e6:
                    a4:b9:5f:ed:95:ff:3f:24:af:f5:cf:94:7f:c1:53:
                    f2:41:cb:1f:7f:80:71:af:a6:e2:55:4f:d0:28:81:
                    ba:b9:fd:39:ec:57:95:7b:c1:d7:0e:13:9b:3b:3e:
                    76:3d:be:38:f6:04:62:37:08:b3:3d:f3:d1:32:d2:
                    ae:2b:dd:37:20:8c:bf:ac:0b:d7:10:b1:7a:1d:c0:
                    68:54:70:a1:98:8d:14:be:9e:f9:a4:5f:6b:f8:be:
                    4e:e1:99:79:27:e8:2e:57:d1:a9:0d:52:e2:5b:d2:
                    71:06:aa:36:3a:96:e6:59:a4:64:d8:bf:a7:cb:fb:
                    1b:39:75:3e:ec:17:b0:66:bd:61:86:0c:60:ec:94:
                    91:4b:01:93:a4:4f:57:0f:6e:17:6d:2d:e0:44:3e:
                    cb:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2F:6A:47:3F:A1:E8:FD:CB:4F:31:77:30:DD:29:54:48:17:57:F2
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:eb:a0:45:75:37:dd:59:e4:a1:54:e0:8a:84:10:3b:aa:79:
         73:59:a3:01:3f:b6:f2:cc:32:7f:f8:4b:0c:d5:21:1d:29:4c:
         fb:53:5d:39:dc:1b:c2:86:d4:3e:63:58:82:48:c9:09:99:3c:
         39:4a:56:61:95:29:07:bf:c0:0d:b1:46:dc:ba:88:5e:60:23:
         dd:1d:b4:14:f0:d2:14:2e:01:00:12:43:73:43:36:db:23:5e:
         1b:30:e7:e4:bf:01:4c:18:76:77:b8:df:93:b6:10:1d:42:1d:
         2f:7c:e8:95:0e:57:9e:11:a6:95:a3:cb:eb:4c:ac:57:ea:f6:
         44:7e:87:bd:75:d3:c1:dd:28:a4:0e:80:89:06:f1:f9:20:fd:
         68:3b:a4:69:46:5a:c4:c4:96:61:1d:37:df:bb:67:01:b6:41:
         9b:86:0a:9f:18:b9:83:17:8e:9d:6d:ec:ba:02:33:a5:85:4f:
         3c:3f:ab:23:fb:49:06:2d:3c:3c:4e:b3:1a:11:ee:48:31:a3:
         5a:50:13:66:46:1a:c3:fe:bd:4e:bb:b4:fe:be:2b:23:01:bb:
         4a:0f:10:e4:e8:15:2b:1e:ed:12:7d:75:df:81:70:37:01:30:
         e5:41:91:f8:a7:ab:ef:59:dc:73:2c:d7:3f:13:b3:f5:4a:83:
         89:67:95:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZLv91IM+bFjpK29rkmHwjO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjQxMTAzMDMwMDE1WhcNMjQxMTA0MDMwMDE1WjAzMTEwLwYDVQQD
Eyg3ZDJmNmE0NzNmYTFlOGZkY2I0ZjMxNzczMGRkMjk1NDQ4MTc1N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+yFY5TFCjiFCH8H2bdJqaWGh617
z41Ughv9L8q7O0LCOxSL5KMndmXVP1i/zLE/msyM8mrujA05og95MFxSP6mYSYH1
rVO4t+CQjsjr5s1fHUJTpyw5nT+zj1CyS6WhZI83Qc0as+akuV/tlf8/JK/1z5R/
wVPyQcsff4Bxr6biVU/QKIG6uf057FeVe8HXDhObOz52Pb449gRiNwizPfPRMtKu
K903IIy/rAvXELF6HcBoVHChmI0Uvp75pF9r+L5O4Zl5J+guV9GpDVLiW9JxBqo2
OpbmWaRk2L+ny/sbOXU+7BewZr1hhgxg7JSRSwGTpE9XD24XbS3gRD7LSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0vakc/oej9y08xdzDdKVRIF1fyMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMeugRXU3
3VnkoVTgioQQO6p5c1mjAT+28swyf/hLDNUhHSlM+1NdOdwbwobUPmNYgkjJCZk8
OUpWYZUpB7/ADbFG3LqIXmAj3R20FPDSFC4BABJDc0M22yNeGzDn5L8BTBh2d7jf
k7YQHUIdL3zolQ5XnhGmlaPL60ysV+r2RH6HvXXTwd0opA6AiQbx+SD9aDukaUZa
xMSWYR0337tnAbZBm4YKnxi5gxeOnW3sugIzpYVPPD+rI/tJBi08PE6zGhHuSDGj
WlATZkYaw/69Tru0/r4rIwG7Sg8Q5OgVKx7tEn1134FwNwEw5UGR+Ker71nccyzX
PxOz9UqDiWeV2Q==
-----END CERTIFICATE-----
Generated at Sun Nov 3 10:43:06 2024 by rpki-client on console-fra.rpki-client.org