Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
File:                     HkQmt06M9v_e23sGBBgIMqhiXzI.mft (raw, json)
Hash identifier:          wPdXB5Q/y6E0Ra97bQbb34srZotyZUCyN1I9ovNsL7c=
Subject key identifier:   69:1A:C3:EC:3B:D0:31:2B:46:CC:FA:8F:82:56:C9:4F:65:72:FB:78
Authority key identifier: 1E:44:26:B7:4E:8C:F6:FF:DE:DB:7B:06:04:18:08:32:A8:62:5F:32
Certificate issuer:       /CN=1e4426b74e8cf6ffdedb7b0604180832a8625f32
Certificate serial:       01967DC667E357BACDC6A63332797C0EA08F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
Manifest number:          0624
Signing time:             Mon 28 Apr 2025 19:01:16 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:16 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:16 +0000
Files and hashes:         1: HkQmt06M9v_e23sGBBgIMqhiXzI.crl (hash: 8oxPOjZnJXOJ/HtBP0ICcXOuFI5qkna1mcrakS3g6zg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:67:e3:57:ba:cd:c6:a6:33:32:79:7c:0e:a0:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e4426b74e8cf6ffdedb7b0604180832a8625f32
        Validity
            Not Before: Apr 28 19:01:16 2025 GMT
            Not After : Apr 29 19:01:16 2025 GMT
        Subject: CN=691ac3ec3bd0312b46ccfa8f8256c94f6572fb78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fb:a3:99:6d:8f:4f:78:40:82:44:19:c0:d3:
                    2d:1d:80:d8:8a:eb:2c:e9:16:67:54:0d:7f:92:9e:
                    4c:84:50:c1:e9:6d:97:01:7d:96:eb:80:c0:c7:70:
                    f4:00:4e:82:af:67:f3:98:18:57:11:fe:c5:b6:c9:
                    be:37:31:52:ad:de:c6:ad:8d:88:bc:c5:fa:69:32:
                    65:09:ef:8e:e8:c1:5c:73:b1:91:4d:b1:89:bf:b4:
                    d4:ee:50:54:64:c5:64:4a:5d:22:68:37:9c:90:9e:
                    d2:da:5f:b9:e3:e5:98:cb:01:7c:53:b0:9f:eb:fe:
                    c4:06:9a:3a:36:d0:4e:18:3a:3a:27:27:c2:ba:c0:
                    61:b2:79:97:4f:43:ab:1e:28:9f:1d:62:0e:58:3f:
                    2e:48:e5:04:bd:96:a2:cc:05:8e:8a:2f:63:fd:72:
                    90:d5:4d:bf:ba:34:31:d9:04:ce:47:d9:ae:0b:b4:
                    82:0c:85:21:02:24:f9:cc:02:7f:c6:9e:c7:2d:f3:
                    ef:5a:cc:e2:45:8b:d2:b7:81:73:14:29:49:a8:6b:
                    58:48:9f:23:93:66:6f:68:6c:0f:2c:79:fc:55:a3:
                    fb:d7:df:be:32:9e:a0:44:38:02:6f:83:ef:73:5e:
                    01:0b:39:7d:34:a3:5d:03:c5:24:d9:d8:7f:fc:6d:
                    e2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:1A:C3:EC:3B:D0:31:2B:46:CC:FA:8F:82:56:C9:4F:65:72:FB:78
