Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          aJB1CRILsl4wGEJHWuqM1d6bcu9nKRQI2ptp4CGXjYg=
Subject key identifier:   40:90:08:E5:D1:0B:D4:1C:4F:0E:F6:ED:A6:D7:5A:DA:37:1B:4B:CA
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       019685B63D7C8886EE78E28CE9A7011313C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          048D
Signing time:             Wed 30 Apr 2025 08:00:35 +0000
Manifest this update:     Wed 30 Apr 2025 08:00:35 +0000
Manifest next update:     Thu 01 May 2025 08:00:35 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: ol3XsITXb6E9I81e/12F0YyAdkZD0OtJQVPLoXvJMRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 08:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:b6:3d:7c:88:86:ee:78:e2:8c:e9:a7:01:13:13:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Apr 30 08:00:35 2025 GMT
            Not After : May  1 08:00:35 2025 GMT
        Subject: CN=409008e5d10bd41c4f0ef6eda6d75ada371b4bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:98:35:69:2a:d6:50:30:29:6d:5f:dd:6f:9f:
                    2e:d7:37:29:d5:eb:62:13:5a:65:0d:b3:22:49:0c:
                    8a:4c:1a:3b:84:e9:f3:5a:52:5c:14:c7:5f:38:8e:
                    99:1c:de:48:53:27:9f:ab:8d:d7:12:bc:f9:56:a6:
                    b0:9b:4a:5b:8a:fe:ae:37:e3:f4:20:19:62:69:57:
                    03:4f:5b:de:28:48:20:3d:cf:5f:99:60:47:3d:11:
                    c8:69:c6:7e:2c:e6:b3:71:2b:96:b2:15:45:ff:11:
                    0a:7c:0c:56:5f:35:23:7d:2f:9a:3d:9c:47:5c:9f:
                    16:bf:c9:01:5b:6f:a6:ad:5b:01:b1:99:4a:82:94:
                    47:f9:d6:f3:bb:bc:ad:db:c6:a5:9c:bd:98:d0:6f:
                    ce:e5:f7:e0:fb:a6:e6:38:ae:33:d0:91:99:6b:33:
                    b0:41:00:94:d5:da:dc:6f:36:ed:74:f3:b4:a9:96:
                    99:70:d2:62:12:4c:70:82:d8:ca:be:ad:d2:c9:01:
                    4e:8f:6e:5d:6c:2b:7b:77:6b:2d:17:a6:6d:be:ae:
                    bb:07:d9:3c:cc:05:c4:c1:da:93:cb:fb:04:d6:b7:
                    db:7f:cf:b1:5f:fb:07:9a:17:77:21:c6:0c:32:47:
                    fb:a0:ba:5d:df:6a:6f:90:75:df:89:c8:60:25:2d:
                    e8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:90:08:E5:D1:0B:D4:1C:4F:0E:F6:ED:A6:D7:5A:DA:37:1B:4B:CA
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:21:c3:b1:88:a4:b9:0f:41:aa:9a:ae:1f:ca:02:de:1f:d9:
         aa:b1:c8:3e:7f:3c:96:11:9d:b9:d3:c9:5c:32:80:59:d1:de:
         13:a9:ad:8e:e5:1f:d9:05:c5:9b:39:cd:40:e7:0e:ab:70:0f:
         4f:53:6e:06:bc:e5:5c:4f:f4:e4:95:dc:c2:57:b8:a3:94:8e:
         77:18:34:bd:ac:39:13:16:a5:b4:4e:a5:79:2e:34:14:4e:2b:
         8e:a7:2b:3d:7b:1a:0d:ff:d9:4a:ef:70:dd:69:a7:8b:e6:25:
         14:40:a5:7f:b5:cd:f5:aa:12:84:6b:3c:c1:0d:e4:91:5b:a6:
         35:da:09:84:60:2a:a2:6e:3d:88:70:86:06:ff:aa:de:f3:d9:
         2f:c7:f2:78:53:42:76:a6:ac:96:f8:ca:28:ca:f7:83:24:b9:
         9a:32:1d:dd:75:a5:58:f4:9f:1e:4e:fe:c2:48:af:35:0d:e4:
         c2:80:13:fe:35:0c:93:4b:d4:7e:fa:77:a3:f2:6b:f0:13:49:
         86:6c:4d:e3:4a:1b:7b:16:29:9f:f4:a5:98:d1:f0:d5:9d:99:
         34:dc:0b:e8:2b:9e:e1:30:e8:e7:db:45:1d:78:57:72:99:e3:
         98:86:14:90:b0:d0:85:63:76:89:86:43:d7:d6:50:04:77:84:
         01:ee:b3:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFtj18iIbueOKM6acBExPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNDMwMDgwMDM1WhcNMjUwNTAxMDgwMDM1WjAzMTEwLwYDVQQD
Eyg0MDkwMDhlNWQxMGJkNDFjNGYwZWY2ZWRhNmQ3NWFkYTM3MWI0YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJg1aSrWUDApbV/db58u1zcp1eti
E1plDbMiSQyKTBo7hOnzWlJcFMdfOI6ZHN5IUyefq43XErz5Vqawm0pbiv6uN+P0
IBliaVcDT1veKEggPc9fmWBHPRHIacZ+LOazcSuWshVF/xEKfAxWXzUjfS+aPZxH
XJ8Wv8kBW2+mrVsBsZlKgpRH+dbzu7yt28alnL2Y0G/O5ffg+6bmOK4z0JGZazOw
QQCU1drcbzbtdPO0qZaZcNJiEkxwgtjKvq3SyQFOj25dbCt7d2stF6Ztvq67B9k8
zAXEwdqTy/sE1rfbf8+xX/sHmhd3IcYMMkf7oLpd32pvkHXfichgJS3ooQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECQCOXRC9QcTw727abXWto3G0vKMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSHDsYik
uQ9BqpquH8oC3h/ZqrHIPn88lhGdudPJXDKAWdHeE6mtjuUf2QXFmznNQOcOq3AP
T1NuBrzlXE/05JXcwle4o5SOdxg0vaw5ExaltE6leS40FE4rjqcrPXsaDf/ZSu9w
3Wmni+YlFEClf7XN9aoShGs8wQ3kkVumNdoJhGAqom49iHCGBv+q3vPZL8fyeFNC
dqaslvjKKMr3gyS5mjId3XWlWPSfHk7+wkivNQ3kwoAT/jUMk0vUfvp3o/Jr8BNJ
hmxN40obexYpn/SlmNHw1Z2ZNNwL6Cue4TDo59tFHXhXcpnjmIYUkLDQhWN2iYZD
19ZQBHeEAe6zkw==
-----END CERTIFICATE-----