Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
File:                     RUH1XBZZBCT7NMZeDi6sIogkcNs.mft (raw, json)
Hash identifier:          zUJZMnO/X6fWl/+c0Q5zsb28Te+tKjVBW4H8r9z9Pls=
Subject key identifier:   55:C4:A1:BA:15:5C:B7:91:C4:62:CA:A1:09:27:84:25:D5:C9:0E:95
Authority key identifier: 45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB
Certificate issuer:       /CN=4541f55c16590424fb34c65e0e2eac22882470db
Certificate serial:       01967FB3FE697BB2AC0DFEEC442000FBB8C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
Manifest number:          0554
Signing time:             Tue 29 Apr 2025 04:00:24 +0000
Manifest this update:     Tue 29 Apr 2025 04:00:24 +0000
Manifest next update:     Wed 30 Apr 2025 04:00:24 +0000
Files and hashes:         1: RUH1XBZZBCT7NMZeDi6sIogkcNs.crl (hash: HSgtlX1edpmNWwandap9F+1UUmJKPENYC6Dn982OjyA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:b3:fe:69:7b:b2:ac:0d:fe:ec:44:20:00:fb:b8:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4541f55c16590424fb34c65e0e2eac22882470db
        Validity
            Not Before: Apr 29 04:00:24 2025 GMT
            Not After : Apr 30 04:00:24 2025 GMT
        Subject: CN=55c4a1ba155cb791c462caa109278425d5c90e95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:94:f5:41:10:33:d0:65:71:07:55:38:96:34:
                    aa:95:8c:5f:89:11:54:42:1f:ae:21:58:f0:f3:08:
                    79:4a:2d:da:81:89:17:d8:05:d0:3a:38:ec:c7:b3:
                    43:6a:e4:3d:5c:00:3f:a5:bd:4b:98:6e:0f:43:74:
                    12:24:bb:42:cf:bf:88:44:58:24:cd:3f:be:27:1a:
                    5e:9a:be:fc:6e:71:cf:a3:4b:6c:0c:6a:9a:fb:7b:
                    a3:29:ea:a9:87:ec:25:06:10:12:78:8a:d5:64:f1:
                    3b:79:d3:52:97:28:dc:50:87:9b:c2:90:5c:b2:b8:
                    f1:b7:69:d6:dc:d2:2d:11:52:a6:5d:0c:da:cc:42:
                    be:7f:39:6d:03:73:0c:4c:48:bc:52:56:f4:69:3e:
                    b9:a1:41:38:96:1b:74:a7:49:fa:42:1d:f3:71:51:
                    1d:28:6b:93:31:5a:cb:01:fc:54:a8:f6:23:03:67:
                    37:c5:0f:08:09:ff:d6:20:fb:5e:e7:8a:e8:f8:58:
                    b9:f5:31:47:49:0f:23:68:e7:63:25:d8:15:3b:8d:
                    f7:d4:60:ce:48:b0:ac:9b:1c:d4:76:a4:76:b5:01:
                    26:d9:c1:58:bb:f0:bd:3f:c7:6c:36:be:c0:20:21:
                    8d:2d:dd:89:18:c3:6a:8a:61:4e:7d:1e:07:2b:44:
                    85:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C4:A1:BA:15:5C:B7:91:C4:62:CA:A1:09:27:84:25:D5:C9:0E:95
            X509v3 Authority Key Identifier:
                keyid:45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:7c:82:e5:b9:dd:5b:28:e0:07:45:23:a5:f7:32:f5:82:a2:
         a2:78:ee:d8:80:d8:48:cc:c7:44:bd:8b:8f:7b:23:a7:75:ff:
         3d:ae:d2:a4:35:67:28:21:0d:d5:88:e7:5b:17:e9:a7:ab:6a:
         c7:42:e4:93:2c:f4:11:2a:53:a9:c2:32:c3:be:aa:bb:8a:6a:
         a1:5e:f5:4c:90:ba:43:b4:45:7b:52:37:57:ae:42:5f:51:02:
         54:7b:6d:12:1f:2b:2b:83:6d:87:e7:bf:72:52:7d:28:21:84:
         4d:4f:ac:fc:74:ae:db:1f:ed:dc:04:0b:21:a9:e4:85:43:5f:
         0d:4b:46:e0:85:a4:e7:9c:fb:0e:ed:cd:f4:06:6a:0d:ce:6a:
         79:61:18:25:2f:8b:f4:ac:e3:56:a6:82:e3:b7:0e:c5:99:09:
         3f:44:ed:ba:65:2d:19:67:6c:8b:bd:10:13:55:b6:6f:4c:50:
         73:c6:52:f1:c3:ac:c7:99:60:9d:a0:87:44:94:da:39:5d:57:
         b0:71:69:50:b9:29:c4:ba:98:69:ba:06:d6:c1:91:53:cd:86:
         71:cb:94:96:dc:c2:89:a2:15:f1:99:41:03:1e:36:fc:11:3a:
         c4:a6:02:a3:db:e0:a8:1d:65:bd:72:73:3b:ea:bc:1f:4f:52:
         1a:df:c8:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/s/5pe7KsDf7sRCAA+7jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDFmNTVjMTY1OTA0MjRmYjM0YzY1ZTBlMmVhYzIyODgy
NDcwZGIwHhcNMjUwNDI5MDQwMDI0WhcNMjUwNDMwMDQwMDI0WjAzMTEwLwYDVQQD
Eyg1NWM0YTFiYTE1NWNiNzkxYzQ2MmNhYTEwOTI3ODQyNWQ1YzkwZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppT1QRAz0GVxB1U4ljSqlYxfiRFU
Qh+uIVjw8wh5Si3agYkX2AXQOjjsx7NDauQ9XAA/pb1LmG4PQ3QSJLtCz7+IRFgk
zT++Jxpemr78bnHPo0tsDGqa+3ujKeqph+wlBhASeIrVZPE7edNSlyjcUIebwpBc
srjxt2nW3NItEVKmXQzazEK+fzltA3MMTEi8Ulb0aT65oUE4lht0p0n6Qh3zcVEd
KGuTMVrLAfxUqPYjA2c3xQ8ICf/WIPte54ro+Fi59TFHSQ8jaOdjJdgVO4331GDO
SLCsmxzUdqR2tQEm2cFYu/C9P8dsNr7AICGNLd2JGMNqimFOfR4HK0SFowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXEoboVXLeRxGLKoQknhCXVyQ6VMB8GA1UdIwQY
MBaAFEVB9VwWWQQk+zTGXg4urCKIJHDbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQt
Nzg5ZDA3YzE5ODA4LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQtNzg5ZDA3YzE5ODA4
LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnyC5bnd
WyjgB0Ujpfcy9YKionju2IDYSMzHRL2Lj3sjp3X/Pa7SpDVnKCEN1YjnWxfpp6tq
x0Lkkyz0ESpTqcIyw76qu4pqoV71TJC6Q7RFe1I3V65CX1ECVHttEh8rK4Nth+e/
clJ9KCGETU+s/HSu2x/t3AQLIankhUNfDUtG4IWk55z7Du3N9AZqDc5qeWEYJS+L
9KzjVqaC47cOxZkJP0TtumUtGWdsi70QE1W2b0xQc8ZS8cOsx5lgnaCHRJTaOV1X
sHFpULkpxLqYaboG1sGRU82GccuUltzCiaIV8ZlBAx42/BE6xKYCo9vgqB1lvXJz
O+q8H09SGt/IqA==
-----END CERTIFICATE-----