Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          KNt6gaJ8sWCFBgIkbEGrS90ElHmLfo89PY0TSI7xQpg=
Subject key identifier:   A5:F0:AE:D9:F8:25:FF:B9:CC:5C:11:7B:6F:5F:FF:DF:CA:44:00:BC
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       01964EC7E96B4A23E60966827E5A1637BD95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          0330
Signing time:             Sat 19 Apr 2025 16:00:46 +0000
Manifest this update:     Sat 19 Apr 2025 16:00:46 +0000
Manifest next update:     Sun 20 Apr 2025 16:00:46 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: VNimLBfpEsbGBJr961Tf+341x1Xd4I7oU3H0tBJI7G8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4e:c7:e9:6b:4a:23:e6:09:66:82:7e:5a:16:37:bd:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Apr 19 16:00:46 2025 GMT
            Not After : Apr 20 16:00:46 2025 GMT
        Subject: CN=a5f0aed9f825ffb9cc5c117b6f5fffdfca4400bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:40:0e:a2:a7:cd:e3:6c:84:36:2b:c1:a3:9e:
                    87:28:f1:a8:aa:86:e8:9a:7c:a7:ed:43:e7:e8:23:
                    bd:d4:76:5f:10:ab:51:eb:de:08:a2:e0:e4:2f:da:
                    b5:0f:9d:e5:29:85:38:7d:55:90:a5:e5:98:3f:1b:
                    16:21:6f:cc:16:bb:4c:9c:b1:76:fb:b4:69:a9:b1:
                    98:c8:5e:bd:87:4e:4f:34:6f:73:6b:04:77:9d:54:
                    e1:c8:44:fd:1a:9b:1b:a5:fa:36:7f:2d:9e:19:a8:
                    33:5b:5c:b8:79:87:33:72:6b:46:7e:e3:33:5f:e9:
                    38:4c:a5:b7:82:42:26:da:d2:0d:04:0e:aa:d2:1f:
                    86:0a:3d:c6:07:b2:90:0e:b4:63:49:cf:cf:ef:9a:
                    c9:cf:d1:81:20:6e:bf:61:de:72:0a:d9:0b:74:f0:
                    cb:4a:70:bb:59:8a:9e:53:39:ce:e8:35:ee:63:cb:
                    b0:60:50:57:a6:76:a8:9a:b5:30:cc:41:53:aa:5b:
                    9f:77:07:43:3c:19:df:3a:8a:d3:aa:33:1c:72:6d:
                    7b:ff:d4:83:f8:38:75:0e:80:d3:78:59:e4:5d:55:
                    fc:7d:07:33:74:90:55:ee:19:76:20:c3:4b:c2:14:
                    36:b7:49:84:3a:f6:cf:be:eb:0c:a0:78:23:be:b1:
                    20:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:F0:AE:D9:F8:25:FF:B9:CC:5C:11:7B:6F:5F:FF:DF:CA:44:00:BC
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:11:75:48:b7:42:44:5a:e8:35:7c:42:2f:83:9a:6d:00:f4:
         36:35:c4:37:cd:35:36:85:83:4d:7d:d5:b5:a2:b4:15:5f:2c:
         23:70:3d:dd:22:45:73:28:93:c7:54:51:cc:fe:03:45:50:09:
         9b:8f:76:01:9f:6e:fd:91:63:b0:d4:7b:df:e6:c9:99:0e:ad:
         f8:7e:5e:e7:ee:ec:ea:c0:4e:0b:87:2a:ff:bc:ab:2e:03:ed:
         0f:2e:11:c9:5c:71:34:6f:41:1a:70:1b:9b:3d:1b:52:16:30:
         52:78:c8:77:5f:ce:99:c2:09:1e:14:17:6f:d0:c3:82:84:4e:
         69:01:58:8c:5b:1d:f5:24:74:a6:a7:f5:3a:de:8f:de:a6:66:
         79:28:c1:75:71:76:8d:c7:98:e7:be:25:ef:ee:d3:0f:cb:21:
         d4:ff:54:a2:80:b7:c1:5f:bf:64:d2:39:4b:46:d1:cd:ee:76:
         dc:ba:43:1f:84:84:5c:5a:dc:40:4d:70:7e:e5:f7:71:58:cf:
         d9:bb:b2:67:63:c8:ff:6f:1f:17:3b:f9:f9:4e:2c:b8:42:43:
         bc:e2:3d:c3:27:5d:54:aa:e2:63:10:61:e8:69:6c:ac:5a:a3:
         71:21:55:88:2a:b9:ae:c7:1b:25:dd:64:36:b0:8c:34:d8:c3:
         2c:51:00:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZOx+lrSiPmCWaCfloWN72VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwNDE5MTYwMDQ2WhcNMjUwNDIwMTYwMDQ2WjAzMTEwLwYDVQQD
EyhhNWYwYWVkOWY4MjVmZmI5Y2M1YzExN2I2ZjVmZmZkZmNhNDQwMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90AOoqfN42yENivBo56HKPGoqobo
mnyn7UPn6CO91HZfEKtR694IouDkL9q1D53lKYU4fVWQpeWYPxsWIW/MFrtMnLF2
+7RpqbGYyF69h05PNG9zawR3nVThyET9Gpsbpfo2fy2eGagzW1y4eYczcmtGfuMz
X+k4TKW3gkIm2tINBA6q0h+GCj3GB7KQDrRjSc/P75rJz9GBIG6/Yd5yCtkLdPDL
SnC7WYqeUznO6DXuY8uwYFBXpnaomrUwzEFTqlufdwdDPBnfOorTqjMccm17/9SD
+Dh1DoDTeFnkXVX8fQczdJBV7hl2IMNLwhQ2t0mEOvbPvusMoHgjvrEgVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXwrtn4Jf+5zFwRe29f/9/KRAC8MB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnRF1SLdC
RFroNXxCL4OabQD0NjXEN801NoWDTX3VtaK0FV8sI3A93SJFcyiTx1RRzP4DRVAJ
m492AZ9u/ZFjsNR73+bJmQ6t+H5e5+7s6sBOC4cq/7yrLgPtDy4RyVxxNG9BGnAb
mz0bUhYwUnjId1/OmcIJHhQXb9DDgoROaQFYjFsd9SR0pqf1Ot6P3qZmeSjBdXF2
jceY574l7+7TD8sh1P9UooC3wV+/ZNI5S0bRze523LpDH4SEXFrcQE1wfuX3cVjP
2buyZ2PI/28fFzv5+U4suEJDvOI9wyddVKriYxBh6GlsrFqjcSFViCq5rscbJd1k
NrCMNNjDLFEApg==
-----END CERTIFICATE-----