Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
File:                     hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft (raw, json)
Hash identifier:          7y9grAIeeMDxX+V+kvXss/uzpgflYE7oMwtm/ujfrek=
Subject key identifier:   57:66:A4:50:7B:41:76:06:35:42:5C:63:64:10:6B:29:19:2A:68:06
Authority key identifier: 84:99:B6:6A:26:99:6E:BD:5C:AB:0C:2E:C3:B6:7C:02:5B:F1:09:4E
Certificate issuer:       /CN=8499b66a26996ebd5cab0c2ec3b67c025bf1094e
Certificate serial:       0196794471357804F46CC2F8C0AC2AF7CE8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
Manifest number:          42
Signing time:             Sun 27 Apr 2025 22:00:50 +0000
Manifest this update:     Sun 27 Apr 2025 22:00:50 +0000
Manifest next update:     Mon 28 Apr 2025 22:00:50 +0000
Files and hashes:         1: hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl (hash: ZKDDKxGOaF3lzbgib1HYazkTZpp9TvrmViUM7xcrY+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:44:71:35:78:04:f4:6c:c2:f8:c0:ac:2a:f7:ce:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8499b66a26996ebd5cab0c2ec3b67c025bf1094e
        Validity
            Not Before: Apr 27 22:00:50 2025 GMT
            Not After : Apr 28 22:00:50 2025 GMT
        Subject: CN=5766a4507b41760635425c6364106b29192a6806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cd:8c:75:0d:39:1f:c8:f8:9b:bd:45:2d:8b:
                    f1:ee:a4:09:5d:61:90:07:9e:d8:17:7d:89:74:53:
                    43:41:bf:28:c9:bc:59:5c:24:37:d5:88:d4:e8:ad:
                    4e:ec:fa:95:cd:95:69:d2:f7:3b:94:3f:52:21:29:
                    7d:7b:53:33:3e:40:d2:b3:ad:0c:f9:dd:d3:7c:cc:
                    53:b5:a9:0a:12:2a:ad:d8:d2:b3:7d:ab:38:ac:c4:
                    81:96:7e:26:20:db:c8:0b:7d:37:5b:ac:40:c5:e9:
                    a9:d3:2d:b2:26:b7:ec:48:f6:b1:a8:a9:1c:60:1d:
                    8e:22:61:ee:e2:d9:48:81:29:04:79:a0:1a:9f:d8:
                    ba:f9:35:fe:c6:74:57:99:df:9c:74:72:34:30:2a:
                    d1:02:10:43:7c:f8:3e:1c:df:26:67:ec:59:ef:6d:
                    a2:7b:05:8b:86:d6:59:85:fc:ad:85:fe:bf:a2:b4:
                    bc:0b:fb:72:b9:b3:d4:28:0f:17:aa:6c:07:07:6d:
                    2f:ae:6c:57:1b:dc:48:80:28:30:51:36:1d:81:4b:
                    dc:e7:ac:95:bd:32:b9:39:51:76:eb:59:e6:26:b5:
                    77:ae:3e:93:06:67:9b:1e:86:be:2d:ec:df:87:7d:
                    ab:e2:5d:c6:95:c3:42:2c:59:28:e5:54:2a:91:fc:
                    11:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:66:A4:50:7B:41:76:06:35:42:5C:63:64:10:6B:29:19:2A:68:06
            X509v3 Authority Key Identifier:
