Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          lS+pyb1P5j5w+BdVnElv6Bi6OPKfyCql3s3VNwPjxKQ=
Subject key identifier:   94:A8:5F:9B:B7:19:E8:23:4F:F5:CB:43:2B:65:E6:E7:54:2D:D5:5F
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       019647B3D911641E9605F126336D2FCC17AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          14F4
Signing time:             Fri 18 Apr 2025 07:01:30 +0000
Manifest this update:     Fri 18 Apr 2025 07:01:30 +0000
Manifest next update:     Sat 19 Apr 2025 07:01:30 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: gbVfKPQUHDPlNkOHtx3YDeb9GVspQc2aUFv8ENT/ENI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 07:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:47:b3:d9:11:64:1e:96:05:f1:26:33:6d:2f:cc:17:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Apr 18 07:01:30 2025 GMT
            Not After : Apr 19 07:01:30 2025 GMT
        Subject: CN=94a85f9bb719e8234ff5cb432b65e6e7542dd55f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ef:f3:8a:93:95:b2:44:3a:5b:fb:99:7a:45:
                    01:a0:63:2f:ed:09:ce:21:ea:92:f1:6e:a1:a9:d9:
                    b0:ed:55:d2:73:d4:f0:e0:a0:5b:72:e0:4d:23:11:
                    dd:b8:ef:04:0d:9a:d7:9b:4b:5d:f2:cf:5c:b1:43:
                    44:48:d3:95:30:4f:36:66:34:3d:37:ce:ea:15:45:
                    7e:6d:f2:89:a0:c1:4d:ee:c2:f1:47:68:fa:3d:aa:
                    f4:97:be:3f:4d:83:ea:f7:bc:3d:3c:40:aa:80:c6:
                    ea:b9:21:6a:37:fc:39:4c:22:a2:89:cc:ce:70:01:
                    2b:f1:92:90:f4:e6:6b:13:05:03:17:72:1a:82:5e:
                    17:29:6d:58:98:e7:cc:d9:15:e4:c3:3f:63:87:a5:
                    fe:a1:99:62:97:1e:3b:61:57:d7:07:43:70:65:7c:
                    df:ef:81:79:7d:4b:c7:08:60:91:eb:f2:ab:1f:8c:
                    30:df:6b:98:d9:97:ba:a9:24:bb:80:e5:3a:1a:e1:
                    91:21:43:2d:95:f0:cc:f9:f3:d6:41:9b:6b:2f:71:
                    2d:65:c1:89:2f:84:d8:fa:34:7e:57:67:b3:31:c2:
                    03:a2:b9:be:fd:c9:cc:4c:e0:10:77:48:04:e6:db:
                    37:5c:cd:e4:d6:2e:af:05:01:54:80:ec:2a:4f:9a:
                    1e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:A8:5F:9B:B7:19:E8:23:4F:F5:CB:43:2B:65:E6:E7:54:2D:D5:5F
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:62:d5:42:59:22:69:4a:d4:fa:b0:a5:aa:0a:25:df:2c:a7:
         1a:dd:1f:2b:94:98:b2:82:96:c8:77:c4:d1:72:a3:7e:88:55:
         bb:2b:d1:b3:b5:d5:95:32:ba:57:0c:e9:b4:bf:48:64:a8:30:
         c6:09:d5:54:55:fb:0b:06:49:f4:18:18:8f:4a:f2:40:2c:e2:
         9a:db:7d:6c:6e:35:a2:8c:72:af:e2:87:fe:0c:18:9f:df:17:
         0d:f2:f4:c9:1b:58:93:0f:61:06:f7:78:fa:b0:e9:b4:e3:52:
         c6:99:8f:ce:a5:81:f4:12:a6:8d:92:e4:37:28:e3:72:c5:46:
         bf:15:45:57:8b:8c:3d:06:a5:b7:50:71:19:bf:b9:0b:31:99:
         63:39:47:ce:cf:e5:95:f3:76:be:6a:62:d2:09:fd:98:7e:c7:
         80:60:e1:63:e5:52:6f:99:fd:6a:56:4f:3a:33:d0:56:9b:06:
         67:a6:d4:b5:9d:a5:ed:a0:3a:62:c3:7f:79:03:61:67:c2:bd:
         43:59:0a:a1:aa:31:c0:e9:21:54:4d:8a:32:0c:7a:e3:fe:31:
         1b:ed:23:c1:18:8e:97:44:3c:ca:3a:c2:64:c4:f3:9e:14:52:
         20:32:ed:10:f2:a3:2b:e6:74:8a:29:34:fe:fa:04:f7:3d:b2:
         e2:d5:8f:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZHs9kRZB6WBfEmM20vzBerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjUwNDE4MDcwMTMwWhcNMjUwNDE5MDcwMTMwWjAzMTEwLwYDVQQD
Eyg5NGE4NWY5YmI3MTllODIzNGZmNWNiNDMyYjY1ZTZlNzU0MmRkNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+/zipOVskQ6W/uZekUBoGMv7QnO
IeqS8W6hqdmw7VXSc9Tw4KBbcuBNIxHduO8EDZrXm0td8s9csUNESNOVME82ZjQ9
N87qFUV+bfKJoMFN7sLxR2j6Par0l74/TYPq97w9PECqgMbquSFqN/w5TCKiiczO
cAEr8ZKQ9OZrEwUDF3Iagl4XKW1YmOfM2RXkwz9jh6X+oZlilx47YVfXB0NwZXzf
74F5fUvHCGCR6/KrH4ww32uY2Ze6qSS7gOU6GuGRIUMtlfDM+fPWQZtrL3EtZcGJ
L4TY+jR+V2ezMcIDorm+/cnMTOAQd0gE5ts3XM3k1i6vBQFUgOwqT5oeEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSoX5u3GegjT/XLQytl5udULdVfMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJGLVQlki
aUrU+rClqgol3yynGt0fK5SYsoKWyHfE0XKjfohVuyvRs7XVlTK6VwzptL9IZKgw
xgnVVFX7CwZJ9BgYj0ryQCzimtt9bG41ooxyr+KH/gwYn98XDfL0yRtYkw9hBvd4
+rDptONSxpmPzqWB9BKmjZLkNyjjcsVGvxVFV4uMPQalt1BxGb+5CzGZYzlHzs/l
lfN2vmpi0gn9mH7HgGDhY+VSb5n9alZPOjPQVpsGZ6bUtZ2l7aA6YsN/eQNhZ8K9
Q1kKoaoxwOkhVE2KMgx64/4xG+0jwRiOl0Q8yjrCZMTznhRSIDLtEPKjK+Z0iik0
/voE9z2y4tWPfw==
-----END CERTIFICATE-----