Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          RFQLugDobQ3Ut7p8cqVnsOsfhs73/TlH73JKfh4DCZo=
Subject key identifier:   29:28:89:95:FB:06:35:77:8D:54:64:CE:26:78:AF:5B:F8:D3:D5:07
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       0195121074AC19E1DDA54F7F18409E2B434F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          028C
Signing time:             Mon 17 Feb 2025 04:00:23 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:23 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:23 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: lkV1QDaKe1GWuCBK7bMKpcVsllrQX+z+SUHxYdgxjcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:74:ac:19:e1:dd:a5:4f:7f:18:40:9e:2b:43:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Feb 17 04:00:23 2025 GMT
            Not After : Feb 18 04:00:23 2025 GMT
        Subject: CN=29288995fb0635778d5464ce2678af5bf8d3d507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f1:e4:15:a2:1d:50:17:d4:50:0a:f9:72:95:
                    97:55:81:58:d7:76:67:c8:d3:7c:b9:75:dc:8c:24:
                    50:8a:98:8f:6d:2a:e5:c1:7d:e3:61:d8:e0:a6:c7:
                    ef:ae:7d:6a:2c:50:e1:4d:96:74:3f:09:b5:a0:67:
                    45:d3:88:c3:e0:59:a8:99:50:02:f6:e2:61:d8:db:
                    b0:2b:99:50:20:f0:0b:92:cf:fa:01:2b:ee:a3:98:
                    fd:37:d6:59:db:22:62:e3:f3:42:77:ee:0b:82:13:
                    18:3a:94:cc:a9:5f:b2:2a:4a:f9:c7:8b:73:73:51:
                    bd:23:dd:77:b0:96:f4:cd:c7:19:8f:73:52:d9:14:
                    de:30:7e:2b:9c:e2:62:42:aa:ca:d5:a4:4d:44:e2:
                    50:3b:20:a9:7c:af:b4:78:7b:16:57:9f:79:ab:d6:
                    70:bd:95:89:7e:99:01:4b:80:6e:75:c5:59:fc:f1:
                    13:41:82:ce:c3:66:16:54:2f:7b:e0:57:fc:e8:d5:
                    cb:d9:1f:4e:ee:0c:6e:b4:0c:49:75:4c:35:1f:95:
                    a3:e0:9b:38:14:c8:04:5a:5f:bb:03:c8:22:f3:07:
                    05:82:37:31:4e:b2:6b:75:78:6c:bc:a1:a2:72:30:
                    4f:0f:73:7c:a7:c4:2d:da:ae:08:0f:32:ca:da:ec:
                    9c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:28:89:95:FB:06:35:77:8D:54:64:CE:26:78:AF:5B:F8:D3:D5:07
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:32:26:98:ab:a5:8a:33:dd:93:65:82:f0:77:ed:1b:4d:f1:
         9e:91:b4:44:50:a3:82:76:35:3c:d8:dc:40:7f:9d:ae:4f:88:
         11:24:64:e4:39:80:96:79:3c:3e:eb:2a:17:a8:7c:b4:de:44:
         f9:5f:67:8d:3d:07:c5:56:e0:cc:92:32:73:64:31:54:e5:ca:
         9d:29:d5:4b:a9:01:ea:40:19:f1:b2:a5:b1:30:57:f1:38:93:
         e4:dd:b5:72:a8:a2:8f:47:81:e9:8d:0a:2b:3e:51:7e:98:b1:
         1a:d9:ec:1a:a3:a2:89:40:81:52:60:92:83:1f:67:cf:7f:20:
         06:9c:dd:e0:0b:5d:14:5a:a3:48:39:9b:c6:5f:fc:55:43:e9:
         f6:94:f0:c5:86:38:da:ed:82:e3:0c:25:28:6f:ba:11:ed:f6:
         9d:80:e2:5f:7c:27:f1:4a:6f:f4:74:db:b4:e0:72:07:80:91:
         23:9c:7a:a9:d1:48:92:43:6b:1e:e0:9e:49:ab:28:7e:bf:48:
         60:05:7c:a5:cc:8e:a8:e2:56:25:1a:1c:6a:8a:82:ab:50:e4:
         7d:d7:52:e2:6b:15:0c:8f:d7:a5:23:67:d2:95:09:33:02:08:
         5d:3b:a0:e0:d9:96:45:4b:df:f0:91:68:15:16:7d:ed:c2:5b:
         22:0a:34:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSEHSsGeHdpU9/GECeK0NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwMjE3MDQwMDIzWhcNMjUwMjE4MDQwMDIzWjAzMTEwLwYDVQQD
EygyOTI4ODk5NWZiMDYzNTc3OGQ1NDY0Y2UyNjc4YWY1YmY4ZDNkNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPHkFaIdUBfUUAr5cpWXVYFY13Zn
yNN8uXXcjCRQipiPbSrlwX3jYdjgpsfvrn1qLFDhTZZ0Pwm1oGdF04jD4FmomVAC
9uJh2NuwK5lQIPALks/6ASvuo5j9N9ZZ2yJi4/NCd+4LghMYOpTMqV+yKkr5x4tz
c1G9I913sJb0zccZj3NS2RTeMH4rnOJiQqrK1aRNROJQOyCpfK+0eHsWV595q9Zw
vZWJfpkBS4BudcVZ/PETQYLOw2YWVC974Ff86NXL2R9O7gxutAxJdUw1H5Wj4Js4
FMgEWl+7A8gi8wcFgjcxTrJrdXhsvKGicjBPD3N8p8Qt2q4IDzLK2uycSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkoiZX7BjV3jVRkziZ4r1v409UHMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTImmKul
ijPdk2WC8HftG03xnpG0RFCjgnY1PNjcQH+drk+IESRk5DmAlnk8PusqF6h8tN5E
+V9njT0HxVbgzJIyc2QxVOXKnSnVS6kB6kAZ8bKlsTBX8TiT5N21cqiij0eB6Y0K
Kz5RfpixGtnsGqOiiUCBUmCSgx9nz38gBpzd4AtdFFqjSDmbxl/8VUPp9pTwxYY4
2u2C4wwlKG+6Ee32nYDiX3wn8Upv9HTbtOByB4CRI5x6qdFIkkNrHuCeSasofr9I
YAV8pcyOqOJWJRocaoqCq1DkfddS4msVDI/XpSNn0pUJMwIIXTug4NmWRUvf8JFo
FRZ97cJbIgo0DA==
-----END CERTIFICATE-----