Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          DstgecxNYkXKqrm/tuPzZ+FcXtoF/x/RtY69R+kXYGk=
Subject key identifier:   41:4C:54:A2:3C:99:4B:13:2D:8C:7B:52:E9:4A:A6:CB:AD:CF:22:58
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       0196748B8A3E2577BF1695D393CB95A6DDE9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          09F5
Signing time:             Sun 27 Apr 2025 00:00:24 +0000
Manifest this update:     Sun 27 Apr 2025 00:00:24 +0000
Manifest next update:     Mon 28 Apr 2025 00:00:24 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: KZ5K2DLeCMNpykmiJf949vfCJAccXffhU9v+T6ly7Q0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:74:8b:8a:3e:25:77:bf:16:95:d3:93:cb:95:a6:dd:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Apr 27 00:00:24 2025 GMT
            Not After : Apr 28 00:00:24 2025 GMT
        Subject: CN=414c54a23c994b132d8c7b52e94aa6cbadcf2258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:54:eb:45:51:2f:0c:70:5a:0c:64:14:98:5a:
                    56:2f:fc:0a:af:0c:48:f8:71:76:b5:36:56:c1:f2:
                    f1:bc:2c:78:a4:6b:81:fa:b1:c0:83:d5:2a:9a:8d:
                    8d:9a:69:15:75:db:e8:f7:5a:80:19:75:73:03:51:
                    50:4a:31:ec:37:9d:68:b0:cc:fe:3a:52:d8:71:e5:
                    7f:5d:ce:3a:7d:95:6a:53:9a:d2:5e:7e:ba:7e:59:
                    79:12:e1:c4:73:a9:f5:e2:25:11:83:aa:4a:fc:55:
                    c4:59:f6:e7:e0:c9:cc:5c:28:85:0c:1b:63:cf:c7:
                    7d:96:90:08:a4:f1:eb:06:a9:ae:b9:c9:aa:75:b7:
                    8f:50:dd:83:15:e6:da:7a:ed:ee:70:fe:ce:10:12:
                    86:7a:ad:b4:58:f8:3c:ad:5c:ba:13:da:b7:6f:20:
                    9e:11:93:3c:25:40:87:db:46:58:32:7d:ca:ec:77:
                    93:1f:30:32:f8:cf:f4:36:14:bf:d9:e4:1a:49:f1:
                    4b:4a:2b:07:63:d2:29:15:0b:6e:63:33:0b:96:2e:
                    d8:89:c1:69:29:f4:40:bb:ca:a6:74:f5:01:84:62:
                    69:4a:42:bb:84:f7:80:1c:71:66:e6:6d:cd:f5:04:
                    65:f2:24:17:56:eb:ec:a1:2c:10:92:3e:2d:ed:f5:
                    08:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4C:54:A2:3C:99:4B:13:2D:8C:7B:52:E9:4A:A6:CB:AD:CF:22:58
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:2a:ab:87:43:dd:3f:91:6c:27:5b:03:31:ea:d5:37:e4:74:
         01:cf:97:16:b4:0c:dc:3a:4e:0d:5b:4e:36:c8:55:c2:88:df:
         50:0d:1b:70:4c:ea:3e:4d:62:cb:6d:9a:02:21:d7:d2:a6:0d:
         1e:c9:ce:b1:1f:23:a5:a7:2f:54:1b:26:00:d6:70:1c:bf:09:
         56:1c:d3:fe:30:43:b4:43:0c:88:65:c7:87:71:94:1a:45:57:
         98:bb:9c:1e:1e:55:78:3f:19:2a:ea:b1:18:a1:e8:58:b3:ff:
         83:96:5e:fd:3b:33:44:4a:2f:b6:63:1b:98:85:d2:8c:06:c2:
         fc:8b:73:9a:7c:0e:32:55:41:39:72:8a:47:dc:45:59:48:6b:
         ab:26:c7:44:c3:13:1b:c7:e2:fc:d2:dc:df:12:8e:2e:c5:8b:
         a0:84:1a:df:b8:e7:a3:2d:12:8c:00:c6:b8:2d:01:e4:66:df:
         8a:5b:c2:a5:1b:80:d9:23:e4:da:2e:13:87:83:1f:8a:2b:48:
         a7:29:eb:34:e8:70:e8:78:4e:b9:a9:5a:68:7f:d2:65:5e:8e:
         c4:3c:d5:81:42:19:88:dc:63:f1:8b:b8:12:c5:a0:b0:78:2e:
         74:2a:ce:bf:04:41:e5:5e:0a:f3:8c:ae:a3:97:c3:0f:a6:b3:
         eb:a6:f8:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ0i4o+JXe/FpXTk8uVpt3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjUwNDI3MDAwMDI0WhcNMjUwNDI4MDAwMDI0WjAzMTEwLwYDVQQD
Eyg0MTRjNTRhMjNjOTk0YjEzMmQ4YzdiNTJlOTRhYTZjYmFkY2YyMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplTrRVEvDHBaDGQUmFpWL/wKrwxI
+HF2tTZWwfLxvCx4pGuB+rHAg9Uqmo2NmmkVddvo91qAGXVzA1FQSjHsN51osMz+
OlLYceV/Xc46fZVqU5rSXn66fll5EuHEc6n14iURg6pK/FXEWfbn4MnMXCiFDBtj
z8d9lpAIpPHrBqmuucmqdbePUN2DFebaeu3ucP7OEBKGeq20WPg8rVy6E9q3byCe
EZM8JUCH20ZYMn3K7HeTHzAy+M/0NhS/2eQaSfFLSisHY9IpFQtuYzMLli7YicFp
KfRAu8qmdPUBhGJpSkK7hPeAHHFm5m3N9QRl8iQXVuvsoSwQkj4t7fUIsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFMVKI8mUsTLYx7UulKpsutzyJYMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArSqrh0Pd
P5FsJ1sDMerVN+R0Ac+XFrQM3DpODVtONshVwojfUA0bcEzqPk1iy22aAiHX0qYN
HsnOsR8jpacvVBsmANZwHL8JVhzT/jBDtEMMiGXHh3GUGkVXmLucHh5VeD8ZKuqx
GKHoWLP/g5Ze/TszREovtmMbmIXSjAbC/ItzmnwOMlVBOXKKR9xFWUhrqybHRMMT
G8fi/NLc3xKOLsWLoIQa37jnoy0SjADGuC0B5GbfilvCpRuA2SPk2i4Th4MfiitI
pynrNOhw6HhOualaaH/SZV6OxDzVgUIZiNxj8Yu4EsWgsHgudCrOvwRB5V4K84yu
o5fDD6az66b4Kg==
-----END CERTIFICATE-----