Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          rIEpV5IdehBUo/TQ+vgzzuoHYz9Afo9aW6NW2m9RyTQ=
Subject key identifier:   E9:68:21:4C:7A:CB:D2:24:0A:AE:55:2A:2D:B6:90:40:34:74:E7:6C
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       0195113518906568BEB2F1DC1B34D10B878F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          07FD
Signing time:             Mon 17 Feb 2025 00:00:46 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:46 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:46 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: a53DKwxG+uY3l+xkU75agAhB90xPKYLlqYZp1r2eVRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:35:18:90:65:68:be:b2:f1:dc:1b:34:d1:0b:87:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Feb 17 00:00:46 2025 GMT
            Not After : Feb 18 00:00:46 2025 GMT
        Subject: CN=e968214c7acbd2240aae552a2db690403474e76c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cf:91:a0:94:4d:f9:17:59:cd:b9:9a:32:31:
                    3e:28:e6:b0:12:3f:94:76:81:48:3b:8f:f4:90:d0:
                    3f:7d:3e:de:6f:a7:cb:12:78:4a:ab:23:1f:c6:2e:
                    8b:1e:84:b7:62:f1:68:71:fb:ef:ea:0c:85:48:86:
                    13:a6:5d:d5:a8:af:55:fd:f9:9c:00:bc:4a:e7:d7:
                    d5:7f:24:2c:fd:5a:80:b0:c0:86:54:51:9a:e8:c6:
                    f7:26:30:ae:ab:7c:16:c1:77:1b:e8:b5:5f:3e:2a:
                    b7:b3:59:68:28:54:7d:75:fd:05:ec:5a:4c:e5:9e:
                    1c:7a:3c:09:5a:80:14:8a:b3:a8:db:c8:c1:69:bf:
                    8c:d3:75:11:ad:51:dc:c9:7b:74:10:74:cb:c5:85:
                    ee:67:d1:00:63:e0:a5:9c:fb:67:07:05:fb:3e:83:
                    8e:49:85:bb:bc:4c:f0:e5:b8:a7:a7:9b:65:43:0f:
                    68:bd:d4:b3:d2:77:f3:1c:57:b1:6e:8f:5c:95:7f:
                    da:74:ff:b6:20:9b:c1:82:78:69:f7:04:9c:36:10:
                    f1:29:1f:6e:af:e1:90:2b:62:b8:c3:74:67:c8:9e:
                    0e:42:e1:ba:9b:f3:16:70:11:4d:a8:d9:05:6b:7f:
                    ab:27:0e:1f:24:25:6e:1d:1a:48:4c:6a:a6:1b:a5:
                    de:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:68:21:4C:7A:CB:D2:24:0A:AE:55:2A:2D:B6:90:40:34:74:E7:6C
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:ac:cd:bf:eb:df:a2:40:4b:ce:ef:45:03:af:b9:19:64:4f:
         85:e7:d5:1b:06:57:89:90:4a:d6:38:92:2a:e5:20:10:b4:a7:
         e4:fb:60:3c:7e:fa:36:12:b8:83:ef:31:8a:b2:12:d9:49:69:
         24:67:95:0c:69:11:59:52:90:89:eb:34:47:a1:8e:c0:e6:92:
         7a:c6:b1:f8:49:f2:f7:b7:18:db:12:bb:bc:a8:24:40:5d:92:
         38:93:13:a3:30:95:62:91:bd:5c:a8:d6:99:d2:dd:43:a6:6e:
         fd:35:63:5f:03:bf:84:94:87:6b:a5:25:66:05:c8:7f:95:0f:
         f7:12:58:89:ce:c9:8a:57:89:7e:42:31:7f:20:e5:e7:0b:2b:
         80:e0:fe:e1:fd:48:a8:9f:7a:1c:0e:fe:4a:80:27:eb:28:10:
         67:17:ee:48:9f:c6:07:70:33:8d:35:8c:73:c6:9c:a8:01:00:
         97:ea:2c:89:37:06:68:60:c5:a2:4b:00:65:d5:ff:3a:32:44:
         08:f6:04:84:85:2d:e5:cb:87:71:a4:84:2f:22:c3:4e:87:10:
         c0:ba:94:d4:c5:f1:4d:b6:c9:4b:3a:0e:09:33:12:00:1b:09:
         64:a0:ec:f8:61:b0:29:ed:83:a4:bf:9c:86:06:e2:28:f2:59:
         03:75:01:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNRiQZWi+svHcGzTRC4ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwMjE3MDAwMDQ2WhcNMjUwMjE4MDAwMDQ2WjAzMTEwLwYDVQQD
EyhlOTY4MjE0YzdhY2JkMjI0MGFhZTU1MmEyZGI2OTA0MDM0NzRlNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM+RoJRN+RdZzbmaMjE+KOawEj+U
doFIO4/0kNA/fT7eb6fLEnhKqyMfxi6LHoS3YvFocfvv6gyFSIYTpl3VqK9V/fmc
ALxK59fVfyQs/VqAsMCGVFGa6Mb3JjCuq3wWwXcb6LVfPiq3s1loKFR9df0F7FpM
5Z4cejwJWoAUirOo28jBab+M03URrVHcyXt0EHTLxYXuZ9EAY+ClnPtnBwX7PoOO
SYW7vEzw5binp5tlQw9ovdSz0nfzHFexbo9clX/adP+2IJvBgnhp9wScNhDxKR9u
r+GQK2K4w3RnyJ4OQuG6m/MWcBFNqNkFa3+rJw4fJCVuHRpITGqmG6XekwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOloIUx6y9IkCq5VKi22kEA0dOdsMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtazNv+vf
okBLzu9FA6+5GWRPhefVGwZXiZBK1jiSKuUgELSn5PtgPH76NhK4g+8xirIS2Ulp
JGeVDGkRWVKQies0R6GOwOaSesax+Eny97cY2xK7vKgkQF2SOJMTozCVYpG9XKjW
mdLdQ6Zu/TVjXwO/hJSHa6UlZgXIf5UP9xJYic7JileJfkIxfyDl5wsrgOD+4f1I
qJ96HA7+SoAn6ygQZxfuSJ/GB3AzjTWMc8acqAEAl+osiTcGaGDFoksAZdX/OjJE
CPYEhIUt5cuHcaSELyLDTocQwLqU1MXxTbbJSzoOCTMSABsJZKDs+GGwKe2DpL+c
hgbiKPJZA3UB+A==
-----END CERTIFICATE-----