Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          9pq0bxFa4j9UDzUnr/3pt/pfR6zmNvHRx3DO34QrlYA=
Subject key identifier:   79:B6:36:90:33:51:33:D2:C7:2B:40:BE:32:A5:7D:5C:02:97:C8:2D
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       01967A8D8D79EDE6919ADD8AD4318FDA5878
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          1512
Signing time:             Mon 28 Apr 2025 04:00:19 +0000
Manifest this update:     Mon 28 Apr 2025 04:00:19 +0000
Manifest next update:     Tue 29 Apr 2025 04:00:19 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: FE0DBCjGc17S4mu6qOR4WnCEp3DERLofSRNzLCq7QXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 04:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:8d:8d:79:ed:e6:91:9a:dd:8a:d4:31:8f:da:58:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Apr 28 04:00:19 2025 GMT
            Not After : Apr 29 04:00:19 2025 GMT
        Subject: CN=79b63690335133d2c72b40be32a57d5c0297c82d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:42:d5:29:ea:2d:db:8c:13:9c:cb:1d:7e:5e:
                    0b:b8:7b:0c:b0:16:f0:15:82:c8:07:b8:63:43:33:
                    48:44:27:11:85:20:4b:e4:8a:04:83:77:50:9e:02:
                    c2:14:52:13:07:17:8b:71:9b:3b:9a:9d:a1:22:d5:
                    c7:70:e9:2a:e0:74:7a:d3:8b:a4:c5:aa:1c:4e:d2:
                    45:7a:c3:82:8c:05:f1:fe:11:74:92:2a:b9:f9:8b:
                    bf:3d:4a:20:3e:9c:0d:46:9d:64:8e:e9:b9:b0:e7:
                    10:9a:59:c5:5f:1c:b9:c0:02:61:e4:ba:96:d7:05:
                    9e:de:32:8b:d2:7d:13:1e:4b:6a:9b:1c:5e:e3:8b:
                    69:60:ef:ea:cc:87:41:65:cd:a8:f2:a8:57:e0:c7:
                    d9:f8:77:5c:d0:29:75:d6:50:b9:58:3e:a4:37:c5:
                    57:5e:02:ee:26:45:1b:cb:db:83:0a:5f:54:ca:1a:
                    22:b3:b2:94:47:e6:57:76:a2:e3:de:11:2d:66:a4:
                    75:f1:55:8f:d2:0b:99:b8:f8:9e:9d:8c:83:d0:68:
                    1f:4e:8c:46:01:53:2e:51:48:28:7c:8a:9b:1b:ff:
                    86:ee:fb:f4:25:17:79:9b:31:67:d8:86:10:9e:62:
                    fe:b3:25:72:04:ca:66:ab:e2:da:f0:a1:97:66:f6:
                    cd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B6:36:90:33:51:33:D2:C7:2B:40:BE:32:A5:7D:5C:02:97:C8:2D
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:c0:cb:1c:cc:d4:05:c1:08:be:3b:0e:91:0e:29:89:2e:04:
         d1:88:71:ac:3f:cb:c6:53:6c:99:1d:3d:39:7a:17:1a:4d:a4:
         e0:f6:27:38:f9:9d:69:ce:52:c1:ae:e1:7e:f1:b0:17:bd:fc:
         d4:f1:ab:90:d2:74:ab:f9:68:30:46:8a:01:a8:0c:d7:c5:67:
         c0:d8:fd:be:90:9a:6a:45:c2:e6:e9:42:63:8b:20:20:2d:ba:
         e0:e1:de:80:07:d5:58:2f:a7:a1:55:4b:aa:0b:1c:e5:e5:54:
         3b:b2:d7:f0:d2:d3:4c:40:c4:8e:28:d3:8e:c3:fa:c1:de:cd:
         7a:cf:93:e2:62:b3:18:8f:5c:83:42:7a:95:c2:56:d0:fd:7e:
         e1:50:fc:66:f9:7f:d7:0d:25:87:38:1b:4d:69:cf:43:19:e8:
         50:85:95:ef:d5:92:d8:a2:e4:8c:25:a7:a1:60:45:ab:db:0c:
         92:09:14:6a:97:40:a0:84:17:88:11:58:43:0f:84:38:16:83:
         51:ad:10:3c:41:17:ec:6f:11:20:08:42:d8:b6:90:fb:ec:7a:
         6e:71:43:ca:25:4a:86:b3:99:53:94:47:08:19:6a:3e:de:9b:
         00:9b:98:20:8d:dd:53:8b:4b:b4:d7:f4:2f:b1:15:98:1b:8c:
         6b:c3:ac:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6jY157eaRmt2K1DGP2lh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjUwNDI4MDQwMDE5WhcNMjUwNDI5MDQwMDE5WjAzMTEwLwYDVQQD
Eyg3OWI2MzY5MDMzNTEzM2QyYzcyYjQwYmUzMmE1N2Q1YzAyOTdjODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ELVKeot24wTnMsdfl4LuHsMsBbw
FYLIB7hjQzNIRCcRhSBL5IoEg3dQngLCFFITBxeLcZs7mp2hItXHcOkq4HR604uk
xaocTtJFesOCjAXx/hF0kiq5+Yu/PUogPpwNRp1kjum5sOcQmlnFXxy5wAJh5LqW
1wWe3jKL0n0THktqmxxe44tpYO/qzIdBZc2o8qhX4MfZ+Hdc0Cl11lC5WD6kN8VX
XgLuJkUby9uDCl9Uyhois7KUR+ZXdqLj3hEtZqR18VWP0guZuPienYyD0GgfToxG
AVMuUUgofIqbG/+G7vv0JRd5mzFn2IYQnmL+syVyBMpmq+La8KGXZvbNhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHm2NpAzUTPSxytAvjKlfVwCl8gtMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasDLHMzU
BcEIvjsOkQ4piS4E0YhxrD/LxlNsmR09OXoXGk2k4PYnOPmdac5Swa7hfvGwF738
1PGrkNJ0q/loMEaKAagM18VnwNj9vpCaakXC5ulCY4sgIC264OHegAfVWC+noVVL
qgsc5eVUO7LX8NLTTEDEjijTjsP6wd7Nes+T4mKzGI9cg0J6lcJW0P1+4VD8Zvl/
1w0lhzgbTWnPQxnoUIWV79WS2KLkjCWnoWBFq9sMkgkUapdAoIQXiBFYQw+EOBaD
Ua0QPEEX7G8RIAhC2LaQ++x6bnFDyiVKhrOZU5RHCBlqPt6bAJuYII3dU4tLtNf0
L7EVmBuMa8OsHg==
-----END CERTIFICATE-----