Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          Kv3UbQyxvpwMq6ErmReDaB/IAc5EFxCCV8EN9F5N/mc=
Subject key identifier:   5C:0A:3F:B1:54:05:33:C0:BA:2C:5E:6C:57:59:14:56:63:74:FA:DB
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       01964CD937CA2F7AD44F66739261D17716DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          10B2
Signing time:             Sat 19 Apr 2025 07:00:26 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:26 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:26 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: hfb8PapLovd6XSUVZUkdsrpGO5cP25dLku8bQZuwH3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:37:ca:2f:7a:d4:4f:66:73:92:61:d1:77:16:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Apr 19 07:00:26 2025 GMT
            Not After : Apr 20 07:00:26 2025 GMT
        Subject: CN=5c0a3fb1540533c0ba2c5e6c575914566374fadb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:95:9f:fd:25:d2:5a:36:0d:7d:d7:6c:62:2c:
                    ed:f0:c6:2b:8c:aa:e9:19:bb:24:eb:bf:03:0a:7c:
                    ca:8c:78:a1:a8:c0:75:26:8d:f0:c8:56:53:f1:c1:
                    cc:b6:3c:06:88:64:78:09:06:f3:c9:b3:50:96:ef:
                    77:77:85:93:6f:73:e3:5f:4b:37:ed:ee:ce:76:66:
                    b8:ad:cd:49:01:ae:67:02:41:97:e7:5b:17:4a:b7:
                    08:95:e1:0d:fd:a4:fa:c8:86:f1:83:a8:39:41:7b:
                    fa:d2:a1:5e:33:7e:73:8b:5b:e4:ca:cd:df:ff:7b:
                    8c:0c:27:d3:5e:0e:83:91:de:f0:0a:68:9f:57:f5:
                    66:0f:e8:d9:83:0a:c9:2c:81:fb:ef:aa:82:45:e9:
                    f0:db:ba:49:c9:11:04:6b:86:ec:3c:e6:0f:64:f3:
                    30:4f:c3:38:d8:9d:c9:16:18:03:60:8d:35:0c:94:
                    09:83:09:f0:12:b6:a8:df:05:96:86:a3:79:00:a9:
                    0a:c5:b7:ae:31:e0:d0:e3:a3:96:9d:67:b8:24:68:
                    e1:05:5c:b9:0f:2a:93:d1:b2:c2:33:21:99:7c:90:
                    64:73:fe:1f:96:4b:c2:42:4f:41:a2:dc:2b:c0:40:
                    de:83:e2:68:4c:c2:4f:a2:60:cb:e0:69:69:f7:0f:
                    8f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:0A:3F:B1:54:05:33:C0:BA:2C:5E:6C:57:59:14:56:63:74:FA:DB
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:cb:1b:07:8a:54:99:d6:84:bd:81:f4:a0:7f:da:59:bb:3d:
         96:b8:4c:5f:81:cd:97:d3:ef:86:b6:05:21:95:1c:0b:1d:9c:
         4c:e9:b4:87:4a:4c:93:24:9f:ee:da:2d:37:a8:a5:0a:69:7b:
         cc:91:dc:1e:e5:00:c7:20:12:d4:21:c0:72:24:fe:61:1d:f2:
         c2:f1:40:6e:e6:d6:90:6c:fc:76:7b:d8:c8:fe:87:37:18:a6:
         99:23:94:3d:90:c3:00:cb:00:11:9e:39:48:90:88:14:7b:b8:
         c4:f3:ef:ab:c3:9c:86:b9:2b:d4:3c:27:9a:40:fd:c6:84:b0:
         68:15:cc:be:b6:c1:7a:91:20:6b:2f:9e:c1:d2:4c:89:81:80:
         aa:d3:1b:e5:79:20:8d:fb:b2:fe:b9:5c:73:78:08:12:32:5d:
         c0:aa:4a:73:42:e4:ff:49:72:ec:21:fe:d6:d3:dd:84:37:96:
         54:d4:7a:6d:c5:d2:fd:82:b6:a2:22:7e:e8:f6:e0:4c:12:b9:
         f8:32:66:43:38:21:a8:ae:97:82:04:d2:81:80:dd:1f:98:2e:
         85:37:3d:2d:e3:81:43:25:ec:2c:a3:c8:23:94:e0:da:ff:ae:
         e5:c3:40:fa:f0:be:ec:16:ba:a0:2b:b8:bf:b4:42:ca:a5:e2:
         5b:b8:2e:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2TfKL3rUT2ZzkmHRdxbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjUwNDE5MDcwMDI2WhcNMjUwNDIwMDcwMDI2WjAzMTEwLwYDVQQD
Eyg1YzBhM2ZiMTU0MDUzM2MwYmEyYzVlNmM1NzU5MTQ1NjYzNzRmYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZWf/SXSWjYNfddsYizt8MYrjKrp
Gbsk678DCnzKjHihqMB1Jo3wyFZT8cHMtjwGiGR4CQbzybNQlu93d4WTb3PjX0s3
7e7Odma4rc1JAa5nAkGX51sXSrcIleEN/aT6yIbxg6g5QXv60qFeM35zi1vkys3f
/3uMDCfTXg6Dkd7wCmifV/VmD+jZgwrJLIH776qCRenw27pJyREEa4bsPOYPZPMw
T8M42J3JFhgDYI01DJQJgwnwErao3wWWhqN5AKkKxbeuMeDQ46OWnWe4JGjhBVy5
DyqT0bLCMyGZfJBkc/4flkvCQk9BotwrwEDeg+JoTMJPomDL4Glp9w+PQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwKP7FUBTPAuixebFdZFFZjdPrbMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALssbB4pU
mdaEvYH0oH/aWbs9lrhMX4HNl9PvhrYFIZUcCx2cTOm0h0pMkySf7totN6ilCml7
zJHcHuUAxyAS1CHAciT+YR3ywvFAbubWkGz8dnvYyP6HNximmSOUPZDDAMsAEZ45
SJCIFHu4xPPvq8Ochrkr1DwnmkD9xoSwaBXMvrbBepEgay+ewdJMiYGAqtMb5Xkg
jfuy/rlcc3gIEjJdwKpKc0Lk/0ly7CH+1tPdhDeWVNR6bcXS/YK2oiJ+6PbgTBK5
+DJmQzghqK6XggTSgYDdH5guhTc9LeOBQyXsLKPII5Tg2v+u5cNA+vC+7Ba6oCu4
v7RCyqXiW7gubg==
-----END CERTIFICATE-----