Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
File:                     Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft (raw, json)
Hash identifier:          D6EZ1VJbbJ0q80bdfF8TXIhpu+1bS5xh24G8yIXsdtQ=
Subject key identifier:   74:D7:ED:22:51:09:FA:BA:39:F2:A7:FA:A8:D2:64:66:39:EF:B8:CF
Authority key identifier: 1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42
Certificate issuer:       /CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
Certificate serial:       01965492AC5EAB9BDB018599540C94C5ED25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
Manifest number:          1410
Signing time:             Sun 20 Apr 2025 19:00:20 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:20 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:20 +0000
Files and hashes:         1: Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl (hash: jkbNxzRK2OqXzhFNwId2GrqKFj6keJ1A+wD62APuuac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:92:ac:5e:ab:9b:db:01:85:99:54:0c:94:c5:ed:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
        Validity
            Not Before: Apr 20 19:00:20 2025 GMT
            Not After : Apr 21 19:00:20 2025 GMT
        Subject: CN=74d7ed225109faba39f2a7faa8d2646639efb8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:65:e8:57:2e:c0:5b:e3:d0:90:b2:07:bb:c4:
                    ea:a8:75:32:76:6f:b8:98:a0:28:aa:9a:6a:38:4d:
                    2f:96:02:ca:fc:26:72:67:73:16:3a:81:c6:d9:3c:
                    92:27:18:41:82:95:b0:2c:dc:69:a4:40:42:6d:b8:
                    68:8a:c1:79:d9:84:11:d8:33:43:50:35:7f:e1:cf:
                    1a:0f:63:41:b6:62:e1:27:e2:c8:65:b9:21:93:5b:
                    23:00:a4:4c:ff:e1:be:34:e6:e8:50:fc:8d:25:d5:
                    a3:89:b8:09:b2:7e:d9:41:8a:a6:c8:3b:c9:14:67:
                    f2:35:0f:0d:1c:ca:f8:32:98:53:c7:cd:d4:23:ed:
                    b1:00:08:64:15:86:08:a0:ec:ff:82:33:ef:67:22:
                    cc:5e:ee:dd:ba:26:51:e9:de:2a:90:b6:08:ee:63:
                    85:fa:3e:44:3b:ab:f1:4d:cf:4b:1a:7f:b1:61:70:
                    5f:67:93:aa:9b:46:d1:07:14:77:b7:ff:e6:85:40:
                    4f:c1:98:e3:0e:d6:c1:62:d0:01:25:c8:d3:4f:17:
                    8b:2a:45:ee:b4:c1:17:f8:2c:a2:ad:c0:01:d1:5c:
                    a7:ed:08:73:c6:9b:22:91:9e:18:c7:ed:39:c2:fe:
                    9d:21:b6:61:5f:f0:8a:f4:7d:12:f6:7c:b5:2a:4f:
                    f2:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D7:ED:22:51:09:FA:BA:39:F2:A7:FA:A8:D2:64:66:39:EF:B8:CF
            X509v3 Authority Key Identifier:
                keyid:1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:73:a7:84:46:1f:12:2e:4a:a3:94:0a:cb:ad:e9:30:6c:a7:
         c3:0b:74:1a:c6:bd:5f:1a:af:ad:6d:6a:e5:03:4d:8d:a4:c4:
         c2:d2:ac:a5:a3:f6:52:8b:1f:a2:38:75:7a:14:4b:c7:fa:97:
         88:b4:f9:75:1e:85:7e:1e:cc:a3:89:f3:a1:db:8a:8a:e4:a7:
         94:9f:f2:4c:ec:f5:d4:64:bb:ba:a6:62:38:68:24:a8:87:69:
         91:3a:46:0d:c9:e8:c8:13:c9:5b:50:02:93:73:47:07:2f:72:
         84:3e:2a:92:84:1c:3d:47:09:ef:ed:cb:6e:cb:89:e8:95:83:
         fd:0e:cf:6e:b7:19:2b:5a:0e:41:36:66:b6:29:48:8b:43:61:
         38:68:2a:0e:ff:a1:bf:e6:bc:11:f5:cf:e1:b7:05:c8:87:62:
         18:5f:41:11:47:55:84:db:1c:e9:3f:9b:a2:fe:80:15:25:95:
         ae:08:b4:17:cf:cd:c0:88:6f:59:ff:26:6e:8e:95:e6:02:24:
         a9:78:8f:49:46:46:b3:20:5d:f3:5d:c5:4a:c8:cf:73:31:55:
         95:da:2b:52:3e:32:84:fe:4a:c8:5e:65:eb:21:16:d9:00:a5:
         41:f8:46:2a:8a:af:39:09:d7:c8:76:f1:cf:ba:24:73:0b:bf:
         af:71:53:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkqxeq5vbAYWZVAyUxe0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZGMzYTk3ZjFjY2FlZjdmMTA4Njk5MWNmN2IxMGE0MTBj
ZTE5NDIwHhcNMjUwNDIwMTkwMDIwWhcNMjUwNDIxMTkwMDIwWjAzMTEwLwYDVQQD
Eyg3NGQ3ZWQyMjUxMDlmYWJhMzlmMmE3ZmFhOGQyNjQ2NjM5ZWZiOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2XoVy7AW+PQkLIHu8TqqHUydm+4
mKAoqppqOE0vlgLK/CZyZ3MWOoHG2TySJxhBgpWwLNxppEBCbbhoisF52YQR2DND
UDV/4c8aD2NBtmLhJ+LIZbkhk1sjAKRM/+G+NOboUPyNJdWjibgJsn7ZQYqmyDvJ
FGfyNQ8NHMr4MphTx83UI+2xAAhkFYYIoOz/gjPvZyLMXu7duiZR6d4qkLYI7mOF
+j5EO6vxTc9LGn+xYXBfZ5Oqm0bRBxR3t//mhUBPwZjjDtbBYtABJcjTTxeLKkXu
tMEX+CyircAB0Vyn7QhzxpsikZ4Yx+05wv6dIbZhX/CK9H0S9ny1Kk/yFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTX7SJRCfq6OfKn+qjSZGY577jPMB8GA1UdIwQY
MBaAFB7cOpfxzK738Qhpkc97EKQQzhlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzIt
NjEyNjUxYWUzZWIzLzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzItNjEyNjUxYWUzZWIz
LzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXOnhEYf
Ei5Ko5QKy63pMGynwwt0Gsa9XxqvrW1q5QNNjaTEwtKspaP2Uosfojh1ehRLx/qX
iLT5dR6Ffh7Mo4nzoduKiuSnlJ/yTOz11GS7uqZiOGgkqIdpkTpGDcnoyBPJW1AC
k3NHBy9yhD4qkoQcPUcJ7+3LbsuJ6JWD/Q7PbrcZK1oOQTZmtilIi0NhOGgqDv+h
v+a8EfXP4bcFyIdiGF9BEUdVhNsc6T+bov6AFSWVrgi0F8/NwIhvWf8mbo6V5gIk
qXiPSUZGsyBd813FSsjPczFVldorUj4yhP5KyF5l6yEW2QClQfhGKoqvOQnXyHbx
z7okcwu/r3FTvQ==
-----END CERTIFICATE-----