Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
File:                     HGce_RKBEUKXWJ51k6fgUFTZJVs.mft (raw, json)
Hash identifier:          z8W34Pg8BAe30rtd3UZ+E36fHOTz/UN38bU8vjZrKnM=
Subject key identifier:   05:31:B5:F5:7D:CD:B9:CA:35:B8:86:75:6C:33:79:BB:77:CE:C6:AC
Authority key identifier: 1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B
Certificate issuer:       /CN=1c671efd1281114297589e7593a7e05054d9255b
Certificate serial:       01965493287D16AE23C00CA6E5F09280FF1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
Manifest number:          0FFD
Signing time:             Sun 20 Apr 2025 19:00:52 +0000
Manifest this update:     Sun 20 Apr 2025 19:00:52 +0000
Manifest next update:     Mon 21 Apr 2025 19:00:52 +0000
Files and hashes:         1: HGce_RKBEUKXWJ51k6fgUFTZJVs.crl (hash: bHsQnIvXm3IzxwFiCodxKExgQh56zEIvTbrBCn8EZDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 19:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:93:28:7d:16:ae:23:c0:0c:a6:e5:f0:92:80:ff:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c671efd1281114297589e7593a7e05054d9255b
        Validity
            Not Before: Apr 20 19:00:52 2025 GMT
            Not After : Apr 21 19:00:52 2025 GMT
        Subject: CN=0531b5f57dcdb9ca35b886756c3379bb77cec6ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d4:10:7e:aa:e1:8b:27:90:b0:e5:03:cb:8c:
                    96:db:be:d4:1c:b0:84:50:1e:93:a4:19:f7:48:9f:
                    70:1a:b9:3a:d5:c2:88:29:9e:28:24:4a:31:68:7d:
                    4e:f8:8c:38:0f:71:5a:b5:26:7a:a9:9c:d2:f1:86:
                    e6:5b:6d:78:ab:a0:25:6d:ca:f1:ba:cc:49:2c:4c:
                    24:c4:72:fc:19:5e:4e:32:cc:00:09:04:3b:ce:37:
                    72:15:7c:55:a4:2a:7e:ad:2f:db:a5:e0:ea:7c:11:
                    c2:e1:3e:d9:63:42:3d:95:26:3c:76:2d:40:86:cb:
                    d8:7e:c8:ae:7b:3b:e5:91:79:09:66:62:fd:76:85:
                    3d:32:eb:40:db:d0:7c:1e:1a:d6:5c:86:79:06:93:
                    00:bc:54:93:00:96:c9:c2:58:32:7d:49:31:b9:8a:
                    2a:7a:ff:38:1e:b8:81:bd:1e:ac:da:84:a6:79:e8:
                    f8:9f:43:88:7d:80:10:28:1b:10:bd:9a:30:2c:26:
                    18:e3:db:92:79:25:df:26:36:8b:a6:2a:da:e6:21:
                    2e:ac:b3:d5:ef:05:d2:fe:ef:03:79:f2:e9:24:6b:
                    84:43:a6:f4:dc:bf:6d:ef:9f:cd:68:6f:5a:44:d7:
                    95:e2:e9:0d:79:4c:15:d1:a6:f0:f9:6d:e5:65:37:
                    f9:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:31:B5:F5:7D:CD:B9:CA:35:B8:86:75:6C:33:79:BB:77:CE:C6:AC
            X509v3 Authority Key Identifier:
                keyid:1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:49:97:3e:7e:40:8b:2e:14:34:a5:0a:bd:3d:0c:56:72:86:
         e4:52:4b:05:e1:ba:f4:ba:ab:16:d0:d7:ea:25:f9:bb:70:84:
         61:ae:fe:cd:a7:8f:3a:de:da:18:d0:26:25:58:1e:fe:2d:45:
         eb:2b:13:04:3a:14:31:17:49:77:4e:76:5f:36:03:e1:bd:60:
         9b:c3:13:a9:62:bc:b1:86:54:eb:87:a6:e2:4f:dd:5e:ff:9c:
         b4:59:18:c9:60:51:d0:76:90:d3:6e:b7:4d:8d:52:5c:56:3e:
         7b:b7:7a:16:5f:95:1f:dd:67:24:3e:ef:15:91:8c:fc:be:5d:
         b6:ca:3a:56:70:e7:74:ac:35:cf:87:0f:cd:f4:51:2d:09:62:
         ec:20:89:86:f3:cf:c5:4b:d9:3b:54:9d:c4:78:6a:f7:20:7f:
         de:74:5a:1f:09:7c:24:05:71:59:30:a7:02:66:0e:ec:ee:ea:
         e6:83:f2:62:0d:bc:c5:f0:53:32:bf:ad:0b:32:1a:57:12:d9:
         3c:eb:e1:27:22:cf:18:51:e2:87:c9:77:77:a9:97:9d:7a:9a:
         ba:60:84:10:4b:20:3e:82:2e:19:f4:ec:b1:9a:b9:48:2c:0f:
         ae:bb:e9:6c:6d:37:49:d5:22:66:c4:e0:27:db:8c:2f:c0:99:
         b8:aa:fb:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUkyh9Fq4jwAym5fCSgP8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjcxZWZkMTI4MTExNDI5NzU4OWU3NTkzYTdlMDUwNTRk
OTI1NWIwHhcNMjUwNDIwMTkwMDUyWhcNMjUwNDIxMTkwMDUyWjAzMTEwLwYDVQQD
EygwNTMxYjVmNTdkY2RiOWNhMzViODg2NzU2YzMzNzliYjc3Y2VjNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdQQfqrhiyeQsOUDy4yW277UHLCE
UB6TpBn3SJ9wGrk61cKIKZ4oJEoxaH1O+Iw4D3FatSZ6qZzS8YbmW214q6Albcrx
usxJLEwkxHL8GV5OMswACQQ7zjdyFXxVpCp+rS/bpeDqfBHC4T7ZY0I9lSY8di1A
hsvYfsiuezvlkXkJZmL9doU9MutA29B8HhrWXIZ5BpMAvFSTAJbJwlgyfUkxuYoq
ev84HriBvR6s2oSmeej4n0OIfYAQKBsQvZowLCYY49uSeSXfJjaLpira5iEurLPV
7wXS/u8DefLpJGuEQ6b03L9t75/NaG9aRNeV4ukNeUwV0abw+W3lZTf5XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUxtfV9zbnKNbiGdWwzebt3zsasMB8GA1UdIwQY
MBaAFBxnHv0SgRFCl1iedZOn4FBU2SVbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEt
ZTNkMmY2NGZkZGQ0LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEtZTNkMmY2NGZkZGQ0
LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUmXPn5A
iy4UNKUKvT0MVnKG5FJLBeG69LqrFtDX6iX5u3CEYa7+zaePOt7aGNAmJVge/i1F
6ysTBDoUMRdJd052XzYD4b1gm8MTqWK8sYZU64em4k/dXv+ctFkYyWBR0HaQ0263
TY1SXFY+e7d6Fl+VH91nJD7vFZGM/L5dtso6VnDndKw1z4cPzfRRLQli7CCJhvPP
xUvZO1SdxHhq9yB/3nRaHwl8JAVxWTCnAmYO7O7q5oPyYg28xfBTMr+tCzIaVxLZ
POvhJyLPGFHih8l3d6mXnXqaumCEEEsgPoIuGfTssZq5SCwPrrvpbG03SdUiZsTg
J9uML8CZuKr7uA==
-----END CERTIFICATE-----