Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          M/OQvo1K3rPSFQvucMOVV13v/LCQTFOtbqktkD2HsO4=
Subject key identifier:   E4:14:1C:E4:D2:0C:F1:74:9F:3F:9C:2A:E1:18:14:40:FB:F0:B8:97
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       01964A0FE42DE09BABB40A3BBE9A01F712D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          0497
Signing time:             Fri 18 Apr 2025 18:01:17 +0000
Manifest this update:     Fri 18 Apr 2025 18:01:17 +0000
Manifest next update:     Sat 19 Apr 2025 18:01:17 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: j//Cmm5B8PFyFYNR/Qo87OqMDE8ElN3gML3NnwbksEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 18:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4a:0f:e4:2d:e0:9b:ab:b4:0a:3b:be:9a:01:f7:12:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Apr 18 18:01:17 2025 GMT
            Not After : Apr 19 18:01:17 2025 GMT
        Subject: CN=e4141ce4d20cf1749f3f9c2ae1181440fbf0b897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:13:f5:b3:79:3a:20:31:3b:b4:07:bf:62:2e:
                    f6:a9:cb:3a:22:a0:98:6c:99:89:c8:6e:71:7c:44:
                    d2:1e:dc:09:b7:ef:3d:12:45:4d:b1:27:1d:db:63:
                    8f:93:a0:a2:63:dd:a3:e8:8b:7e:15:cb:12:42:a9:
                    44:62:f8:fe:32:26:89:97:08:c1:06:b2:35:86:0c:
                    e6:e4:34:51:5e:f1:f4:53:d3:46:dc:83:b4:40:ee:
                    0b:3b:ef:ae:bf:c6:8e:ea:f0:93:61:b9:fe:e1:5e:
                    42:cf:dc:64:f3:ac:e3:65:a6:0c:1a:a1:7c:e6:8f:
                    df:1a:f7:17:40:ad:a6:2c:92:bb:78:43:f9:05:91:
                    96:a1:6e:f2:eb:24:3f:66:1d:d4:83:04:2b:a2:19:
                    de:cb:1e:5a:5d:1f:dd:81:db:61:f8:2c:5f:8e:46:
                    b5:ee:d6:60:18:e0:f3:04:e8:61:ca:2c:f1:1f:7e:
                    1c:16:32:96:29:a2:84:11:56:7a:90:f6:52:5a:cd:
                    cf:17:b1:c1:71:22:8f:63:51:f2:10:94:63:b5:3d:
                    0d:52:e3:ea:de:d7:c4:d8:9d:f0:55:2c:79:54:bc:
                    f2:4b:db:0e:6f:45:1a:00:77:be:18:8a:e1:2e:42:
                    16:d8:17:a0:c4:d9:8f:60:43:5c:ba:b0:cc:35:8d:
                    b5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:14:1C:E4:D2:0C:F1:74:9F:3F:9C:2A:E1:18:14:40:FB:F0:B8:97
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:63:cf:b9:36:ad:a0:53:9d:ae:66:70:c1:09:02:02:df:9f:
         01:67:ad:4f:e4:a2:25:7c:82:12:e8:58:9d:44:9a:14:f7:d6:
         96:2a:3e:4b:94:b6:35:25:a9:6d:2c:53:ae:7c:ca:4b:5a:7d:
         4e:80:1d:74:ee:f0:f6:9d:61:fd:d4:ff:cb:9b:1f:75:d9:14:
         e3:ff:e8:64:3d:64:bb:94:95:7e:b1:b3:68:79:bd:57:47:e7:
         f4:f5:92:43:ac:9e:bf:76:79:4e:39:44:2f:61:cd:0f:e2:53:
         d7:64:98:95:5c:37:62:8f:07:95:e1:41:7a:c5:b6:5d:00:6d:
         2d:ac:e0:0b:ba:7f:a4:19:bb:2a:01:34:e0:be:92:26:03:8b:
         de:22:6b:05:15:d3:74:1f:24:e2:28:c5:75:bc:b0:3a:ab:61:
         8d:37:b4:93:eb:64:8f:3c:f7:31:ef:59:fd:9a:9b:e2:a2:4e:
         f5:1c:3c:c5:bb:66:4c:d0:77:67:a8:58:3a:b3:d3:62:a1:ad:
         07:8d:9c:49:54:5c:54:48:8a:48:c7:e9:ed:ec:28:55:3c:08:
         5e:04:e5:39:ed:08:25:b4:94:a5:91:6c:56:cf:dd:27:a0:b2:
         cd:5d:2f:1f:17:b0:39:30:1b:08:89:60:91:4c:54:b4:1c:82:
         06:e7:75:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZKD+Qt4JurtAo7vpoB9xLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUwNDE4MTgwMTE3WhcNMjUwNDE5MTgwMTE3WjAzMTEwLwYDVQQD
EyhlNDE0MWNlNGQyMGNmMTc0OWYzZjljMmFlMTE4MTQ0MGZiZjBiODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hP1s3k6IDE7tAe/Yi72qcs6IqCY
bJmJyG5xfETSHtwJt+89EkVNsScd22OPk6CiY92j6It+FcsSQqlEYvj+MiaJlwjB
BrI1hgzm5DRRXvH0U9NG3IO0QO4LO++uv8aO6vCTYbn+4V5Cz9xk86zjZaYMGqF8
5o/fGvcXQK2mLJK7eEP5BZGWoW7y6yQ/Zh3UgwQrohneyx5aXR/dgdth+Cxfjka1
7tZgGODzBOhhyizxH34cFjKWKaKEEVZ6kPZSWs3PF7HBcSKPY1HyEJRjtT0NUuPq
3tfE2J3wVSx5VLzyS9sOb0UaAHe+GIrhLkIW2BegxNmPYENcurDMNY21qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQUHOTSDPF0nz+cKuEYFED78LiXMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWPPuTat
oFOdrmZwwQkCAt+fAWetT+SiJXyCEuhYnUSaFPfWlio+S5S2NSWpbSxTrnzKS1p9
ToAddO7w9p1h/dT/y5sfddkU4//oZD1ku5SVfrGzaHm9V0fn9PWSQ6yev3Z5TjlE
L2HND+JT12SYlVw3Yo8HleFBesW2XQBtLazgC7p/pBm7KgE04L6SJgOL3iJrBRXT
dB8k4ijFdbywOqthjTe0k+tkjzz3Me9Z/Zqb4qJO9Rw8xbtmTNB3Z6hYOrPTYqGt
B42cSVRcVEiKSMfp7ewoVTwIXgTlOe0IJbSUpZFsVs/dJ6CyzV0vHxewOTAbCIlg
kUxUtByCBud1KA==
-----END CERTIFICATE-----