Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          S4Xz1sAztgXR/ntX8OqxOfCO7iw+4EbLP11J5fZn1sQ=
Subject key identifier:   66:A4:E6:88:F1:5E:6D:94:A0:69:BE:FA:D1:95:23:5F:47:04:6D:BC
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019655A570F012BBFF36EBD050847CBC1CD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          14FA
Signing time:             Mon 21 Apr 2025 00:00:27 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:27 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:27 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: w8/Jo9UpqdDhdpbzfAC0V9wGqXE/ezX2N+Hdmt7Prao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:70:f0:12:bb:ff:36:eb:d0:50:84:7c:bc:1c:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Apr 21 00:00:27 2025 GMT
            Not After : Apr 22 00:00:27 2025 GMT
        Subject: CN=66a4e688f15e6d94a069befad195235f47046dbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7b:1f:e0:35:f0:74:e2:a6:9e:f2:bb:bd:b1:
                    46:17:12:a8:32:2f:84:f9:7f:5e:89:2e:6c:67:c3:
                    7d:3c:72:48:92:93:96:f9:7c:ea:03:99:74:cd:ff:
                    d0:01:27:32:a2:51:d6:d4:e3:ed:c6:2e:e0:99:11:
                    4d:07:88:e6:c4:00:1b:7c:a0:da:10:7e:fd:89:8c:
                    ed:c8:07:8a:70:9d:84:76:d8:08:59:bf:85:82:e4:
                    c1:37:ff:11:c0:65:36:2a:78:99:f4:96:9e:f0:60:
                    74:67:b7:aa:60:a3:c1:13:f9:62:9a:f8:35:60:81:
                    84:8b:fd:fe:cd:c8:e0:49:c2:47:c8:74:23:db:97:
                    a1:3e:29:ea:7b:8e:8d:42:ed:60:b6:a4:bd:40:c2:
                    2a:f1:8c:0d:07:3a:8c:71:df:6d:88:ef:50:28:e5:
                    83:2f:0c:db:f5:ff:9d:b2:f1:c1:5d:7c:24:3d:4e:
                    f4:a2:dd:40:d5:72:00:b1:0b:db:fa:c7:45:17:3a:
                    45:0c:b3:53:0c:fb:8f:c1:85:0a:3c:18:1e:99:af:
                    d3:20:c1:c8:bc:ae:ac:db:19:e7:9a:4e:2b:7e:d3:
                    aa:60:24:81:c2:9a:2e:f4:b2:52:9f:89:77:1f:e4:
                    ee:8f:d9:f5:fb:61:6c:07:51:6a:e1:e8:e9:48:f0:
                    ab:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:A4:E6:88:F1:5E:6D:94:A0:69:BE:FA:D1:95:23:5F:47:04:6D:BC
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:c9:55:1d:cc:6e:2c:80:fe:41:4c:1c:af:72:cd:82:3b:20:
         3b:3a:61:16:aa:39:cc:ed:a4:6b:f7:60:01:9b:63:a8:25:90:
         d0:11:44:b8:3b:8d:aa:61:1b:a8:1a:65:c4:ae:28:27:ec:eb:
         1d:e0:e4:65:38:7d:72:21:a5:5c:fa:f5:b5:19:3c:3b:60:50:
         60:38:04:ba:b7:e1:8b:93:97:12:24:5e:86:cd:9e:17:00:55:
         01:d6:49:7c:00:76:cd:08:96:73:13:d0:92:08:e9:ab:94:cd:
         e7:c9:33:c4:bf:44:1b:6f:a7:14:40:55:98:13:df:de:67:ed:
         67:d8:e9:62:be:63:8a:aa:53:55:f7:35:27:6b:dd:a4:8a:48:
         35:76:de:e5:38:4f:74:e0:6b:c0:50:43:5e:58:b1:81:0a:06:
         41:11:ba:4b:23:e0:b6:74:72:e8:d7:b3:b6:04:43:4c:11:18:
         e8:da:cb:3d:ca:e4:bb:79:f3:fe:12:61:e0:38:94:1d:82:1d:
         a7:d3:98:2b:db:67:25:99:dd:bf:e6:8d:0f:87:81:51:17:f0:
         26:a6:e8:25:e4:78:2b:aa:be:e2:36:2a:41:29:40:de:58:f3:
         b2:85:01:62:9c:8f:95:33:b2:e6:a0:88:f3:30:6c:d7:c6:9b:
         c0:fd:6f:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpXDwErv/NuvQUIR8vBzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUwNDIxMDAwMDI3WhcNMjUwNDIyMDAwMDI3WjAzMTEwLwYDVQQD
Eyg2NmE0ZTY4OGYxNWU2ZDk0YTA2OWJlZmFkMTk1MjM1ZjQ3MDQ2ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnsf4DXwdOKmnvK7vbFGFxKoMi+E
+X9eiS5sZ8N9PHJIkpOW+XzqA5l0zf/QAScyolHW1OPtxi7gmRFNB4jmxAAbfKDa
EH79iYztyAeKcJ2EdtgIWb+FguTBN/8RwGU2KniZ9Jae8GB0Z7eqYKPBE/limvg1
YIGEi/3+zcjgScJHyHQj25ehPinqe46NQu1gtqS9QMIq8YwNBzqMcd9tiO9QKOWD
Lwzb9f+dsvHBXXwkPU70ot1A1XIAsQvb+sdFFzpFDLNTDPuPwYUKPBgema/TIMHI
vK6s2xnnmk4rftOqYCSBwpou9LJSn4l3H+Tuj9n1+2FsB1Fq4ejpSPCrswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGak5ojxXm2UoGm++tGVI19HBG28MB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnslVHcxu
LID+QUwcr3LNgjsgOzphFqo5zO2ka/dgAZtjqCWQ0BFEuDuNqmEbqBplxK4oJ+zr
HeDkZTh9ciGlXPr1tRk8O2BQYDgEurfhi5OXEiRehs2eFwBVAdZJfAB2zQiWcxPQ
kgjpq5TN58kzxL9EG2+nFEBVmBPf3mftZ9jpYr5jiqpTVfc1J2vdpIpINXbe5ThP
dOBrwFBDXlixgQoGQRG6SyPgtnRy6NeztgRDTBEY6NrLPcrku3nz/hJh4DiUHYId
p9OYK9tnJZndv+aND4eBURfwJqboJeR4K6q+4jYqQSlA3ljzsoUBYpyPlTOy5qCI
8zBs18abwP1v9Q==
-----END CERTIFICATE-----