Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          PIgx+/l6U2yRu0JNffHuwo6xbv0cfFIusqt5vT4wcHk=
Subject key identifier:   4C:B1:C9:19:F3:F6:74:CC:05:47:B8:BE:36:9D:C1:C1:25:9A:E6:D5
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       0196767A92836F60B831B754AF46FCE062A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          0F07
Signing time:             Sun 27 Apr 2025 09:01:06 +0000
Manifest this update:     Sun 27 Apr 2025 09:01:06 +0000
Manifest next update:     Mon 28 Apr 2025 09:01:06 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: OQWObtOPF9wfw75LVawuHanQ93MXs7//xrCVfUg/9XA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:7a:92:83:6f:60:b8:31:b7:54:af:46:fc:e0:62:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Apr 27 09:01:06 2025 GMT
            Not After : Apr 28 09:01:06 2025 GMT
        Subject: CN=4cb1c919f3f674cc0547b8be369dc1c1259ae6d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c8:4e:de:fd:c6:ff:07:c5:d5:cc:75:71:db:
                    05:88:5c:ee:bc:bc:ec:e2:05:eb:38:59:12:56:b8:
                    9a:5a:ad:2e:1b:6a:59:02:51:fa:b7:82:98:32:9f:
                    8b:de:6d:1b:58:e8:db:d4:cd:c6:af:8d:dc:a1:d3:
                    40:08:72:d7:4b:66:6c:8a:35:3b:ba:a2:5b:08:af:
                    0f:da:bd:3a:88:22:85:33:ce:04:07:b6:37:fc:17:
                    23:09:09:09:16:ec:e0:de:f5:b0:47:58:77:86:3d:
                    86:4f:b4:a5:bb:97:2f:ea:2e:a5:8a:fe:b9:db:f2:
                    01:8d:12:76:ea:f7:7a:4e:c0:85:ba:ad:9a:15:63:
                    9e:a4:88:59:1a:da:77:f2:0c:e0:60:b7:46:14:b1:
                    49:48:a2:89:81:e4:c9:d3:c0:6d:93:65:78:87:78:
                    51:41:85:eb:36:26:44:7c:7a:03:91:b7:2c:89:b0:
                    7d:21:34:e8:da:1a:f7:68:da:23:08:90:b5:ef:6c:
                    61:52:46:f8:e7:41:5e:72:74:4f:5e:ff:6a:c1:1d:
                    26:67:c9:4e:09:a1:fc:11:49:12:3d:10:46:9a:cd:
                    a8:a7:83:81:68:02:79:e8:33:92:ce:b4:4e:34:28:
                    53:2b:4d:35:ce:e9:d5:b7:b2:cc:28:e2:48:e1:ff:
                    f1:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:B1:C9:19:F3:F6:74:CC:05:47:B8:BE:36:9D:C1:C1:25:9A:E6:D5
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:f7:7a:6e:57:c0:ea:b1:82:99:0a:74:b4:19:e5:b0:08:ec:
         45:b4:2b:a0:f6:ab:af:46:d2:0c:54:ce:d2:90:a5:a0:6f:1a:
         01:7c:41:e3:49:88:42:d9:ef:85:be:6a:95:cf:13:45:fb:00:
         97:77:2b:42:50:1e:b6:65:b8:49:b8:bf:3d:e1:c4:7f:d1:03:
         d3:a6:12:6d:1c:cd:e2:18:42:8b:bb:0f:b2:39:ed:b0:77:ba:
         cb:85:a4:84:6d:94:90:33:ac:e4:e2:fe:17:3f:de:3d:2a:76:
         50:49:7b:7c:00:93:c3:5c:c3:73:ef:6e:f9:c9:83:fb:0d:d0:
         66:b0:11:d8:7c:c4:e6:91:ff:55:15:a9:54:9a:06:21:f8:d1:
         84:92:c1:98:c1:65:7e:42:aa:46:da:fc:8e:d1:3c:23:8c:21:
         94:4b:ba:9d:db:21:3e:8e:ad:a2:51:d9:08:e0:69:3e:3b:46:
         fb:ea:0c:f4:76:4e:8c:8c:db:1d:02:1a:83:d3:2d:2c:e0:e8:
         1a:b7:ee:f8:83:f4:52:c8:28:7a:74:bc:ea:d0:65:20:c6:03:
         db:06:ab:3c:10:0b:b8:43:3d:5c:ec:07:23:bc:04:ee:6a:a4:
         2e:67:e9:a9:0d:fd:9b:68:f4:9a:8e:e6:40:16:37:b8:8c:49:
         20:7c:be:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2epKDb2C4MbdUr0b84GKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwNDI3MDkwMTA2WhcNMjUwNDI4MDkwMTA2WjAzMTEwLwYDVQQD
Eyg0Y2IxYzkxOWYzZjY3NGNjMDU0N2I4YmUzNjlkYzFjMTI1OWFlNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8hO3v3G/wfF1cx1cdsFiFzuvLzs
4gXrOFkSVriaWq0uG2pZAlH6t4KYMp+L3m0bWOjb1M3Gr43codNACHLXS2ZsijU7
uqJbCK8P2r06iCKFM84EB7Y3/BcjCQkJFuzg3vWwR1h3hj2GT7Slu5cv6i6liv65
2/IBjRJ26vd6TsCFuq2aFWOepIhZGtp38gzgYLdGFLFJSKKJgeTJ08Btk2V4h3hR
QYXrNiZEfHoDkbcsibB9ITTo2hr3aNojCJC172xhUkb450FecnRPXv9qwR0mZ8lO
CaH8EUkSPRBGms2op4OBaAJ56DOSzrRONChTK001zunVt7LMKOJI4f/xVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyxyRnz9nTMBUe4vjadwcElmubVMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzvd6blfA
6rGCmQp0tBnlsAjsRbQroParr0bSDFTO0pCloG8aAXxB40mIQtnvhb5qlc8TRfsA
l3crQlAetmW4Sbi/PeHEf9ED06YSbRzN4hhCi7sPsjntsHe6y4WkhG2UkDOs5OL+
Fz/ePSp2UEl7fACTw1zDc+9u+cmD+w3QZrAR2HzE5pH/VRWpVJoGIfjRhJLBmMFl
fkKqRtr8jtE8I4whlEu6ndshPo6tolHZCOBpPjtG++oM9HZOjIzbHQIag9MtLODo
Grfu+IP0UsgoenS86tBlIMYD2warPBALuEM9XOwHI7wE7mqkLmfpqQ39m2j0mo7m
QBY3uIxJIHy+Yg==
-----END CERTIFICATE-----