Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          CsGOIZzO7OWYp2bpcnosry6CTRQ7yXiityw4q1xTaEo=
Subject key identifier:   72:5B:B3:7F:47:12:D2:67:1B:F8:3D:38:15:B3:B1:A0:CD:6A:3F:C8
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       01965D5F17551739AEA14B9614B2341B4E11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          0159
Signing time:             Tue 22 Apr 2025 12:00:35 +0000
Manifest this update:     Tue 22 Apr 2025 12:00:35 +0000
Manifest next update:     Wed 23 Apr 2025 12:00:35 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: Lbm1mfmMjqqS4PiHiqC8Ht/llSRbESk9lJWC38YO3LY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 12:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5d:5f:17:55:17:39:ae:a1:4b:96:14:b2:34:1b:4e:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Apr 22 12:00:35 2025 GMT
            Not After : Apr 23 12:00:35 2025 GMT
        Subject: CN=725bb37f4712d2671bf83d3815b3b1a0cd6a3fc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:1f:8d:55:42:9e:f1:a6:33:56:04:88:7f:
                    70:dd:89:85:c5:22:48:50:c1:b5:8e:0b:70:3a:ff:
                    ac:d6:d5:d6:f1:91:94:f1:ca:4b:4b:ed:2e:03:0f:
                    82:1f:dd:d6:8f:08:dd:66:0e:b3:be:b1:73:63:60:
                    90:b5:56:8c:a4:e3:49:e1:24:0a:a8:18:91:35:53:
                    ca:99:9b:e5:2e:77:9b:3f:3c:b3:e4:a7:53:b1:d3:
                    af:58:c3:cc:b8:af:a1:14:86:bc:fb:d7:9e:57:cb:
                    a8:d7:d4:40:b3:0f:df:86:69:e0:03:89:ca:12:5d:
                    3f:c1:dd:11:18:75:51:73:04:c6:f6:25:5a:60:12:
                    96:b4:4a:da:64:c3:e9:37:1e:5a:57:aa:1b:9d:eb:
                    68:f9:f1:8b:1d:92:21:42:94:48:4a:19:6b:a6:c3:
                    d5:af:68:52:04:62:4e:5c:93:6c:8f:b5:de:f8:11:
                    a8:36:62:37:66:c8:4a:c1:de:98:a9:1a:f7:be:b2:
                    a3:9b:66:ff:64:71:48:83:d3:2f:73:ba:7e:69:53:
                    87:7c:27:29:d1:98:b2:c1:4b:9a:f5:41:fc:e7:f5:
                    41:02:0f:4f:e8:35:ec:3b:af:36:a3:55:da:2b:5d:
                    44:f7:60:ee:8d:49:9f:1e:71:79:10:1c:49:b7:04:
                    2a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:5B:B3:7F:47:12:D2:67:1B:F8:3D:38:15:B3:B1:A0:CD:6A:3F:C8
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:2d:9b:9e:9e:55:5e:f2:be:75:1b:c0:d7:0f:fc:77:93:34:
         b9:30:75:0d:6e:64:3b:87:01:7f:39:cb:4c:f8:b7:d9:76:a6:
         69:e1:6a:61:71:cd:45:41:8c:31:61:02:58:43:61:ee:e6:58:
         77:28:ad:a7:e0:a5:dc:1d:e3:d8:f5:c1:10:f6:36:d1:d5:e0:
         b5:21:46:7d:3d:7e:56:d2:7e:10:d2:1a:f2:b7:09:a8:5b:46:
         34:0a:7c:ad:cf:82:7d:fb:e5:e4:48:5e:98:10:c8:70:06:30:
         49:fd:f0:07:5d:fe:c9:a5:3b:09:0f:2f:be:24:72:cf:34:86:
         a1:69:ee:8a:be:63:a6:0d:94:e6:ba:83:4d:f6:89:da:b4:da:
         84:86:28:6d:1c:bd:ae:fa:cf:6f:45:f0:6b:75:1f:ad:eb:ce:
         6f:02:80:6c:20:3c:05:4e:62:82:f4:85:37:d6:76:8d:59:8b:
         59:f8:70:02:3e:9f:bc:02:2f:cc:a6:c9:c1:3c:90:3d:ef:b5:
         ad:a1:45:1a:a8:45:dc:ce:6c:a7:72:1f:53:a6:f9:24:14:30:
         f6:4a:9e:e1:af:33:cb:b8:fb:3c:4a:64:bc:b2:82:17:ec:63:
         43:6a:bc:64:fb:8c:53:34:cf:20:f9:3c:68:eb:5d:3e:ed:f9:
         43:6e:2a:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZdXxdVFzmuoUuWFLI0G04RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUwNDIyMTIwMDM1WhcNMjUwNDIzMTIwMDM1WjAzMTEwLwYDVQQD
Eyg3MjViYjM3ZjQ3MTJkMjY3MWJmODNkMzgxNWIzYjFhMGNkNmEzZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVYfjVVCnvGmM1YEiH9w3YmFxSJI
UMG1jgtwOv+s1tXW8ZGU8cpLS+0uAw+CH93WjwjdZg6zvrFzY2CQtVaMpONJ4SQK
qBiRNVPKmZvlLnebPzyz5KdTsdOvWMPMuK+hFIa8+9eeV8uo19RAsw/fhmngA4nK
El0/wd0RGHVRcwTG9iVaYBKWtEraZMPpNx5aV6obneto+fGLHZIhQpRIShlrpsPV
r2hSBGJOXJNsj7Xe+BGoNmI3ZshKwd6YqRr3vrKjm2b/ZHFIg9Mvc7p+aVOHfCcp
0ZiywUua9UH85/VBAg9P6DXsO682o1XaK11E92DujUmfHnF5EBxJtwQq9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJbs39HEtJnG/g9OBWzsaDNaj/IMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAai2bnp5V
XvK+dRvA1w/8d5M0uTB1DW5kO4cBfznLTPi32XamaeFqYXHNRUGMMWECWENh7uZY
dyitp+Cl3B3j2PXBEPY20dXgtSFGfT1+VtJ+ENIa8rcJqFtGNAp8rc+Cffvl5Ehe
mBDIcAYwSf3wB13+yaU7CQ8vviRyzzSGoWnuir5jpg2U5rqDTfaJ2rTahIYobRy9
rvrPb0Xwa3UfrevObwKAbCA8BU5igvSFN9Z2jVmLWfhwAj6fvAIvzKbJwTyQPe+1
raFFGqhF3M5sp3IfU6b5JBQw9kqe4a8zy7j7PEpkvLKCF+xjQ2q8ZPuMUzTPIPk8
aOtdPu35Q24qvw==
-----END CERTIFICATE-----