Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
File:                     HVdIhaDItCBcPfLR_Nc0h33hBdk.mft (raw, json)
Hash identifier:          VIhZieGuA+n5ttwILv0ATEqIhzAi1tBDKBFfsDg4w+Y=
Subject key identifier:   02:CC:4B:33:E5:CE:A7:23:B6:D0:1D:EE:10:0F:79:45:FC:E3:3F:26
Authority key identifier: 1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9
Certificate issuer:       /CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
Certificate serial:       019655DCB3C5795C5B058F0CFAEA29FBB96A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
Manifest number:          CF
Signing time:             Mon 21 Apr 2025 01:00:49 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:49 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:49 +0000
Files and hashes:         1: HVdIhaDItCBcPfLR_Nc0h33hBdk.crl (hash: rOiI48LhkWvU5LKcqtq3Du5GFWD3lc4mbM4exeRk1tc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:b3:c5:79:5c:5b:05:8f:0c:fa:ea:29:fb:b9:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
        Validity
            Not Before: Apr 21 01:00:49 2025 GMT
            Not After : Apr 22 01:00:49 2025 GMT
        Subject: CN=02cc4b33e5cea723b6d01dee100f7945fce33f26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:7a:ef:7a:f8:3a:48:c3:6f:8a:a4:a1:6b:b9:
                    da:1e:8c:ea:53:b0:d9:c3:84:cb:0e:c3:10:76:57:
                    32:5a:4d:cf:75:58:b8:08:55:c5:00:6f:df:b2:55:
                    e6:fe:67:ec:a1:c5:1d:da:8d:3b:4c:6b:08:7f:21:
                    ee:fb:a1:62:22:0d:66:0b:dc:f1:64:e9:21:b4:d3:
                    3e:e1:a6:2a:e5:2a:ae:c4:a3:b7:90:7f:db:1f:b9:
                    c8:f6:55:3b:ec:bc:20:77:32:51:a0:19:25:56:b7:
                    48:17:a5:13:fe:98:14:f3:c9:51:1b:21:cd:d1:ae:
                    c8:08:04:68:e2:bc:c5:a4:0b:a9:9a:68:10:77:40:
                    59:a3:ce:54:91:ca:37:30:72:f7:cb:7f:c3:56:4c:
                    73:8d:c5:05:ef:43:a6:89:07:11:a8:81:18:8e:aa:
                    1e:e7:e9:4c:10:9c:a2:e6:16:c4:15:ff:b4:14:ed:
                    cb:90:23:dd:fd:cc:64:cd:e9:3b:36:10:ff:c7:e7:
                    59:1a:b1:63:39:52:f1:27:6a:63:74:36:9a:a8:9a:
                    18:9d:2e:4b:51:09:6b:04:7e:2c:8f:80:19:a5:17:
                    40:79:be:a0:8e:0f:e2:09:b3:68:59:84:d3:71:a7:
                    20:8e:63:5f:56:57:c4:b5:f9:87:bd:73:9b:eb:2b:
                    10:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:CC:4B:33:E5:CE:A7:23:B6:D0:1D:EE:10:0F:79:45:FC:E3:3F:26
            X509v3 Authority Key Identifier:
                keyid:1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:0a:f4:d1:e3:be:32:8f:90:60:08:c1:6b:29:51:98:1f:aa:
         48:f4:b2:cc:03:17:27:e3:84:0a:99:19:38:6a:85:d6:36:a7:
         ca:70:c1:5e:11:ee:12:9c:98:d5:3b:81:5c:68:69:ab:08:e6:
         b9:5b:36:93:41:9f:95:da:ad:18:c9:12:1a:06:5d:88:c8:38:
         e0:26:bc:2a:47:7c:c5:c5:2b:10:92:5b:b2:6a:ff:1a:31:ca:
         e3:52:c2:a9:d8:ac:38:77:38:7e:4b:71:9d:b9:9b:2e:05:f6:
         2b:86:93:de:fc:4e:2c:ea:c4:41:49:da:5b:dc:c4:0c:2e:a6:
         86:49:42:9c:39:dc:63:6d:ca:73:15:57:94:3c:76:21:7b:e8:
         5d:b3:19:77:e8:fa:05:85:54:74:44:3b:8f:d9:ae:c2:34:7a:
         60:bf:c4:bc:91:70:ab:42:83:73:3d:4d:75:6d:2d:79:fc:72:
         f8:59:2a:1e:6f:b8:70:b8:90:b1:a6:de:92:87:7e:e9:81:e7:
         c0:c7:cb:6a:e7:77:d2:be:60:5c:85:34:f0:0d:ed:e2:7c:e0:
         ce:b8:7a:94:5a:20:5b:71:ef:3d:5d:ae:7d:59:76:2a:68:8a:
         2e:67:4e:71:89:1e:5f:28:af:bf:bf:98:e7:65:0e:26:a4:a2:
         bb:9b:34:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3LPFeVxbBY8M+uop+7lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTc0ODg1YTBjOGI0MjA1YzNkZjJkMWZjZDczNDg3N2Rl
MTA1ZDkwHhcNMjUwNDIxMDEwMDQ5WhcNMjUwNDIyMDEwMDQ5WjAzMTEwLwYDVQQD
EygwMmNjNGIzM2U1Y2VhNzIzYjZkMDFkZWUxMDBmNzk0NWZjZTMzZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83rvevg6SMNviqSha7naHozqU7DZ
w4TLDsMQdlcyWk3PdVi4CFXFAG/fslXm/mfsocUd2o07TGsIfyHu+6FiIg1mC9zx
ZOkhtNM+4aYq5SquxKO3kH/bH7nI9lU77LwgdzJRoBklVrdIF6UT/pgU88lRGyHN
0a7ICARo4rzFpAupmmgQd0BZo85Ukco3MHL3y3/DVkxzjcUF70OmiQcRqIEYjqoe
5+lMEJyi5hbEFf+0FO3LkCPd/cxkzek7NhD/x+dZGrFjOVLxJ2pjdDaaqJoYnS5L
UQlrBH4sj4AZpRdAeb6gjg/iCbNoWYTTcacgjmNfVlfEtfmHvXOb6ysQrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALMSzPlzqcjttAd7hAPeUX84z8mMB8GA1UdIwQY
MBaAFB1XSIWgyLQgXD3y0fzXNId94QXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMt
OTE5OGNhMmFjNzY2LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMtOTE5OGNhMmFjNzY2
LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0Ar00eO+
Mo+QYAjBaylRmB+qSPSyzAMXJ+OECpkZOGqF1janynDBXhHuEpyY1TuBXGhpqwjm
uVs2k0GfldqtGMkSGgZdiMg44Ca8Kkd8xcUrEJJbsmr/GjHK41LCqdisOHc4fktx
nbmbLgX2K4aT3vxOLOrEQUnaW9zEDC6mhklCnDncY23KcxVXlDx2IXvoXbMZd+j6
BYVUdEQ7j9muwjR6YL/EvJFwq0KDcz1NdW0tefxy+FkqHm+4cLiQsabekod+6YHn
wMfLaud30r5gXIU08A3t4nzgzrh6lFogW3HvPV2ufVl2KmiKLmdOcYkeXyivv7+Y
52UOJqSiu5s0KA==
-----END CERTIFICATE-----