Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          0/1rPFYZX4/7egJ5/NHOMWSbHUkHpZAl6pBeZGsylSk=
Subject key identifier:   91:02:3B:66:33:5E:1A:D3:2E:8C:DD:A7:EC:C9:20:A6:D1:CD:E3:AE
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       01965538DFB52856112A4753E3EB5EC71DC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          0E43
Signing time:             Sun 20 Apr 2025 22:01:52 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:52 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:52 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: WZDoki/eh9VQaltN5/BXnMTQmWzprsvcVC/q2hnXaeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:df:b5:28:56:11:2a:47:53:e3:eb:5e:c7:1d:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Apr 20 22:01:52 2025 GMT
            Not After : Apr 21 22:01:52 2025 GMT
        Subject: CN=91023b66335e1ad32e8cdda7ecc920a6d1cde3ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7d:e2:46:5b:1a:a5:0f:71:64:2b:91:9f:0c:
                    b1:d6:68:96:01:7f:68:2e:25:1c:f2:ce:5f:8e:ec:
                    0f:08:5f:ad:e4:bf:76:e8:ff:93:9e:aa:16:be:dd:
                    f0:fa:92:d7:6d:55:65:01:2a:3e:d5:99:8b:b1:be:
                    d6:7a:17:c4:33:f2:41:79:ff:77:5e:f8:6d:38:db:
                    f1:9b:33:b0:d7:cc:69:c6:7f:56:54:bf:ae:09:7f:
                    d7:60:3c:ca:ca:37:06:4b:6a:a5:4f:a4:1d:3e:cd:
                    58:7f:68:22:b4:69:76:57:25:de:34:f9:aa:45:f2:
                    87:0a:b0:ed:7a:d5:db:78:75:e3:a3:1f:1f:f6:1e:
                    07:75:e1:da:be:11:6f:4d:3c:ce:6f:8f:95:e1:94:
                    91:0c:7e:91:33:a0:43:f7:f2:22:ac:1b:09:1f:cf:
                    b0:3f:e4:ce:fa:1f:27:40:73:04:cc:ab:f9:52:cd:
                    4f:bd:3f:50:d7:1f:06:72:d8:1b:76:af:20:b5:93:
                    ab:9f:80:ae:06:26:5d:02:fd:b2:2d:76:54:bd:bb:
                    47:e1:5b:dc:96:f4:c5:95:6b:78:f2:33:4d:a2:cd:
                    a4:d3:0e:c5:ab:50:55:f1:95:dd:d3:9e:f3:ae:98:
                    dd:03:ea:de:03:d4:ba:3f:01:35:c9:f1:2c:04:1d:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:02:3B:66:33:5E:1A:D3:2E:8C:DD:A7:EC:C9:20:A6:D1:CD:E3:AE
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:e7:9e:7e:28:dd:60:90:72:05:fc:80:56:d7:0d:b9:c6:42:
         a3:cd:57:d3:5d:00:6e:b4:b3:6b:64:dd:ff:f8:11:d6:76:c8:
         11:f6:ce:f8:ff:00:3b:b5:42:bb:39:f4:19:9e:10:7d:b2:85:
         7c:77:5f:eb:f4:16:e4:e5:55:e4:7f:c3:1b:f4:58:ae:b9:fa:
         73:a9:82:c3:ce:ce:08:2f:bf:97:19:14:69:f6:9b:c8:ab:e5:
         86:32:34:8b:87:a3:63:9b:c7:9f:98:13:57:98:99:9e:af:7c:
         d2:4b:4c:b5:1c:b7:96:f4:e1:9f:d5:ef:cd:e6:a7:5d:56:df:
         60:46:16:cd:56:45:14:37:b0:ab:48:75:5a:90:6a:f1:69:b2:
         3a:f8:a8:33:1a:2e:e1:78:2f:ee:96:59:c8:bc:21:9c:c7:16:
         a1:85:93:19:26:e2:68:51:12:a7:38:a3:17:09:19:19:6d:12:
         f7:4c:4f:ae:4c:73:9e:33:56:1d:9f:dd:07:ab:2e:58:f8:94:
         3f:ed:1a:aa:90:11:af:83:54:57:45:ce:26:a3:12:47:35:df:
         96:69:45:5e:70:4b:0c:8d:df:63:84:16:1d:da:c3:c2:8d:80:
         b6:2a:78:e7:cc:96:86:66:68:ff:cc:2b:73:02:3e:f8:ff:c9:
         bc:1e:fc:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVON+1KFYRKkdT4+texx3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjUwNDIwMjIwMTUyWhcNMjUwNDIxMjIwMTUyWjAzMTEwLwYDVQQD
Eyg5MTAyM2I2NjMzNWUxYWQzMmU4Y2RkYTdlY2M5MjBhNmQxY2RlM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyX3iRlsapQ9xZCuRnwyx1miWAX9o
LiUc8s5fjuwPCF+t5L926P+TnqoWvt3w+pLXbVVlASo+1ZmLsb7WehfEM/JBef93
XvhtONvxmzOw18xpxn9WVL+uCX/XYDzKyjcGS2qlT6QdPs1Yf2gitGl2VyXeNPmq
RfKHCrDtetXbeHXjox8f9h4HdeHavhFvTTzOb4+V4ZSRDH6RM6BD9/IirBsJH8+w
P+TO+h8nQHMEzKv5Us1PvT9Q1x8Gctgbdq8gtZOrn4CuBiZdAv2yLXZUvbtH4Vvc
lvTFlWt48jNNos2k0w7Fq1BV8ZXd057zrpjdA+reA9S6PwE1yfEsBB0d4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJECO2YzXhrTLozdp+zJIKbRzeOuMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROeefijd
YJByBfyAVtcNucZCo81X010AbrSza2Td//gR1nbIEfbO+P8AO7VCuzn0GZ4QfbKF
fHdf6/QW5OVV5H/DG/RYrrn6c6mCw87OCC+/lxkUafabyKvlhjI0i4ejY5vHn5gT
V5iZnq980ktMtRy3lvThn9XvzeanXVbfYEYWzVZFFDewq0h1WpBq8WmyOvioMxou
4Xgv7pZZyLwhnMcWoYWTGSbiaFESpzijFwkZGW0S90xPrkxznjNWHZ/dB6suWPiU
P+0aqpARr4NUV0XOJqMSRzXflmlFXnBLDI3fY4QWHdrDwo2Atip458yWhmZo/8wr
cwI++P/JvB78Ew==
-----END CERTIFICATE-----