Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          rDNzid4DTKt4Yp9eAIgB61Y8U0yN0uNSqY5v2oLoBp4=
Subject key identifier:   43:F5:D2:7D:64:D8:3A:64:34:D9:00:19:16:48:D7:8D:5D:C4:77:41
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       01976C2AD7D54E91905C30489221007F6F43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          012D
Signing time:             Sat 14 Jun 2025 02:00:36 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:36 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:36 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: 5Hmlr3Y4qzFYHW0qzttKts11VcvJsGYKZNEcZB23yB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:d7:d5:4e:91:90:5c:30:48:92:21:00:7f:6f:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Jun 14 02:00:36 2025 GMT
            Not After : Jun 15 02:00:36 2025 GMT
        Subject: CN=43f5d27d64d83a6434d900191648d78d5dc47741
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:71:da:c7:20:b5:11:64:7d:29:12:81:19:19:
                    1e:6e:e9:08:99:9e:56:20:6e:71:6a:63:50:1d:97:
                    9b:b2:ca:da:4d:62:a4:09:82:de:60:ea:32:9c:f7:
                    4d:9f:a1:93:70:27:3c:76:f6:33:c7:d0:c0:1f:ec:
                    5e:ce:88:e4:91:50:b8:8a:bd:29:27:b1:9b:37:b9:
                    68:ca:66:35:0c:07:fb:e9:4d:e4:a9:d3:c8:03:d5:
                    6f:da:98:4b:a1:b6:7c:1a:ff:4f:dc:21:95:a0:03:
                    44:a1:e5:e0:57:40:66:83:bc:66:1c:46:6c:7c:8c:
                    74:b7:0a:f8:40:e6:ed:02:0d:7b:75:53:89:56:dd:
                    a4:38:f3:2b:ae:04:88:03:7f:50:56:aa:06:01:44:
                    65:da:11:51:ad:2f:0b:8d:ab:71:1f:5b:6a:5a:a7:
                    cf:2c:8b:bc:fe:ee:35:c0:e7:be:07:4b:1f:35:30:
                    03:a1:1c:f5:a4:5e:19:6a:5d:3d:77:ee:a8:38:79:
                    61:a3:1d:1e:90:e5:56:2a:90:1b:3e:82:c4:b8:c2:
                    0f:af:c0:b2:ca:a3:2a:e1:68:4b:87:32:52:62:6b:
                    32:67:eb:d2:6b:fa:ec:f5:f0:c0:82:fa:be:6d:a7:
                    3b:17:a6:1c:b1:b3:e1:1c:04:80:07:63:50:e0:fe:
                    b0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F5:D2:7D:64:D8:3A:64:34:D9:00:19:16:48:D7:8D:5D:C4:77:41
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:71:d5:fb:a7:dc:b4:da:34:07:5d:12:da:73:17:db:4d:f5:
         ba:f1:9b:a3:e8:8a:e9:fe:bf:42:a3:cd:b7:fd:2b:60:82:64:
         3a:dc:85:06:ba:61:a7:57:1f:b0:20:79:c2:73:05:87:fd:93:
         f3:f9:80:80:c8:ff:f0:77:ed:8b:81:a6:af:08:2c:db:f4:53:
         9c:00:42:6d:e8:6b:26:db:1a:6c:39:54:e3:50:cc:e7:1d:1b:
         f2:31:1e:cd:47:71:9e:a7:ba:b7:2c:04:de:0d:4f:6b:a9:ac:
         6a:7f:7f:10:d8:b6:01:5e:e4:c0:7a:dc:68:92:6b:af:ce:43:
         b0:19:4c:09:45:f8:e7:ec:a6:b1:39:47:a9:76:84:93:b9:b5:
         cc:4a:29:b3:56:73:01:80:e8:0c:0b:da:49:7b:44:3f:eb:49:
         ed:a3:f6:c1:26:0e:c1:68:3b:fd:32:6d:98:3c:ca:89:71:8f:
         3c:ea:49:ce:e0:b2:1a:c1:28:7e:fa:01:9c:f3:2b:4c:f9:f9:
         e7:7a:8b:06:07:d8:a6:43:87:ef:cb:32:41:83:71:a3:9f:2f:
         49:31:40:5f:f5:c0:1d:0b:8f:a3:57:61:7b:92:0e:91:04:7c:
         11:f3:87:72:60:91:1e:0f:9b:15:31:92:2f:8a:61:9d:ed:41:
         23:1c:e8:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKtfVTpGQXDBIkiEAf29DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjUwNjE0MDIwMDM2WhcNMjUwNjE1MDIwMDM2WjAzMTEwLwYDVQQD
Eyg0M2Y1ZDI3ZDY0ZDgzYTY0MzRkOTAwMTkxNjQ4ZDc4ZDVkYzQ3NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHHaxyC1EWR9KRKBGRkebukImZ5W
IG5xamNQHZebssraTWKkCYLeYOoynPdNn6GTcCc8dvYzx9DAH+xezojkkVC4ir0p
J7GbN7loymY1DAf76U3kqdPIA9Vv2phLobZ8Gv9P3CGVoANEoeXgV0Bmg7xmHEZs
fIx0twr4QObtAg17dVOJVt2kOPMrrgSIA39QVqoGAURl2hFRrS8LjatxH1tqWqfP
LIu8/u41wOe+B0sfNTADoRz1pF4Zal09d+6oOHlhox0ekOVWKpAbPoLEuMIPr8Cy
yqMq4WhLhzJSYmsyZ+vSa/rs9fDAgvq+bac7F6YcsbPhHASAB2NQ4P6wywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP10n1k2DpkNNkAGRZI141dxHdBMB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtXHV+6fc
tNo0B10S2nMX2031uvGbo+iK6f6/QqPNt/0rYIJkOtyFBrphp1cfsCB5wnMFh/2T
8/mAgMj/8Hfti4Gmrwgs2/RTnABCbehrJtsabDlU41DM5x0b8jEezUdxnqe6tywE
3g1Pa6msan9/ENi2AV7kwHrcaJJrr85DsBlMCUX45+ymsTlHqXaEk7m1zEops1Zz
AYDoDAvaSXtEP+tJ7aP2wSYOwWg7/TJtmDzKiXGPPOpJzuCyGsEofvoBnPMrTPn5
53qLBgfYpkOH78syQYNxo58vSTFAX/XAHQuPo1dhe5IOkQR8EfOHcmCRHg+bFTGS
L4phne1BIxzogg==
-----END CERTIFICATE-----