Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          jm2y3GisVMozlAgY6D5F6BOnZn6mTdwEygDKLVPPa6M=
Subject key identifier:   AF:A2:98:32:A7:BE:30:2C:E0:6B:99:73:CA:A8:C0:A2:0F:E4:55:56
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       01968580103B10374522005795B2D31BE448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          03B8
Signing time:             Wed 30 Apr 2025 07:01:24 +0000
Manifest this update:     Wed 30 Apr 2025 07:01:24 +0000
Manifest next update:     Thu 01 May 2025 07:01:24 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: 3dOhKLn8746ewwCOn4Sf6XzMJObGdFiGaTPU2HDHpPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:80:10:3b:10:37:45:22:00:57:95:b2:d3:1b:e4:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Apr 30 07:01:24 2025 GMT
            Not After : May  1 07:01:24 2025 GMT
        Subject: CN=afa29832a7be302ce06b9973caa8c0a20fe45556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c4:d6:33:86:26:d2:a6:c7:9f:1a:48:5b:f0:
                    c2:a0:67:b7:cb:0f:da:dc:bf:5d:d6:6c:23:ce:fe:
                    88:1c:43:04:e0:db:b8:38:bb:ce:bc:28:9a:6c:cc:
                    74:7c:cf:9b:c9:d2:a1:a2:a8:2e:f0:9a:04:cd:d3:
                    ae:f3:8e:eb:f9:51:94:04:74:1b:84:3b:7f:0c:c9:
                    9f:7a:e4:20:5c:c6:b4:42:2b:85:b8:33:84:07:75:
                    bd:06:98:70:5b:e6:36:f9:0e:e4:ea:27:5a:5e:30:
                    43:f4:b2:c2:22:c7:bf:9a:74:48:b3:58:12:b8:a8:
                    79:c8:a7:59:86:bf:b8:5a:fd:d9:b5:96:8f:99:e6:
                    3f:87:7b:e7:79:f8:03:30:b1:1b:1b:9b:dc:0a:12:
                    86:e3:26:c5:a8:e6:66:ee:8c:41:75:6c:cf:c2:11:
                    25:ef:4e:32:7f:d6:b7:3c:0a:60:3e:d6:07:7e:df:
                    5c:9a:a6:4d:6a:30:d4:50:46:50:c0:7b:54:79:29:
                    37:04:0b:c8:a3:e9:3f:bd:17:df:c9:64:15:76:95:
                    e7:92:6d:dd:bc:da:25:f9:bf:c8:6c:24:9e:0c:0a:
                    52:36:11:ac:b7:f2:59:5a:57:ea:ba:0a:1e:21:e7:
                    69:c7:8c:ce:0e:e6:2c:b6:54:7a:9b:77:b7:ca:14:
                    00:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:A2:98:32:A7:BE:30:2C:E0:6B:99:73:CA:A8:C0:A2:0F:E4:55:56
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:f8:9c:43:65:ed:2a:e5:b3:3b:12:7a:13:5e:e2:e7:d7:11:
         c8:0c:52:e4:c3:03:39:88:96:09:88:2f:ea:01:d4:a5:c8:c4:
         10:b8:79:fe:70:d9:a8:2d:ca:61:5d:4e:d6:41:6f:9b:bb:2a:
         a5:40:b8:44:8e:a9:23:f8:1e:5f:f0:b8:29:06:bc:bd:ce:d2:
         4f:c9:8a:dc:5d:d9:3f:14:b2:7e:9f:25:2c:91:02:05:16:53:
         57:02:b2:d3:e0:fa:ac:6b:42:d0:d7:aa:e5:76:71:fa:5e:6a:
         0f:bf:d4:0d:ef:81:a2:90:89:68:42:99:6b:82:47:9b:70:77:
         b7:33:f9:14:76:55:37:95:a8:cc:ef:5f:3f:8f:8f:90:d1:01:
         d5:a0:36:a4:8d:7e:d6:5e:81:d3:dc:8c:f9:fb:65:92:48:9a:
         ab:66:0c:d0:33:68:6a:be:45:9c:0f:c3:5b:88:11:20:59:a0:
         fd:64:ce:03:ba:e5:3a:fd:1d:25:10:ed:e0:8b:8a:a9:e7:fe:
         b6:78:6f:6f:6a:a5:ab:4a:7e:98:cb:c3:24:7b:0d:23:a2:28:
         2f:a6:2c:50:39:1f:52:4d:4d:14:33:6e:b0:29:e7:20:ab:2e:
         ee:09:f7:0a:93:fc:18:ce:bf:02:b6:e2:e1:8a:d0:52:41:71:
         78:a0:19:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFgBA7EDdFIgBXlbLTG+RIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUwNDMwMDcwMTI0WhcNMjUwNTAxMDcwMTI0WjAzMTEwLwYDVQQD
EyhhZmEyOTgzMmE3YmUzMDJjZTA2Yjk5NzNjYWE4YzBhMjBmZTQ1NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8TWM4Ym0qbHnxpIW/DCoGe3yw/a
3L9d1mwjzv6IHEME4Nu4OLvOvCiabMx0fM+bydKhoqgu8JoEzdOu847r+VGUBHQb
hDt/DMmfeuQgXMa0QiuFuDOEB3W9BphwW+Y2+Q7k6idaXjBD9LLCIse/mnRIs1gS
uKh5yKdZhr+4Wv3ZtZaPmeY/h3vnefgDMLEbG5vcChKG4ybFqOZm7oxBdWzPwhEl
704yf9a3PApgPtYHft9cmqZNajDUUEZQwHtUeSk3BAvIo+k/vRffyWQVdpXnkm3d
vNol+b/IbCSeDApSNhGst/JZWlfqugoeIedpx4zODuYstlR6m3e3yhQA4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+imDKnvjAs4GuZc8qowKIP5FVWMB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvicQ2Xt
KuWzOxJ6E17i59cRyAxS5MMDOYiWCYgv6gHUpcjEELh5/nDZqC3KYV1O1kFvm7sq
pUC4RI6pI/geX/C4KQa8vc7ST8mK3F3ZPxSyfp8lLJECBRZTVwKy0+D6rGtC0Neq
5XZx+l5qD7/UDe+BopCJaEKZa4JHm3B3tzP5FHZVN5WozO9fP4+PkNEB1aA2pI1+
1l6B09yM+ftlkkiaq2YM0DNoar5FnA/DW4gRIFmg/WTOA7rlOv0dJRDt4IuKqef+
tnhvb2qlq0p+mMvDJHsNI6IoL6YsUDkfUk1NFDNusCnnIKsu7gn3CpP8GM6/Arbi
4YrQUkFxeKAZUg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 09:29:30 2025 by rpki-client