Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          UjfLHn/GgMlPWdy24q5ViFW01JomS9XAZd6kPv1e/IE=
Subject key identifier:   F0:8A:CD:B9:32:44:7A:4F:A6:9D:1D:47:10:FD:8A:76:E4:BF:03:4B
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       0196794467454F7DFABA332C8905C3B0C2B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          10C9
Signing time:             Sun 27 Apr 2025 22:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 22:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 22:00:47 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: +7HjDCph8bpIoUwQSk62NXQWA9sIUXj2NIEjU6OzL2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:44:67:45:4f:7d:fa:ba:33:2c:89:05:c3:b0:c2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Apr 27 22:00:47 2025 GMT
            Not After : Apr 28 22:00:47 2025 GMT
        Subject: CN=f08acdb932447a4fa69d1d4710fd8a76e4bf034b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:df:7d:d1:f6:cc:5b:97:ce:96:ee:ca:96:45:
                    20:ee:da:6d:67:a3:78:b3:36:bc:da:c8:1a:c3:98:
                    b8:ef:54:d8:1b:fd:24:3d:c3:ac:11:57:95:2f:ec:
                    0c:0d:a7:c3:47:43:43:98:be:fe:92:35:7c:88:71:
                    28:52:74:60:99:c2:11:57:b6:c2:0b:d5:0e:03:2a:
                    82:99:b9:c3:93:73:e0:f2:91:2c:dc:e3:1d:48:d5:
                    36:b0:4f:e0:7c:81:6b:92:53:fa:7f:0c:3b:32:e6:
                    34:70:7c:c5:2e:37:3a:11:67:09:45:66:06:e9:dd:
                    2a:ef:75:03:79:fe:ee:73:6c:7b:34:d0:d9:ee:57:
                    80:9e:f5:36:58:fe:1e:f6:f9:ad:d0:fe:2e:20:57:
                    99:39:bd:75:42:8f:06:85:ee:e6:cd:76:dc:58:0c:
                    7b:56:38:51:a7:4d:5a:2d:47:88:e0:d0:49:d8:c0:
                    86:6f:a0:58:a4:8c:b4:84:42:4f:42:a8:a2:a0:c4:
                    91:a0:70:e5:6e:4c:03:d3:3e:0c:17:34:25:f0:1c:
                    9b:8e:53:ad:68:f6:72:10:04:73:87:13:82:21:57:
                    fd:3c:a3:be:d4:03:0d:23:3c:20:b3:5f:da:0e:21:
                    30:e7:70:49:9f:51:5f:65:5a:31:d5:d0:c2:35:36:
                    e8:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:8A:CD:B9:32:44:7A:4F:A6:9D:1D:47:10:FD:8A:76:E4:BF:03:4B
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:d7:df:a3:6b:34:24:94:bd:2e:09:df:b2:52:5f:e6:5c:a6:
         99:1a:18:1f:e5:6e:c9:bd:07:52:30:c5:6b:ce:be:ee:76:50:
         77:a6:7c:df:45:d1:8f:2a:f5:8d:e8:37:61:77:f2:66:b2:9c:
         00:9f:fd:87:61:57:18:fc:7a:c6:78:a8:58:10:bb:6e:50:95:
         67:96:3d:c1:9c:47:a2:bf:86:8e:2a:15:c2:d4:de:de:76:bf:
         1e:11:e3:74:cc:60:e3:dc:9b:1a:ef:69:83:ba:b1:3f:98:0d:
         a3:fa:23:97:78:f7:e6:15:bd:3f:1e:bf:8d:00:e5:d7:1a:2c:
         f0:79:ad:66:c1:d8:ed:f1:c3:84:bc:cf:96:23:c5:03:a2:6f:
         bf:5c:34:0d:0b:b3:42:ca:b5:93:06:9f:c1:b0:0a:8a:c0:d6:
         7b:cb:63:9d:be:b2:cb:ab:a9:64:35:a4:23:0b:f4:ee:64:76:
         b6:44:05:33:94:30:35:12:4f:30:cb:1d:54:5b:13:08:5b:af:
         32:9c:76:c8:02:da:9c:60:15:8c:d2:67:90:75:67:c5:09:bd:
         c4:39:75:ee:cb:a2:c4:eb:10:3b:11:2d:b4:de:be:10:28:50:
         a8:a4:7d:85:a6:36:d5:44:46:ea:ce:54:cf:bf:27:99:61:6a:
         ce:6f:cd:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5RGdFT336ujMsiQXDsMKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjUwNDI3MjIwMDQ3WhcNMjUwNDI4MjIwMDQ3WjAzMTEwLwYDVQQD
EyhmMDhhY2RiOTMyNDQ3YTRmYTY5ZDFkNDcxMGZkOGE3NmU0YmYwMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8t990fbMW5fOlu7KlkUg7tptZ6N4
sza82sgaw5i471TYG/0kPcOsEVeVL+wMDafDR0NDmL7+kjV8iHEoUnRgmcIRV7bC
C9UOAyqCmbnDk3Pg8pEs3OMdSNU2sE/gfIFrklP6fww7MuY0cHzFLjc6EWcJRWYG
6d0q73UDef7uc2x7NNDZ7leAnvU2WP4e9vmt0P4uIFeZOb11Qo8Ghe7mzXbcWAx7
VjhRp01aLUeI4NBJ2MCGb6BYpIy0hEJPQqiioMSRoHDlbkwD0z4MFzQl8BybjlOt
aPZyEARzhxOCIVf9PKO+1AMNIzwgs1/aDiEw53BJn1FfZVox1dDCNTborwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPCKzbkyRHpPpp0dRxD9inbkvwNLMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFtffo2s0
JJS9LgnfslJf5lymmRoYH+Vuyb0HUjDFa86+7nZQd6Z830XRjyr1jeg3YXfyZrKc
AJ/9h2FXGPx6xnioWBC7blCVZ5Y9wZxHor+GjioVwtTe3na/HhHjdMxg49ybGu9p
g7qxP5gNo/ojl3j35hW9Px6/jQDl1xos8HmtZsHY7fHDhLzPliPFA6Jvv1w0DQuz
Qsq1kwafwbAKisDWe8tjnb6yy6upZDWkIwv07mR2tkQFM5QwNRJPMMsdVFsTCFuv
Mpx2yALanGAVjNJnkHVnxQm9xDl17suixOsQOxEttN6+EChQqKR9haY21URG6s5U
z78nmWFqzm/NYw==
-----END CERTIFICATE-----