Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.mft
File:                     hmdXn-dB-sMpnUGRvAONcQxDg3g.mft (raw, json)
Hash identifier:          yGb1GSDPdRk7ygYMQbt+cG0CAzyTIzQu6TATUQtjyNY=
Subject key identifier:   15:E5:26:C4:EA:F4:5B:4B:DC:15:BD:1D:FF:C6:4F:4C:4B:08:04:55
Authority key identifier: 86:67:57:9F:E7:41:FA:C3:29:9D:41:91:BC:03:8D:71:0C:43:83:78
Certificate issuer:       /CN=8667579fe741fac3299d4191bc038d710c438378
Certificate serial:       019510C7978B58E1E87D8357CF08F012AEFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hmdXn-dB-sMpnUGRvAONcQxDg3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.mft
Manifest number:          065E
Signing time:             Sun 16 Feb 2025 22:01:10 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:10 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:10 +0000
Files and hashes:         1: hmdXn-dB-sMpnUGRvAONcQxDg3g.crl (hash: R6kLthXz4hH6CGYlcAC1V7mONDPdqKqk1mYnpQS7VyI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hmdXn-dB-sMpnUGRvAONcQxDg3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:97:8b:58:e1:e8:7d:83:57:cf:08:f0:12:ae:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8667579fe741fac3299d4191bc038d710c438378
        Validity
            Not Before: Feb 16 22:01:10 2025 GMT
            Not After : Feb 17 22:01:10 2025 GMT
        Subject: CN=15e526c4eaf45b4bdc15bd1dffc64f4c4b080455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:01:f1:89:5d:4b:ca:ec:f3:e6:43:a4:d0:26:
                    7b:e4:2f:d6:2c:21:5f:49:08:39:b9:9a:20:4c:d1:
                    29:9d:0f:6c:f5:97:5f:b6:4a:25:84:84:87:1b:40:
                    3b:9c:5b:15:53:3f:fa:c0:86:22:91:a0:d9:82:5b:
                    1a:33:3c:3b:1b:73:b4:6a:ed:00:53:06:f3:4d:d9:
                    8d:55:3c:81:37:b0:6a:76:e5:9d:a0:d5:ec:48:7d:
                    80:59:4f:34:89:9e:90:44:d6:f3:43:32:cb:3d:62:
                    7f:12:a6:28:68:62:48:3a:1a:50:2f:ef:eb:c1:cc:
                    2b:65:85:2e:88:c7:d1:ff:1c:31:ee:83:ae:93:3c:
                    02:87:55:3b:1c:fe:bd:4b:6c:85:8c:c0:2e:7f:30:
                    5d:07:d2:b9:3c:54:c5:ea:25:da:f3:c5:92:4d:8a:
                    97:61:fc:9a:60:9d:88:b2:28:3f:88:da:da:e0:76:
                    31:81:36:46:cb:7c:c0:9d:09:8f:41:04:5e:71:e9:
                    46:a0:42:12:2c:62:c9:62:c2:6f:21:18:b5:1e:f2:
                    5a:25:d0:91:a7:2a:e4:3c:84:38:51:36:61:92:b3:
                    7b:7c:d4:3e:9a:3c:da:4e:a9:0c:dd:cf:6a:68:c6:
                    e6:6b:b7:b8:ad:04:c0:10:ed:45:2b:43:8b:b0:69:
                    83:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E5:26:C4:EA:F4:5B:4B:DC:15:BD:1D:FF:C6:4F:4C:4B:08:04:55
            X509v3 Authority Key Identifier:
