Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          8H9uEyMqx6C0Op9INnp89XLpgw1sihvVqChzBOH4CGw=
Subject key identifier:   09:FB:88:94:11:BD:35:13:5E:40:88:BD:92:7E:F3:25:AE:CC:40:74
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       0196771ED9E5E5B877B46413E57E390BA93A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          045B
Signing time:             Sun 27 Apr 2025 12:00:32 +0000
Manifest this update:     Sun 27 Apr 2025 12:00:32 +0000
Manifest next update:     Mon 28 Apr 2025 12:00:32 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: I6dGoK2Mhoq9LKJamk1Aqe4bN6QTvaJjEli27jY9haA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:1e:d9:e5:e5:b8:77:b4:64:13:e5:7e:39:0b:a9:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Apr 27 12:00:32 2025 GMT
            Not After : Apr 28 12:00:32 2025 GMT
        Subject: CN=09fb889411bd35135e4088bd927ef325aecc4074
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:bd:e1:41:f0:68:1b:2f:44:93:0c:31:94:89:
                    b2:9f:92:df:73:cb:90:b9:5c:1d:96:e5:18:ea:2e:
                    37:4e:4f:f8:9f:c5:e3:9e:38:e1:d9:0b:0b:5f:5d:
                    e4:92:ed:9f:80:f7:ed:ed:65:7a:6d:55:e2:1a:ff:
                    c6:f1:cb:fb:1d:eb:50:47:1d:60:87:ed:ce:73:76:
                    a6:2e:72:94:1d:9d:8e:0c:16:53:7f:b4:53:9c:7e:
                    dc:0b:4e:f6:23:05:cf:c1:ea:74:b3:57:b7:a0:ba:
                    93:de:ae:0a:c0:8d:b7:e3:ac:7d:20:d1:d6:ed:64:
                    28:f2:73:4d:73:e5:a5:70:56:2e:16:c4:b6:54:db:
                    6b:7f:a0:e3:c5:14:c8:75:30:4b:22:ef:23:96:27:
                    f6:fb:0c:db:2a:e5:05:ee:eb:b8:89:fa:57:eb:be:
                    79:8f:f3:7c:38:bb:7c:d9:92:13:16:b1:cc:39:25:
                    49:2b:c7:13:6e:6c:2f:f4:e5:f4:93:cd:8e:2e:28:
                    e0:c3:9f:63:33:63:c7:a3:f9:3c:2e:93:58:b4:5d:
                    b7:aa:e8:93:5c:53:05:0a:b9:42:06:c5:9a:d6:85:
                    6b:5c:7f:e8:a4:fa:14:01:12:cd:52:20:2f:4e:22:
                    02:b8:ca:48:fb:00:14:3b:b1:56:e4:8e:b0:ae:59:
                    63:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:FB:88:94:11:BD:35:13:5E:40:88:BD:92:7E:F3:25:AE:CC:40:74
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:ee:56:4a:3f:60:c9:11:7d:7c:06:a5:91:cf:f8:22:d1:fb:
         ca:c4:ed:cb:0b:f9:4f:c0:1b:9c:14:c8:f6:b4:6c:a1:98:ad:
         6f:cc:40:4f:5e:56:f7:4c:45:36:7a:9a:48:2c:43:a1:4d:21:
         27:2a:94:d6:46:98:bf:20:49:e2:3e:f2:f4:4d:74:b3:6b:5a:
         30:75:d8:6d:5f:04:c9:e9:17:7a:6f:51:5b:9e:45:c8:42:da:
         27:70:99:83:b3:52:2b:3d:3b:90:83:49:4e:b5:62:73:bc:04:
         6b:0e:65:8e:bf:1e:47:55:30:9c:68:86:8d:ab:53:9e:6a:94:
         48:29:94:a4:63:ef:d1:95:1c:b5:43:b6:11:27:de:d5:4c:70:
         55:f3:fc:52:32:39:96:c8:a0:1b:6f:3e:db:21:76:09:b0:5e:
         03:92:48:bc:73:9f:ac:09:18:cf:c4:cf:8b:3c:dd:97:53:72:
         ec:59:dd:83:1c:c2:17:d8:40:b7:4d:57:10:0e:0f:99:e3:4e:
         cd:78:43:8b:c3:bc:74:5c:07:38:e5:29:ee:22:42:10:42:2f:
         20:79:e7:76:bc:9d:81:eb:86:d6:88:69:2e:bb:b0:b7:e1:63:
         ad:a3:c0:0d:67:99:7e:e1:b3:44:dc:3d:1b:47:f3:51:98:cf:
         3d:2a:fc:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3Htnl5bh3tGQT5X45C6k6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUwNDI3MTIwMDMyWhcNMjUwNDI4MTIwMDMyWjAzMTEwLwYDVQQD
EygwOWZiODg5NDExYmQzNTEzNWU0MDg4YmQ5MjdlZjMyNWFlY2M0MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb3hQfBoGy9EkwwxlImyn5Lfc8uQ
uVwdluUY6i43Tk/4n8Xjnjjh2QsLX13kku2fgPft7WV6bVXiGv/G8cv7HetQRx1g
h+3Oc3amLnKUHZ2ODBZTf7RTnH7cC072IwXPwep0s1e3oLqT3q4KwI2346x9INHW
7WQo8nNNc+WlcFYuFsS2VNtrf6DjxRTIdTBLIu8jlif2+wzbKuUF7uu4ifpX6755
j/N8OLt82ZITFrHMOSVJK8cTbmwv9OX0k82OLijgw59jM2PHo/k8LpNYtF23quiT
XFMFCrlCBsWa1oVrXH/opPoUARLNUiAvTiICuMpI+wAUO7FW5I6wrlljuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAn7iJQRvTUTXkCIvZJ+8yWuzEB0MB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAau5WSj9g
yRF9fAalkc/4ItH7ysTtywv5T8AbnBTI9rRsoZitb8xAT15W90xFNnqaSCxDoU0h
JyqU1kaYvyBJ4j7y9E10s2taMHXYbV8EyekXem9RW55FyELaJ3CZg7NSKz07kINJ
TrVic7wEaw5ljr8eR1UwnGiGjatTnmqUSCmUpGPv0ZUctUO2ESfe1UxwVfP8UjI5
lsigG28+2yF2CbBeA5JIvHOfrAkYz8TPizzdl1Ny7FndgxzCF9hAt01XEA4PmeNO
zXhDi8O8dFwHOOUp7iJCEEIvIHnndrydgeuG1ohpLruwt+FjraPADWeZfuGzRNw9
G0fzUZjPPSr8eg==
-----END CERTIFICATE-----