Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          pnQaO+HcAk9t9rEot8uLIMYDwruOaiijZXJNTSbMv0o=
Subject key identifier:   92:FC:59:BC:6D:12:FE:01:5C:88:42:B0:BB:62:E8:2B:85:6E:BF:BF
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       01968210ED90E860FD393F4BEF8BFFC3F880
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          08BC
Signing time:             Tue 29 Apr 2025 15:01:09 +0000
Manifest this update:     Tue 29 Apr 2025 15:01:09 +0000
Manifest next update:     Wed 30 Apr 2025 15:01:09 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: ffTXoFQ8EX68Z/TvGiJfNau3S65T8zqnGE+oh5410b0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:10:ed:90:e8:60:fd:39:3f:4b:ef:8b:ff:c3:f8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Apr 29 15:01:09 2025 GMT
            Not After : Apr 30 15:01:09 2025 GMT
        Subject: CN=92fc59bc6d12fe015c8842b0bb62e82b856ebfbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:90:aa:3e:32:97:c8:47:87:43:9a:b0:3a:e5:
                    b5:46:c9:fc:2a:4d:da:cf:ae:17:a9:37:06:47:09:
                    df:b3:b9:22:a2:39:90:2d:18:63:06:34:ab:a2:90:
                    f4:9f:00:d5:4f:07:b6:15:3c:e7:c5:28:77:63:be:
                    32:69:c5:9a:5a:42:00:c6:3c:e0:0e:67:4e:26:e3:
                    f5:91:d6:e2:ec:be:05:09:37:75:c1:72:8f:8f:8b:
                    e5:65:aa:f4:d4:c7:0f:6e:ff:82:5a:6b:65:b9:1c:
                    76:99:21:66:8f:7d:2d:e2:46:ad:41:30:2a:06:05:
                    65:f2:57:8c:58:4e:56:1d:e3:66:6a:b2:6d:f6:21:
                    89:07:be:78:85:11:56:d5:e0:20:77:99:e1:90:ae:
                    f1:65:ce:0e:0f:15:28:60:bc:ae:6a:d4:68:0e:af:
                    c5:02:b2:78:6e:4e:3a:22:be:6a:38:65:07:35:e1:
                    68:af:d0:b6:8a:00:92:40:a3:80:85:f2:d6:62:bd:
                    e0:61:2e:77:7f:3e:72:41:9b:cc:79:b9:fc:ab:56:
                    f1:86:22:93:b1:96:09:43:69:5f:88:7a:33:84:3f:
                    7e:e0:b4:2d:20:4d:b3:d2:d1:f9:5a:31:f7:97:7b:
                    bf:e2:70:18:28:37:96:c3:cb:bd:c4:c1:09:b7:81:
                    13:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:FC:59:BC:6D:12:FE:01:5C:88:42:B0:BB:62:E8:2B:85:6E:BF:BF
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:a0:00:4a:b8:b1:36:cf:45:45:24:cd:b3:3c:07:98:1a:ac:
         e9:b5:10:9d:a6:67:9f:bd:37:2a:67:b6:0d:8e:f0:e6:a6:f2:
         c3:90:7b:d6:43:0b:bb:c2:e3:e5:2f:de:02:63:8f:ec:1e:f7:
         f1:46:ef:fd:93:e6:2c:ba:3f:3a:7c:3a:8e:36:9b:86:f2:02:
         6f:e7:96:ab:40:ed:1a:03:66:25:c5:aa:92:0d:80:33:19:d1:
         41:cd:e8:99:7e:3f:43:b7:cb:cf:b0:4c:be:d3:15:a0:cb:53:
         94:0d:1e:bc:23:51:22:61:68:dd:d1:a1:c7:b5:64:67:59:6c:
         c7:8c:55:d8:d4:0b:9b:a1:83:26:03:2d:6a:4b:74:71:19:83:
         46:7b:b5:23:76:8b:0a:6c:05:9e:e2:ad:aa:08:2b:8e:ef:e0:
         7d:ed:10:52:28:46:67:1e:43:11:82:67:f3:71:0a:48:88:df:
         e1:ae:70:d3:57:f1:fc:49:28:05:78:c9:1c:e5:1c:f6:ac:85:
         fc:04:18:f6:20:7a:ae:a9:2c:e7:5d:45:40:17:51:93:1e:94:
         7f:55:8f:91:9c:dd:8e:2d:5b:b7:d8:52:6f:71:76:5f:3b:7f:
         1e:b4:62:7d:a3:69:b2:06:38:20:e1:c4:7f:2f:20:32:f6:6a:
         20:0a:64:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCEO2Q6GD9OT9L74v/w/iAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwNDI5MTUwMTA5WhcNMjUwNDMwMTUwMTA5WjAzMTEwLwYDVQQD
Eyg5MmZjNTliYzZkMTJmZTAxNWM4ODQyYjBiYjYyZTgyYjg1NmViZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppCqPjKXyEeHQ5qwOuW1Rsn8Kk3a
z64XqTcGRwnfs7kiojmQLRhjBjSropD0nwDVTwe2FTznxSh3Y74yacWaWkIAxjzg
DmdOJuP1kdbi7L4FCTd1wXKPj4vlZar01McPbv+CWmtluRx2mSFmj30t4katQTAq
BgVl8leMWE5WHeNmarJt9iGJB754hRFW1eAgd5nhkK7xZc4ODxUoYLyuatRoDq/F
ArJ4bk46Ir5qOGUHNeFor9C2igCSQKOAhfLWYr3gYS53fz5yQZvMebn8q1bxhiKT
sZYJQ2lfiHozhD9+4LQtIE2z0tH5WjH3l3u/4nAYKDeWw8u9xMEJt4ETvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJL8WbxtEv4BXIhCsLti6CuFbr+/MB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKAASrix
Ns9FRSTNszwHmBqs6bUQnaZnn703Kme2DY7w5qbyw5B71kMLu8Lj5S/eAmOP7B73
8Ubv/ZPmLLo/Onw6jjabhvICb+eWq0DtGgNmJcWqkg2AMxnRQc3omX4/Q7fLz7BM
vtMVoMtTlA0evCNRImFo3dGhx7VkZ1lsx4xV2NQLm6GDJgMtakt0cRmDRnu1I3aL
CmwFnuKtqggrju/gfe0QUihGZx5DEYJn83EKSIjf4a5w01fx/EkoBXjJHOUc9qyF
/AQY9iB6rqks511FQBdRkx6Uf1WPkZzdji1bt9hSb3F2Xzt/HrRifaNpsgY4IOHE
fy8gMvZqIApkdQ==
-----END CERTIFICATE-----