                keyid:86:67:57:9F:E7:41:FA:C3:29:9D:41:91:BC:03:8D:71:0C:43:83:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hmdXn-dB-sMpnUGRvAONcQxDg3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3bf430-00b1-4853-a239-2f165418eb68/1/hmdXn-dB-sMpnUGRvAONcQxDg3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:19:0a:ba:28:53:18:af:f8:29:92:b5:2a:06:47:e0:79:cf:
         df:b4:e7:f2:6e:0f:8c:7d:0a:ca:c8:8c:72:14:30:07:97:ff:
         9c:98:95:bc:48:20:56:ec:28:4b:5c:ac:2a:90:fc:98:b5:ed:
         3a:e4:e5:09:01:11:db:89:bf:1f:43:a9:39:4f:91:87:05:e2:
         4d:42:5e:61:72:dd:16:a8:4e:b4:67:41:e3:1f:21:81:3b:6a:
         9a:75:c5:43:b8:b2:80:40:bf:55:6f:18:30:21:f6:05:91:24:
         7e:1a:8e:f2:d3:7f:b7:63:e7:06:67:bf:61:4c:e3:8b:e3:46:
         3f:73:8d:c7:b5:33:c6:fd:aa:74:17:69:8e:a9:96:5b:77:b7:
         9c:d1:75:1b:b5:3d:31:72:6b:5e:97:94:3f:40:79:c5:53:a2:
         b0:b4:aa:6f:b0:c5:48:12:56:4f:b4:47:8d:11:a3:56:37:9d:
         aa:41:d5:ab:c2:a8:19:11:93:4d:68:a2:42:5d:81:c5:3a:77:
         8e:27:91:75:4b:f4:89:a8:12:91:ff:58:04:2f:9e:63:39:15:
         5c:1f:3b:c8:45:02:2b:e4:d9:b8:a7:d8:05:9a:dd:b5:64:10:
         1f:f0:7f:be:ff:03:e9:94:ad:73:55:3b:eb:2d:b2:4e:db:1e:
         c6:6a:e1:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx5eLWOHofYNXzwjwEq79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Njc1NzlmZTc0MWZhYzMyOTlkNDE5MWJjMDM4ZDcxMGM0
MzgzNzgwHhcNMjUwMjE2MjIwMTEwWhcNMjUwMjE3MjIwMTEwWjAzMTEwLwYDVQQD
EygxNWU1MjZjNGVhZjQ1YjRiZGMxNWJkMWRmZmM2NGY0YzRiMDgwNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAHxiV1Lyuzz5kOk0CZ75C/WLCFf
SQg5uZogTNEpnQ9s9ZdftkolhISHG0A7nFsVUz/6wIYikaDZglsaMzw7G3O0au0A
UwbzTdmNVTyBN7BqduWdoNXsSH2AWU80iZ6QRNbzQzLLPWJ/EqYoaGJIOhpQL+/r
wcwrZYUuiMfR/xwx7oOukzwCh1U7HP69S2yFjMAufzBdB9K5PFTF6iXa88WSTYqX
YfyaYJ2Isig/iNra4HYxgTZGy3zAnQmPQQRecelGoEISLGLJYsJvIRi1HvJaJdCR
pyrkPIQ4UTZhkrN7fNQ+mjzaTqkM3c9qaMbma7e4rQTAEO1FK0OLsGmDPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXlJsTq9FtL3BW9Hf/GT0xLCARVMB8GA1UdIwQY
MBaAFIZnV5/nQfrDKZ1BkbwDjXEMQ4N4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG1kWG4tZEItc01wblVHUnZBT05jUXhEZzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zYmY0MzAtMDBiMS00ODUzLWEyMzkt
MmYxNjU0MThlYjY4LzEvaG1kWG4tZEItc01wblVHUnZBT05jUXhEZzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zYmY0MzAtMDBiMS00ODUzLWEyMzktMmYxNjU0MThlYjY4
LzEvaG1kWG4tZEItc01wblVHUnZBT05jUXhEZzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAphkKuihT
GK/4KZK1KgZH4HnP37Tn8m4PjH0KysiMchQwB5f/nJiVvEggVuwoS1ysKpD8mLXt
OuTlCQER24m/H0OpOU+RhwXiTUJeYXLdFqhOtGdB4x8hgTtqmnXFQ7iygEC/VW8Y
MCH2BZEkfhqO8tN/t2PnBme/YUzji+NGP3ONx7Uzxv2qdBdpjqmWW3e3nNF1G7U9
MXJrXpeUP0B5xVOisLSqb7DFSBJWT7RHjRGjVjedqkHVq8KoGRGTTWiiQl2BxTp3
jieRdUv0iagSkf9YBC+eYzkVXB87yEUCK+TZuKfYBZrdtWQQH/B/vv8D6ZStc1U7
6y2yTtsexmrhVQ==
-----END CERTIFICATE-----