Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          RCmSZPsVz14GtoYja3DFQZso+MSxEnuMJlT2Etm59EA=
Subject key identifier:   45:F1:A3:AC:6E:F1:A9:24:F6:3C:F7:18:15:F6:C1:5B:3C:59:37:A9
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       0196899322359F73719C88C2C5112F7D078E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          048F
Signing time:             Thu 01 May 2025 02:00:43 +0000
Manifest this update:     Thu 01 May 2025 02:00:43 +0000
Manifest next update:     Fri 02 May 2025 02:00:43 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: 0fxnA5IzfcQ8fm4LXfYx37MR3BsKWHvQDn5oGnoWyUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:93:22:35:9f:73:71:9c:88:c2:c5:11:2f:7d:07:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: May  1 02:00:43 2025 GMT
            Not After : May  2 02:00:43 2025 GMT
        Subject: CN=45f1a3ac6ef1a924f63cf71815f6c15b3c5937a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:63:b1:20:82:6c:1f:ec:e7:ef:8d:e3:91:79:
                    5c:f7:00:b2:d2:8e:07:19:cd:19:af:97:c3:33:9d:
                    ac:29:04:92:09:81:a8:27:f0:52:b3:02:43:2e:97:
                    b5:11:95:b2:9e:43:51:ee:c0:c0:c5:2f:4a:65:59:
                    f4:1a:9c:4a:b6:f8:bc:99:cf:4a:63:fe:ad:46:0b:
                    3d:15:79:77:87:06:05:33:00:eb:0f:3a:61:ea:19:
                    a5:4b:e5:2c:a2:dd:a8:d3:25:a8:11:ab:b7:c5:da:
                    19:e3:97:c4:c0:38:dd:6c:3a:6f:2a:7d:f9:bb:7e:
                    1b:3f:8c:3a:bb:67:9a:37:2f:52:4e:3e:1d:f6:2a:
                    85:f0:08:a2:65:7c:f7:bc:2b:7e:41:9f:df:1f:25:
                    1f:a0:d3:7d:98:09:f3:0c:73:25:a3:57:26:40:23:
                    39:ec:e8:c8:ce:bd:df:6c:c1:4a:0c:6f:c3:a8:ef:
                    c7:37:cd:41:61:2c:cd:95:75:11:0d:ec:5d:45:2c:
                    6e:7e:d3:e1:b3:0b:dd:31:59:29:e8:79:7c:46:a0:
                    c1:fe:ed:57:16:2e:6a:99:07:51:3a:0e:86:03:db:
                    da:a7:aa:a9:d8:dd:c5:a0:f4:76:f8:bb:a2:5a:03:
                    4c:7b:bb:c3:2c:a3:a4:bf:df:e7:e5:54:c5:6e:2e:
                    e9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:F1:A3:AC:6E:F1:A9:24:F6:3C:F7:18:15:F6:C1:5B:3C:59:37:A9
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:c1:46:28:8f:0f:7d:9f:b3:d0:6b:67:5b:3e:b9:08:56:15:
         b6:99:dc:18:99:96:f5:53:d6:d3:22:45:3b:07:1a:23:53:18:
         79:5f:e5:ff:71:0e:81:09:75:95:a1:b7:03:0c:67:f6:9a:cf:
         ae:f5:f4:09:bf:35:9a:a6:75:41:7d:34:b6:2d:94:22:9a:5a:
         c8:b6:29:ca:eb:c3:4a:e1:0d:50:4d:8d:78:3e:a8:0a:e3:e9:
         91:2f:d0:42:9e:30:e5:a0:97:1d:86:af:ff:97:a4:97:f7:38:
         2d:bd:c9:0a:0d:44:98:96:d3:17:aa:ec:7a:87:e2:4c:ff:af:
         b7:1f:bb:69:bc:b8:d5:7c:36:e2:b6:e0:85:11:36:57:ef:9c:
         52:d4:63:3d:bc:2a:7a:74:d0:d8:63:a1:f0:90:95:a9:d0:8d:
         e9:e9:80:bd:8d:93:4a:ea:4a:1d:85:e8:b8:3d:f1:6e:5c:51:
         b1:af:f2:a6:7d:88:80:2f:d9:b6:20:5c:47:04:a0:b0:3e:22:
         32:51:cc:1f:96:b0:14:b3:37:c9:13:39:9c:ac:e8:dc:81:4e:
         1b:56:06:20:75:a5:bd:62:c8:95:79:38:bf:77:e2:df:cc:cd:
         06:9d:46:c6:49:df:b3:e9:1d:bf:3b:a4:cf:dc:12:0b:0e:85:
         66:06:69:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJkyI1n3NxnIjCxREvfQeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNTAxMDIwMDQzWhcNMjUwNTAyMDIwMDQzWjAzMTEwLwYDVQQD
Eyg0NWYxYTNhYzZlZjFhOTI0ZjYzY2Y3MTgxNWY2YzE1YjNjNTkzN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWOxIIJsH+zn743jkXlc9wCy0o4H
Gc0Zr5fDM52sKQSSCYGoJ/BSswJDLpe1EZWynkNR7sDAxS9KZVn0GpxKtvi8mc9K
Y/6tRgs9FXl3hwYFMwDrDzph6hmlS+Usot2o0yWoEau3xdoZ45fEwDjdbDpvKn35
u34bP4w6u2eaNy9STj4d9iqF8AiiZXz3vCt+QZ/fHyUfoNN9mAnzDHMlo1cmQCM5
7OjIzr3fbMFKDG/DqO/HN81BYSzNlXURDexdRSxuftPhswvdMVkp6Hl8RqDB/u1X
Fi5qmQdROg6GA9vap6qp2N3FoPR2+LuiWgNMe7vDLKOkv9/n5VTFbi7pNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXxo6xu8akk9jz3GBX2wVs8WTepMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo8FGKI8P
fZ+z0GtnWz65CFYVtpncGJmW9VPW0yJFOwcaI1MYeV/l/3EOgQl1laG3Awxn9prP
rvX0Cb81mqZ1QX00ti2UIppayLYpyuvDSuENUE2NeD6oCuPpkS/QQp4w5aCXHYav
/5ekl/c4Lb3JCg1EmJbTF6rseofiTP+vtx+7aby41Xw24rbghRE2V++cUtRjPbwq
enTQ2GOh8JCVqdCN6emAvY2TSupKHYXouD3xblxRsa/ypn2IgC/ZtiBcRwSgsD4i
MlHMH5awFLM3yRM5nKzo3IFOG1YGIHWlvWLIlXk4v3fi38zNBp1Gxknfs+kdvzuk
z9wSCw6FZgZpZg==
-----END CERTIFICATE-----