Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          AI8Ovv3ilsZtwgvMeXSMNss8ZVutKmMulz5xqbTUPQY=
Subject key identifier:   EA:17:5F:81:2D:95:00:04:C4:DF:43:BF:D1:C9:C6:31:C8:92:BE:30
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019655388C73B4FB327C2C16430443347186
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          10CB
Signing time:             Sun 20 Apr 2025 22:01:31 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:31 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:31 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: 9agu2QSpEjcLGJYnT9Be5jme0dW7xSyuu7cgEBNjyQE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:8c:73:b4:fb:32:7c:2c:16:43:04:43:34:71:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Apr 20 22:01:31 2025 GMT
            Not After : Apr 21 22:01:31 2025 GMT
        Subject: CN=ea175f812d950004c4df43bfd1c9c631c892be30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ae:a9:2f:4d:b8:1e:a7:e9:41:91:72:e6:01:
                    51:96:0e:56:ae:37:cf:7f:05:95:f1:c7:3f:1b:18:
                    89:20:de:0d:67:64:ba:9e:c8:cb:1e:58:bd:4f:67:
                    a1:40:16:22:e1:92:8e:15:43:89:dc:d0:a0:06:33:
                    e4:7c:24:b5:58:69:61:71:f3:96:39:05:51:ab:7b:
                    cd:23:e8:52:f8:4d:5d:5b:4b:f5:d3:de:9a:ad:41:
                    5e:a3:e0:f0:98:a8:eb:e9:cc:2e:fb:5f:45:44:23:
                    67:5c:d0:6c:dd:f5:60:47:42:7e:8f:74:52:59:e7:
                    fa:5e:18:c4:1c:91:25:78:dd:38:ee:30:e7:5d:35:
                    dc:a1:d6:7e:4e:d8:66:2f:58:ce:31:78:e2:58:70:
                    a4:2f:f4:3a:f2:27:8c:4c:37:5e:7d:fd:d6:f4:1d:
                    d0:63:58:e0:b2:34:d0:24:6d:79:80:1b:cd:41:38:
                    94:5c:20:7b:bc:e4:d4:98:40:3e:1b:89:70:7a:7f:
                    af:00:a0:be:41:44:f8:3b:05:9d:d7:af:78:2b:b8:
                    48:19:3f:f2:3f:79:4b:2e:62:5c:87:4d:4b:f1:2d:
                    e9:d2:3c:0d:f2:ed:65:dc:c4:cf:26:a3:b2:56:14:
                    fe:6c:6a:86:ff:15:56:67:39:c5:e3:b1:27:5e:03:
                    96:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:17:5F:81:2D:95:00:04:C4:DF:43:BF:D1:C9:C6:31:C8:92:BE:30
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:a3:1e:5b:2b:a6:69:e0:2d:b7:94:fe:7e:02:ca:c1:78:62:
         f7:45:03:30:33:a7:34:18:5b:8d:54:c8:1e:e1:6b:ef:5e:b2:
         5e:2f:30:78:69:c5:70:7c:03:2c:28:90:9b:fd:ee:27:56:b8:
         1f:9f:20:ef:77:54:d2:c1:da:2d:3e:56:b4:d5:5c:56:32:4b:
         ac:7f:eb:fe:e8:c8:10:4c:e6:06:70:f1:58:27:52:b6:82:e3:
         d9:82:71:87:10:5d:10:dd:a1:61:52:34:47:17:99:54:40:71:
         14:7f:c5:57:bc:02:4b:fc:40:a6:20:97:a7:ce:c8:ae:87:8d:
         e6:11:3f:a2:ac:1f:d8:4f:14:7a:2a:97:07:b6:11:fc:97:47:
         ff:0f:48:d0:f0:3f:b8:9a:62:59:0b:46:4d:6c:cf:0c:09:21:
         77:c9:1f:fe:96:f5:d0:0d:e1:b9:ef:52:73:b0:95:cc:9e:5e:
         1c:c4:2b:ea:4f:9b:a5:62:51:0b:0f:c0:6c:12:5f:83:d3:4f:
         f1:dd:2d:e8:5a:02:d2:15:13:d0:d2:8b:44:d7:aa:3c:67:ad:
         2c:c6:e3:85:02:d3:2c:a8:78:6b:92:80:f0:c8:8f:3f:c0:cc:
         80:da:08:de:14:60:ca:f9:4c:2c:eb:1c:d9:f0:04:08:0b:28:
         a7:09:cd:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOIxztPsyfCwWQwRDNHGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUwNDIwMjIwMTMxWhcNMjUwNDIxMjIwMTMxWjAzMTEwLwYDVQQD
EyhlYTE3NWY4MTJkOTUwMDA0YzRkZjQzYmZkMWM5YzYzMWM4OTJiZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK6pL024HqfpQZFy5gFRlg5WrjfP
fwWV8cc/GxiJIN4NZ2S6nsjLHli9T2ehQBYi4ZKOFUOJ3NCgBjPkfCS1WGlhcfOW
OQVRq3vNI+hS+E1dW0v1096arUFeo+DwmKjr6cwu+19FRCNnXNBs3fVgR0J+j3RS
Wef6XhjEHJEleN047jDnXTXcodZ+TthmL1jOMXjiWHCkL/Q68ieMTDdeff3W9B3Q
Y1jgsjTQJG15gBvNQTiUXCB7vOTUmEA+G4lwen+vAKC+QUT4OwWd1694K7hIGT/y
P3lLLmJch01L8S3p0jwN8u1l3MTPJqOyVhT+bGqG/xVWZznF47EnXgOWbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoXX4EtlQAExN9Dv9HJxjHIkr4wMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqKMeWyum
aeAtt5T+fgLKwXhi90UDMDOnNBhbjVTIHuFr716yXi8weGnFcHwDLCiQm/3uJ1a4
H58g73dU0sHaLT5WtNVcVjJLrH/r/ujIEEzmBnDxWCdStoLj2YJxhxBdEN2hYVI0
RxeZVEBxFH/FV7wCS/xApiCXp87IroeN5hE/oqwf2E8UeiqXB7YR/JdH/w9I0PA/
uJpiWQtGTWzPDAkhd8kf/pb10A3hue9Sc7CVzJ5eHMQr6k+bpWJRCw/AbBJfg9NP
8d0t6FoC0hUT0NKLRNeqPGetLMbjhQLTLKh4a5KA8MiPP8DMgNoI3hRgyvlMLOsc
2fAECAsopwnNzQ==
-----END CERTIFICATE-----