Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
File:                     hqSVrmh0HnnVjjiGviqoeMSME7Y.mft (raw, json)
Hash identifier:          SqC5Uv5UPk9QrlWK8L+EX4NO5w1ormIhN8VrwQtRBtU=
Subject key identifier:   93:A7:A2:12:E2:E8:16:C1:57:FE:97:C3:FD:ED:0D:AA:4B:06:83:94
Authority key identifier: 86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6
Certificate issuer:       /CN=86a495ae68741e79d58e3886be2aa878c48c13b6
Certificate serial:       01964C6B4D7E468B6D19AAF0C5092BA4C252
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 05:00:22 +0000
Manifest this update:     Sat 19 Apr 2025 05:00:22 +0000
Manifest next update:     Sun 20 Apr 2025 05:00:22 +0000
Files and hashes:         1: hqSVrmh0HnnVjjiGviqoeMSME7Y.crl (hash: qkHZ088lutNaxx3AJ/cg1KAVXeG+/cS/ZdKgqKWkDCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:6b:4d:7e:46:8b:6d:19:aa:f0:c5:09:2b:a4:c2:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a495ae68741e79d58e3886be2aa878c48c13b6
        Validity
            Not Before: Apr 19 05:00:22 2025 GMT
            Not After : Apr 20 05:00:22 2025 GMT
        Subject: CN=93a7a212e2e816c157fe97c3fded0daa4b068394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:85:66:b8:45:da:a8:50:fa:34:33:52:25:07:
                    02:07:b8:da:95:84:6a:03:11:fd:35:e3:6e:cc:20:
                    4a:f4:92:2f:3d:4f:4f:1d:5b:24:e1:22:9b:f4:82:
                    7e:08:22:a4:5c:a0:2d:7b:33:c2:31:08:87:3f:35:
                    49:01:47:85:b2:a7:cd:6d:2e:9c:62:5d:61:43:77:
                    77:d4:c2:15:68:fd:2c:d6:83:e4:ad:b3:f4:39:a5:
                    b5:0c:67:f3:fc:3c:7d:6e:bf:8d:0f:8e:79:5e:fc:
                    a9:ed:b3:53:86:af:32:a4:e6:bb:34:ed:de:f0:c8:
                    2c:b4:0b:ce:36:81:b5:10:67:dd:2b:f6:39:1b:5c:
                    9d:0d:59:2e:23:be:6d:eb:af:c8:18:7c:e7:91:10:
                    60:86:50:80:58:fb:ab:75:2f:24:a6:31:60:86:fe:
                    16:d2:04:20:79:de:32:c2:ce:81:3a:11:6d:6c:7f:
                    47:5e:f8:c2:54:16:a6:2a:f5:c5:f9:e5:f0:8d:4f:
                    73:a9:52:04:50:a7:12:c4:5b:2a:12:01:31:c1:79:
                    04:64:71:b0:97:fa:af:6e:7b:2d:d8:66:a6:1f:46:
                    13:79:bb:99:8e:4f:fa:83:3e:80:fd:8d:7b:4d:0e:
                    1c:66:04:8e:08:c2:69:56:3c:8e:79:90:c8:1f:1a:
                    11:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A7:A2:12:E2:E8:16:C1:57:FE:97:C3:FD:ED:0D:AA:4B:06:83:94
            X509v3 Authority Key Identifier:
                keyid:86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:c7:85:20:d3:95:fa:eb:af:4a:4f:fc:bf:30:5b:1a:31:62:
         42:b8:58:73:63:e1:90:a4:39:d2:7c:96:e5:80:f9:e6:69:4d:
         62:57:dd:46:8a:6b:96:76:f2:71:0c:77:2f:a0:82:93:17:60:
         2d:a9:ad:9f:29:56:13:ff:1f:ec:e7:26:69:50:52:8c:c2:97:
         af:c5:b2:c5:1c:3c:ab:18:a2:60:d9:c6:82:9a:9e:4b:b5:d6:
         a1:44:56:bd:10:01:54:4c:bc:0a:bf:63:75:81:61:41:d8:e7:
         14:07:12:29:3d:a5:f2:21:6b:f3:ed:7a:ea:3c:af:be:92:64:
         b4:d5:8b:7e:08:0b:c9:9c:1a:1a:2e:1a:09:c3:c8:9f:37:ef:
         06:ec:0e:60:10:a4:8b:5d:1a:94:c2:e6:78:54:6c:29:6e:36:
         18:9f:5f:c4:b7:1b:91:ec:0d:d3:0b:db:28:73:48:40:69:bf:
         66:0f:b2:a0:41:e9:4e:54:22:bf:59:2e:84:b7:1c:ae:2a:6d:
         04:fe:9c:3e:c8:77:88:b4:11:21:c3:bc:23:74:de:83:81:18:
         d0:75:0b:5e:f8:29:18:63:bb:ab:09:54:1b:0d:75:c3:bd:71:
         4c:b5:27:67:97:16:17:3b:67:7b:a9:8d:18:bc:1d:99:ad:ce:
         75:1a:ee:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMa01+RottGarwxQkrpMJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTQ5NWFlNjg3NDFlNzlkNThlMzg4NmJlMmFhODc4YzQ4
YzEzYjYwHhcNMjUwNDE5MDUwMDIyWhcNMjUwNDIwMDUwMDIyWjAzMTEwLwYDVQQD
Eyg5M2E3YTIxMmUyZTgxNmMxNTdmZTk3YzNmZGVkMGRhYTRiMDY4Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYVmuEXaqFD6NDNSJQcCB7jalYRq
AxH9NeNuzCBK9JIvPU9PHVsk4SKb9IJ+CCKkXKAtezPCMQiHPzVJAUeFsqfNbS6c
Yl1hQ3d31MIVaP0s1oPkrbP0OaW1DGfz/Dx9br+ND455Xvyp7bNThq8ypOa7NO3e
8MgstAvONoG1EGfdK/Y5G1ydDVkuI75t66/IGHznkRBghlCAWPurdS8kpjFghv4W
0gQged4yws6BOhFtbH9HXvjCVBamKvXF+eXwjU9zqVIEUKcSxFsqEgExwXkEZHGw
l/qvbnst2GamH0YTebuZjk/6gz6A/Y17TQ4cZgSOCMJpVjyOeZDIHxoRtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOnohLi6BbBV/6Xw/3tDapLBoOUMB8GA1UdIwQY
MBaAFIakla5odB551Y44hr4qqHjEjBO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEt
NDkxOGIwMjc0MmM3LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEtNDkxOGIwMjc0MmM3
LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi8eFINOV
+uuvSk/8vzBbGjFiQrhYc2PhkKQ50nyW5YD55mlNYlfdRoprlnbycQx3L6CCkxdg
LamtnylWE/8f7OcmaVBSjMKXr8WyxRw8qxiiYNnGgpqeS7XWoURWvRABVEy8Cr9j
dYFhQdjnFAcSKT2l8iFr8+166jyvvpJktNWLfggLyZwaGi4aCcPInzfvBuwOYBCk
i10alMLmeFRsKW42GJ9fxLcbkewN0wvbKHNIQGm/Zg+yoEHpTlQiv1kuhLccript
BP6cPsh3iLQRIcO8I3Teg4EY0HULXvgpGGO7qwlUGw11w71xTLUnZ5cWFztne6mN
GLwdma3OdRrutg==
-----END CERTIFICATE-----