                keyid:84:99:B6:6A:26:99:6E:BD:5C:AB:0C:2E:C3:B6:7C:02:5B:F1:09:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/01bdae-86c5-4c15-a998-5c9f9bb2db11/1/hJm2aiaZbr1cqwwuw7Z8AlvxCU4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:0a:e2:25:c0:8d:04:de:9a:df:4b:91:ba:fe:d6:14:1c:7c:
         65:65:db:74:3f:eb:50:dc:b6:2d:c6:89:40:1a:48:8f:ea:d3:
         32:25:b1:47:a9:fa:8b:4a:50:11:4a:c3:aa:0a:85:83:de:e4:
         77:fc:a9:a7:44:74:f6:47:e5:b0:e9:fb:9c:86:e4:91:18:d0:
         40:c1:32:eb:7f:8f:52:28:47:72:dc:d5:f6:7a:83:6e:34:fb:
         6c:e9:6b:09:05:16:b2:c7:95:d2:d7:8a:55:1b:04:74:0e:56:
         d5:6f:3a:12:c6:13:ec:ff:80:c1:bc:c1:cd:56:3a:65:b7:d6:
         05:94:fa:97:45:2a:6c:50:a1:33:2b:5f:42:0d:e4:41:a0:69:
         62:5a:68:50:67:f4:11:08:a4:a2:6b:e2:47:c2:15:0b:7a:c5:
         27:88:6b:b6:57:d3:28:f2:2d:0f:e5:e5:fa:87:29:83:4a:75:
         e5:bb:90:8c:ae:55:fa:79:6b:de:fd:7c:15:3d:c7:31:42:58:
         cb:5e:a9:ad:45:45:c3:d4:1a:37:13:f1:f3:22:57:a3:28:02:
         2f:15:96:fe:02:2a:49:6b:a5:74:69:b5:62:d0:02:ba:69:9a:
         2d:80:cc:f4:1a:74:92:94:f2:1b:71:0a:32:53:71:65:83:09:
         68:25:6f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ5RHE1eAT0bML4wKwq986MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OTliNjZhMjY5OTZlYmQ1Y2FiMGMyZWMzYjY3YzAyNWJm
MTA5NGUwHhcNMjUwNDI3MjIwMDUwWhcNMjUwNDI4MjIwMDUwWjAzMTEwLwYDVQQD
Eyg1NzY2YTQ1MDdiNDE3NjA2MzU0MjVjNjM2NDEwNmIyOTE5MmE2ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM2MdQ05H8j4m71FLYvx7qQJXWGQ
B57YF32JdFNDQb8oybxZXCQ31YjU6K1O7PqVzZVp0vc7lD9SISl9e1MzPkDSs60M
+d3TfMxTtakKEiqt2NKzfas4rMSBln4mINvIC303W6xAxemp0y2yJrfsSPaxqKkc
YB2OImHu4tlIgSkEeaAan9i6+TX+xnRXmd+cdHI0MCrRAhBDfPg+HN8mZ+xZ722i
ewWLhtZZhfythf6/orS8C/tyubPUKA8XqmwHB20vrmxXG9xIgCgwUTYdgUvc56yV
vTK5OVF261nmJrV3rj6TBmebHoa+Lezfh32r4l3GlcNCLFko5VQqkfwRvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdmpFB7QXYGNUJcY2QQaykZKmgGMB8GA1UdIwQY
MBaAFISZtmommW69XKsMLsO2fAJb8QlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wMWJkYWUtODZjNS00YzE1LWE5OTgt
NWM5ZjliYjJkYjExLzEvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wMWJkYWUtODZjNS00YzE1LWE5OTgtNWM5ZjliYjJkYjEx
LzEvaEptMmFpYVpicjFjcXd3dXc3WjhBbHZ4Q1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAriJcCN
BN6a30uRuv7WFBx8ZWXbdD/rUNy2LcaJQBpIj+rTMiWxR6n6i0pQEUrDqgqFg97k
d/ypp0R09kflsOn7nIbkkRjQQMEy63+PUihHctzV9nqDbjT7bOlrCQUWsseV0teK
VRsEdA5W1W86EsYT7P+AwbzBzVY6ZbfWBZT6l0UqbFChMytfQg3kQaBpYlpoUGf0
EQikomviR8IVC3rFJ4hrtlfTKPItD+Xl+ocpg0p15buQjK5V+nlr3v18FT3HMUJY
y16prUVFw9QaNxPx8yJXoygCLxWW/gIqSWuldGm1YtACummaLYDM9Bp0kpTyG3EK
MlNxZYMJaCVv0A==
-----END CERTIFICATE-----