Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          KC6YJj4p023NRVVtyfexMDF173Y7tVKmUQ5zFYHz370=
Subject key identifier:   C4:53:8A:57:69:A0:03:C1:9A:14:18:97:F7:3F:98:91:AC:F2:02:BB
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       019683FF2D7849DB892F29B02125EEC94A3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          112D
Signing time:             Wed 30 Apr 2025 00:01:00 +0000
Manifest this update:     Wed 30 Apr 2025 00:01:00 +0000
Manifest next update:     Thu 01 May 2025 00:01:00 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: rEWbRfMyM12FGHLaK/C5vXgA8WhUPEO0Oy3r5w0Z87Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:83:ff:2d:78:49:db:89:2f:29:b0:21:25:ee:c9:4a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Apr 30 00:01:00 2025 GMT
            Not After : May  1 00:01:00 2025 GMT
        Subject: CN=c4538a5769a003c19a141897f73f9891acf202bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6c:4c:30:8c:56:a2:0c:62:76:e0:57:e2:34:
                    22:62:b7:55:84:55:8c:eb:7f:0f:ae:9c:55:8c:9d:
                    ae:e6:21:0e:f3:d5:83:4e:5b:3e:50:3c:a5:eb:1c:
                    bf:e1:32:25:74:68:c5:29:72:0e:30:70:6e:2e:ab:
                    03:7a:96:80:bd:dd:65:e3:b5:32:c9:3b:0e:29:77:
                    88:1a:d1:79:0a:aa:75:71:da:93:40:3f:23:e0:1b:
                    f6:e0:26:1e:8d:6e:65:2d:eb:16:b5:65:25:93:4c:
                    4d:df:5f:85:49:07:fb:a7:c1:11:0b:d5:86:b2:f1:
                    b2:24:5b:04:be:ce:09:57:72:52:f0:f8:46:c9:7b:
                    cc:4d:1f:93:51:a4:42:19:8f:0d:75:51:f0:ca:46:
                    cf:1c:77:b8:cc:59:03:16:cf:14:98:0b:2a:97:a9:
                    70:44:73:d0:bd:27:5e:49:b5:da:16:72:d7:6f:a2:
                    e6:6e:e1:d5:ea:88:67:f5:f6:ca:f4:49:24:c7:47:
                    1a:6c:5f:9f:46:ea:2c:4d:14:b4:54:43:84:de:19:
                    c2:d8:b5:54:0a:49:4f:42:c0:fc:d2:1a:ea:e6:f6:
                    66:8a:da:7e:f3:57:da:7f:cf:75:84:cd:ca:9c:3f:
                    6f:71:73:bc:d1:a0:32:e5:5c:f1:42:30:9f:fa:d5:
                    6e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:53:8A:57:69:A0:03:C1:9A:14:18:97:F7:3F:98:91:AC:F2:02:BB
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:cc:7a:3d:96:c4:9a:05:89:e4:f3:4c:02:6b:74:32:24:7d:
         0b:d3:f6:2c:23:c3:98:92:58:5b:8a:5f:d5:53:c4:1c:61:40:
         74:0a:56:38:00:23:c0:38:55:be:ed:1b:2c:55:00:a5:5a:01:
         04:50:83:e6:43:dd:de:42:6b:ec:05:aa:d9:74:12:bb:22:ab:
         ed:b9:d7:67:e7:f1:47:8e:35:e6:83:43:f8:20:2b:75:30:d6:
         62:77:7f:95:36:c9:84:10:ac:bf:93:e7:1b:7f:8a:4c:aa:7f:
         46:ab:26:64:00:4f:4d:75:e3:f0:33:75:ab:ac:86:71:7d:d3:
         94:7b:a3:43:a2:0b:cd:b9:24:8b:8f:99:6b:e0:74:8e:7e:b6:
         60:d0:4a:c6:43:1b:49:8c:22:7e:70:7a:41:5c:90:a3:6a:1c:
         f3:74:32:93:47:ea:57:31:51:07:59:f1:c0:42:77:5a:7f:46:
         01:6e:34:75:f0:e6:5c:f7:64:eb:61:aa:42:d4:6f:1d:ec:26:
         cf:0a:f3:2e:a6:b4:ec:a3:0a:ab:60:de:95:bd:ab:29:5d:56:
         3b:e7:0e:1c:fc:c2:37:63:72:28:59:47:59:12:e9:88:bc:50:
         05:5c:61:ff:10:3c:9f:63:14:76:7e:20:11:13:2a:51:61:04:
         44:a7:6e:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaD/y14SduJLymwISXuyUo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUwNDMwMDAwMTAwWhcNMjUwNTAxMDAwMTAwWjAzMTEwLwYDVQQD
EyhjNDUzOGE1NzY5YTAwM2MxOWExNDE4OTdmNzNmOTg5MWFjZjIwMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWxMMIxWogxiduBX4jQiYrdVhFWM
638PrpxVjJ2u5iEO89WDTls+UDyl6xy/4TIldGjFKXIOMHBuLqsDepaAvd1l47Uy
yTsOKXeIGtF5Cqp1cdqTQD8j4Bv24CYejW5lLesWtWUlk0xN31+FSQf7p8ERC9WG
svGyJFsEvs4JV3JS8PhGyXvMTR+TUaRCGY8NdVHwykbPHHe4zFkDFs8UmAsql6lw
RHPQvSdeSbXaFnLXb6LmbuHV6ohn9fbK9Ekkx0cabF+fRuosTRS0VEOE3hnC2LVU
CklPQsD80hrq5vZmitp+81faf891hM3KnD9vcXO80aAy5VzxQjCf+tVu+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMRTildpoAPBmhQYl/c/mJGs8gK7MB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp8x6PZbE
mgWJ5PNMAmt0MiR9C9P2LCPDmJJYW4pf1VPEHGFAdApWOAAjwDhVvu0bLFUApVoB
BFCD5kPd3kJr7AWq2XQSuyKr7bnXZ+fxR4415oND+CArdTDWYnd/lTbJhBCsv5Pn
G3+KTKp/RqsmZABPTXXj8DN1q6yGcX3TlHujQ6ILzbkki4+Za+B0jn62YNBKxkMb
SYwifnB6QVyQo2oc83Qyk0fqVzFRB1nxwEJ3Wn9GAW40dfDmXPdk62GqQtRvHewm
zwrzLqa07KMKq2Delb2rKV1WO+cOHPzCN2NyKFlHWRLpiLxQBVxh/xA8n2MUdn4g
ERMqUWEERKdu5Q==
-----END CERTIFICATE-----