            X509v3 Authority Key Identifier:
                keyid:1E:44:26:B7:4E:8C:F6:FF:DE:DB:7B:06:04:18:08:32:A8:62:5F:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:cb:ae:11:4b:04:24:7b:43:de:12:2e:53:b5:63:82:30:32:
         f4:8a:fb:39:af:31:6e:17:03:48:9c:09:70:3c:e5:a8:a4:4c:
         c9:c0:9c:00:73:16:0d:2a:b4:9b:4a:b2:2c:e2:81:ee:d7:dc:
         97:94:dd:88:65:8e:d2:85:f1:2c:a7:62:b7:67:db:de:67:d2:
         b2:81:19:9c:25:cc:7f:5b:96:36:51:ff:b6:58:3c:4a:1a:0f:
         3d:c8:8a:aa:7e:28:94:85:18:3b:f5:cc:6e:9d:b1:72:c5:df:
         44:71:b2:45:e3:43:34:ec:fe:ed:9b:da:dd:67:b7:7c:aa:eb:
         3e:5a:2a:2b:30:9c:da:7e:3a:ad:ae:35:27:16:c3:66:f1:06:
         22:03:11:66:d2:03:08:37:ae:07:6f:e5:8e:0d:e0:12:0c:69:
         6f:47:9b:7c:14:b2:fa:72:69:e0:0f:af:c4:cc:ab:46:33:38:
         0e:d5:49:b7:02:5e:59:b9:cd:c3:d4:ff:ec:61:94:ff:c9:95:
         12:21:05:25:c9:5e:2e:f5:66:ad:08:a4:03:36:7a:4b:48:e7:
         43:2a:73:bb:91:37:ca:74:66:73:f6:4d:bb:97:07:93:64:ab:
         04:40:89:75:cc:37:3f:40:5b:e3:14:ce:fb:d9:63:80:73:f4:
         e1:8e:f0:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xmfjV7rNxqYzMnl8DqCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDQyNmI3NGU4Y2Y2ZmZkZWRiN2IwNjA0MTgwODMyYTg2
MjVmMzIwHhcNMjUwNDI4MTkwMTE2WhcNMjUwNDI5MTkwMTE2WjAzMTEwLwYDVQQD
Eyg2OTFhYzNlYzNiZDAzMTJiNDZjY2ZhOGY4MjU2Yzk0ZjY1NzJmYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPujmW2PT3hAgkQZwNMtHYDYiuss
6RZnVA1/kp5MhFDB6W2XAX2W64DAx3D0AE6Cr2fzmBhXEf7Ftsm+NzFSrd7GrY2I
vMX6aTJlCe+O6MFcc7GRTbGJv7TU7lBUZMVkSl0iaDeckJ7S2l+54+WYywF8U7Cf
6/7EBpo6NtBOGDo6JyfCusBhsnmXT0OrHiifHWIOWD8uSOUEvZaizAWOii9j/XKQ
1U2/ujQx2QTOR9muC7SCDIUhAiT5zAJ/xp7HLfPvWsziRYvSt4FzFClJqGtYSJ8j
k2ZvaGwPLHn8VaP719++Mp6gRDgCb4Pvc14BCzl9NKNdA8Uk2dh//G3ikwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkaw+w70DErRsz6j4JWyU9lcvt4MB8GA1UdIwQY
MBaAFB5EJrdOjPb/3tt7BgQYCDKoYl8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81N2QwOGUtMWZiOC00ZmZjLThhNzEt
YjQ3NDBhMjE1OGYwLzEvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81N2QwOGUtMWZiOC00ZmZjLThhNzEtYjQ3NDBhMjE1OGYw
LzEvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj8uuEUsE
JHtD3hIuU7VjgjAy9Ir7Oa8xbhcDSJwJcDzlqKRMycCcAHMWDSq0m0qyLOKB7tfc
l5TdiGWO0oXxLKdit2fb3mfSsoEZnCXMf1uWNlH/tlg8ShoPPciKqn4olIUYO/XM
bp2xcsXfRHGyReNDNOz+7Zva3We3fKrrPloqKzCc2n46ra41JxbDZvEGIgMRZtID
CDeuB2/ljg3gEgxpb0ebfBSy+nJp4A+vxMyrRjM4DtVJtwJeWbnNw9T/7GGU/8mV
EiEFJcleLvVmrQikAzZ6S0jnQypzu5E3ynRmc/ZNu5cHk2SrBECJdcw3P0Bb4xTO
+9ljgHP04Y7wig==
-----END CERTIFICATE-----