Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          5PeePDcgsrTw/WOXaEOxT/4fZEh4ipcCQKSYScYrpys=
Subject key identifier:   AC:60:B9:8E:CC:BF:7A:41:93:0C:91:CF:F1:8C:52:80:6B:66:DC:95
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       0196895CADEA7DBDA6BC3DFC971CCF7D0A27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          07FE
Signing time:             Thu 01 May 2025 01:01:14 +0000
Manifest this update:     Thu 01 May 2025 01:01:14 +0000
Manifest next update:     Fri 02 May 2025 01:01:14 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: 3c0Rbuzw7GjeJkrVZQXjjGasReuZm7RrHRQa/jEgHck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:5c:ad:ea:7d:bd:a6:bc:3d:fc:97:1c:cf:7d:0a:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: May  1 01:01:14 2025 GMT
            Not After : May  2 01:01:14 2025 GMT
        Subject: CN=ac60b98eccbf7a41930c91cff18c52806b66dc95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:48:37:9a:7e:6c:ac:d4:d5:d2:90:f8:d4:16:
                    6a:6c:1e:19:a6:c0:f2:e1:3c:46:0d:ec:c5:0e:17:
                    82:4f:26:54:12:66:e5:c1:75:b8:13:af:22:48:f1:
                    7e:c0:ec:fa:86:4d:f4:8d:04:6a:e3:d3:76:eb:21:
                    53:17:8b:d8:d9:c3:b5:61:f7:c8:5a:cd:19:94:05:
                    b9:6e:db:dd:fc:fa:93:cf:a6:39:f2:9e:ad:54:dd:
                    ba:a8:e0:e0:b8:fc:8a:ab:0e:9d:86:8c:da:b1:76:
                    06:44:00:32:c2:e5:b4:4f:b8:77:7c:6f:2c:51:d8:
                    a8:58:62:e4:3f:df:17:fb:fa:45:38:aa:f4:cd:3c:
                    98:65:07:88:53:c0:f9:9a:9b:48:19:8d:bf:22:77:
                    5e:f6:b4:fa:a1:1e:78:8a:f0:67:64:72:fc:74:65:
                    e2:03:15:db:d3:24:be:f5:44:74:62:ee:98:44:15:
                    64:f6:e8:a4:7c:37:a8:0f:2e:d6:ed:59:32:b4:74:
                    84:c8:0b:da:5f:e3:96:4c:f8:ed:72:b4:ae:d6:73:
                    08:ee:32:6d:64:96:83:94:d3:76:af:89:14:ec:6d:
                    5c:7e:34:9b:cc:21:46:de:92:03:d1:f5:6a:cc:62:
                    2f:f6:7f:77:f1:0e:70:fd:4b:de:2c:d5:09:07:67:
                    46:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:60:B9:8E:CC:BF:7A:41:93:0C:91:CF:F1:8C:52:80:6B:66:DC:95
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:77:2d:a5:bd:f1:f0:fa:06:63:e8:ca:c1:a1:7e:49:b9:dc:
         7f:72:be:e7:94:66:0a:e5:42:fb:aa:40:ba:48:cf:80:f1:1f:
         4c:fd:e5:7b:87:13:d7:59:16:f0:62:9b:5b:d3:61:79:2d:99:
         bf:29:52:fb:c6:97:1b:c6:9f:cd:ed:30:67:79:15:eb:ee:2f:
         6c:93:99:e2:b4:aa:c8:8b:6b:47:e4:12:31:8f:66:04:03:bf:
         af:03:c0:19:df:c2:64:1b:b4:c1:52:d8:1f:e6:6d:b0:ce:ed:
         c2:c9:a4:40:ef:40:c6:3e:23:81:df:06:8e:c4:aa:5a:39:21:
         90:ab:1e:32:54:21:3d:de:a0:76:52:dc:01:2f:3d:3e:d3:09:
         d3:16:82:50:88:38:f5:45:45:c3:4d:96:8e:38:0a:ad:b6:4d:
         97:6b:2a:5c:31:3f:a0:d4:80:41:f8:6e:28:c4:65:c5:92:11:
         d5:b5:9a:d4:91:e0:98:df:a9:1f:3d:47:69:f8:73:28:91:58:
         ba:2f:c4:d3:b7:ed:8f:0a:4a:90:41:b1:05:5b:84:8c:2a:1d:
         52:b3:11:f0:cc:44:62:90:bd:7e:ce:b5:de:db:c3:d2:56:c9:
         d0:0a:8f:a6:83:02:1e:46:6c:e1:f6:23:de:93:7e:d8:03:88:
         24:5d:01:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJXK3qfb2mvD38lxzPfQonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjUwNTAxMDEwMTE0WhcNMjUwNTAyMDEwMTE0WjAzMTEwLwYDVQQD
EyhhYzYwYjk4ZWNjYmY3YTQxOTMwYzkxY2ZmMThjNTI4MDZiNjZkYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEg3mn5srNTV0pD41BZqbB4ZpsDy
4TxGDezFDheCTyZUEmblwXW4E68iSPF+wOz6hk30jQRq49N26yFTF4vY2cO1YffI
Ws0ZlAW5btvd/PqTz6Y58p6tVN26qODguPyKqw6dhozasXYGRAAywuW0T7h3fG8s
UdioWGLkP98X+/pFOKr0zTyYZQeIU8D5mptIGY2/Inde9rT6oR54ivBnZHL8dGXi
AxXb0yS+9UR0Yu6YRBVk9uikfDeoDy7W7VkytHSEyAvaX+OWTPjtcrSu1nMI7jJt
ZJaDlNN2r4kU7G1cfjSbzCFG3pID0fVqzGIv9n938Q5w/UveLNUJB2dGMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxguY7Mv3pBkwyRz/GMUoBrZtyVMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXctpb3x
8PoGY+jKwaF+Sbncf3K+55RmCuVC+6pAukjPgPEfTP3le4cT11kW8GKbW9NheS2Z
vylS+8aXG8afze0wZ3kV6+4vbJOZ4rSqyItrR+QSMY9mBAO/rwPAGd/CZBu0wVLY
H+ZtsM7twsmkQO9Axj4jgd8GjsSqWjkhkKseMlQhPd6gdlLcAS89PtMJ0xaCUIg4
9UVFw02WjjgKrbZNl2sqXDE/oNSAQfhuKMRlxZIR1bWa1JHgmN+pHz1HafhzKJFY
ui/E07ftjwpKkEGxBVuEjCodUrMR8MxEYpC9fs613tvD0lbJ0AqPpoMCHkZs4fYj
3pN+2AOIJF0BNA==
-----END CERTIFICATE-----