Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          Dqa2ehRbsxXCT5k5jlWuix6bmmAMWz4kDx4dwCiMnmA=
Subject key identifier:   DE:7D:1E:8F:89:7D:AE:CA:EA:7D:DE:06:8F:49:CF:81:8E:A3:25:6F
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       01965B032B7F29130469C375A2A325E00272
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          14FF
Signing time:             Tue 22 Apr 2025 01:00:56 +0000
Manifest this update:     Tue 22 Apr 2025 01:00:56 +0000
Manifest next update:     Wed 23 Apr 2025 01:00:56 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: RAjTYx9kDPfmWVFhWbFKFBoc+tyupi7L+8J3PRnj1ZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5b:03:2b:7f:29:13:04:69:c3:75:a2:a3:25:e0:02:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Apr 22 01:00:56 2025 GMT
            Not After : Apr 23 01:00:56 2025 GMT
        Subject: CN=de7d1e8f897daecaea7dde068f49cf818ea3256f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8b:38:a4:2b:fc:e4:2b:ae:12:1c:b7:55:3c:
                    58:bf:e8:7d:3a:eb:18:85:9d:66:eb:b0:4f:b2:7c:
                    73:e4:2c:f1:8d:c7:42:df:a0:29:84:fe:07:70:f4:
                    d8:b9:10:5e:e6:34:50:f1:e8:eb:f8:cf:38:96:ab:
                    e0:5c:50:3d:70:09:bd:c2:bb:ac:b6:60:46:dd:ab:
                    26:04:d6:1d:b9:7d:ec:2e:ba:c2:29:da:23:39:2d:
                    ff:5e:81:3e:69:7d:28:67:45:90:2f:ea:2b:ab:a2:
                    52:ef:84:de:5e:34:32:d8:82:9f:9e:9f:06:2c:5b:
                    92:68:1c:4c:17:30:05:6a:8f:1c:70:80:59:cc:a0:
                    de:f7:38:86:0a:3a:7a:f7:6e:79:a3:2c:6b:23:5c:
                    6b:cb:39:83:4d:5f:75:53:aa:2b:55:9c:de:76:c6:
                    00:30:8a:77:8a:f5:7a:ae:f3:cd:89:23:79:3d:a7:
                    b0:ac:e5:c3:26:bc:0e:7d:69:68:04:41:78:9f:d1:
                    ef:16:1f:69:2d:44:a6:c3:e6:d2:dc:cf:43:6b:7b:
                    9c:04:07:cc:7e:9d:e6:2b:a2:34:bd:d2:98:b8:5a:
                    f2:09:9c:fd:dd:39:bc:20:5c:d6:90:92:7e:40:eb:
                    b4:9d:cb:20:cc:b4:85:56:c4:d8:b3:af:f8:16:40:
                    cc:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:7D:1E:8F:89:7D:AE:CA:EA:7D:DE:06:8F:49:CF:81:8E:A3:25:6F
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:da:7a:1a:5f:92:83:22:7b:db:c6:44:f8:c8:0c:fa:b2:cf:
         ee:32:cb:7d:e9:3d:13:86:79:9c:1a:86:20:b4:fc:bc:b6:3a:
         62:c5:ff:cb:45:81:4d:9d:46:84:78:f1:00:f0:50:7d:c7:ba:
         e2:fa:2d:58:25:22:60:b2:2e:92:f5:46:98:75:46:d7:4f:5e:
         e0:76:67:63:59:9b:a7:d7:4c:44:ef:3f:f6:a7:49:75:75:e9:
         db:5a:00:69:ce:86:2e:6d:3e:ee:4e:dd:94:9c:35:00:6a:bb:
         6d:d2:28:bf:36:33:a1:93:a7:9f:91:70:94:40:04:d8:59:b4:
         c8:17:e0:7d:86:09:69:46:45:28:b6:01:64:64:2a:c6:48:61:
         31:55:58:3c:aa:61:dd:3b:98:c8:40:14:61:81:21:3b:00:bf:
         89:03:dc:71:c5:91:83:d6:79:f6:e3:96:7c:ec:d7:ca:3c:dd:
         85:df:f3:6e:02:cb:39:c2:33:08:cb:53:a3:e3:8d:cf:a5:91:
         20:e0:11:ac:9b:d8:fb:bb:3a:ab:f5:a5:82:74:0e:d6:fb:24:
         da:a5:23:86:d9:12:e8:c3:89:29:ab:38:e4:58:f2:a2:a4:b5:
         6d:9f:a4:7a:f4:45:10:3a:af:93:8a:32:46:31:88:8b:dc:41:
         26:d2:da:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZbAyt/KRMEacN1oqMl4AJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUwNDIyMDEwMDU2WhcNMjUwNDIzMDEwMDU2WjAzMTEwLwYDVQQD
EyhkZTdkMWU4Zjg5N2RhZWNhZWE3ZGRlMDY4ZjQ5Y2Y4MThlYTMyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYs4pCv85CuuEhy3VTxYv+h9OusY
hZ1m67BPsnxz5CzxjcdC36AphP4HcPTYuRBe5jRQ8ejr+M84lqvgXFA9cAm9wrus
tmBG3asmBNYduX3sLrrCKdojOS3/XoE+aX0oZ0WQL+orq6JS74TeXjQy2IKfnp8G
LFuSaBxMFzAFao8ccIBZzKDe9ziGCjp69255oyxrI1xryzmDTV91U6orVZzedsYA
MIp3ivV6rvPNiSN5PaewrOXDJrwOfWloBEF4n9HvFh9pLUSmw+bS3M9Da3ucBAfM
fp3mK6I0vdKYuFryCZz93Tm8IFzWkJJ+QOu0ncsgzLSFVsTYs6/4FkDMVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN59Ho+Jfa7K6n3eBo9Jz4GOoyVvMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYdp6Gl+S
gyJ728ZE+MgM+rLP7jLLfek9E4Z5nBqGILT8vLY6YsX/y0WBTZ1GhHjxAPBQfce6
4votWCUiYLIukvVGmHVG109e4HZnY1mbp9dMRO8/9qdJdXXp21oAac6GLm0+7k7d
lJw1AGq7bdIovzYzoZOnn5FwlEAE2Fm0yBfgfYYJaUZFKLYBZGQqxkhhMVVYPKph
3TuYyEAUYYEhOwC/iQPcccWRg9Z59uOWfOzXyjzdhd/zbgLLOcIzCMtTo+ONz6WR
IOARrJvY+7s6q/WlgnQO1vsk2qUjhtkS6MOJKas45FjyoqS1bZ+kevRFEDqvk4oy
RjGIi9xBJtLaUA==
-----END CERTIFICATE-----