Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
File:                     hvH06JS38tbeGWF30OzA3s4oaZY.mft (raw, json)
Hash identifier:          2OWN6DXrS0RAhypxA0OYo29nKLLuppaTHv7W0sBijxA=
Subject key identifier:   7F:DD:0F:08:01:BF:02:F7:DB:7F:F1:0B:FB:B1:49:2E:3E:2B:95:EB
Authority key identifier: 86:F1:F4:E8:94:B7:F2:D6:DE:19:61:77:D0:EC:C0:DE:CE:28:69:96
Certificate issuer:       /CN=86f1f4e894b7f2d6de196177d0ecc0dece286996
Certificate serial:       019655380E1D34427108F77B87A7D2A67B8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
Manifest number:          0845
Signing time:             Sun 20 Apr 2025 22:00:58 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:58 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:58 +0000
Files and hashes:         1: hvH06JS38tbeGWF30OzA3s4oaZY.crl (hash: KOg8wLgCD19x7VgpAQ7zrLa8HRX5JN7EYlJRHEr6sj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:0e:1d:34:42:71:08:f7:7b:87:a7:d2:a6:7b:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f1f4e894b7f2d6de196177d0ecc0dece286996
        Validity
            Not Before: Apr 20 22:00:58 2025 GMT
            Not After : Apr 21 22:00:58 2025 GMT
        Subject: CN=7fdd0f0801bf02f7db7ff10bfbb1492e3e2b95eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:a3:b0:10:6e:e5:da:a1:78:20:9d:d8:7c:15:
                    2c:b1:a5:df:8e:9f:06:a5:1c:b5:a6:43:8e:15:e7:
                    05:62:3d:0b:83:60:9b:f0:56:3a:ed:2e:c2:f5:27:
                    8c:8a:f1:2a:bf:78:8b:be:a1:00:fd:04:21:df:b9:
                    1b:82:d3:32:94:61:f2:a1:0a:7d:a3:4c:18:a0:86:
                    0e:c4:6b:2d:d5:b1:60:cd:a2:f7:e7:b5:2a:a9:27:
                    a1:ee:1e:81:96:3a:14:6d:19:43:ed:c8:36:8c:31:
                    e2:0f:f5:36:66:ab:84:79:05:8a:a0:1e:77:74:42:
                    13:ee:fc:28:b2:ee:d5:dd:fa:ef:31:7d:36:ce:cd:
                    41:bd:32:ba:3e:6e:22:4f:61:e0:52:1e:b2:71:b1:
                    f8:01:04:16:b3:fa:3b:1f:15:98:df:5f:d0:13:8b:
                    12:cb:71:be:09:a3:e3:36:4c:0f:34:ed:3b:f5:f8:
                    f5:11:29:4c:91:15:ed:e2:07:10:72:57:95:97:4a:
                    fd:33:75:c1:0c:d6:63:08:a9:92:e6:29:25:8f:e7:
                    f9:85:1f:27:63:f2:6f:08:ba:22:97:68:c1:d4:66:
                    ad:05:50:ca:d0:2a:75:44:4f:dd:da:4d:df:46:6a:
                    b1:03:78:2f:d5:b2:0e:ca:c3:23:3b:11:45:54:30:
                    26:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:DD:0F:08:01:BF:02:F7:DB:7F:F1:0B:FB:B1:49:2E:3E:2B:95:EB
            X509v3 Authority Key Identifier:
                keyid:86:F1:F4:E8:94:B7:F2:D6:DE:19:61:77:D0:EC:C0:DE:CE:28:69:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:e4:56:f4:5f:22:b4:32:44:b1:3b:d3:92:72:0b:d3:d6:f3:
         ed:b4:50:6d:53:b4:a3:51:11:c7:c1:fd:0f:c4:f9:72:d5:e0:
         db:80:d3:99:2d:33:31:85:f5:0b:59:92:7e:f9:25:40:e4:bb:
         19:3c:f1:d0:20:a8:40:39:bb:dd:69:bd:f6:c6:de:46:10:93:
         15:f7:5b:0e:1e:43:f1:51:7d:a3:33:87:96:4b:48:cf:39:62:
         e5:53:c1:27:81:35:6d:26:77:31:e4:0b:e7:9b:6a:20:7b:92:
         40:ab:67:c0:f2:75:8f:17:53:db:9f:67:04:b3:7c:6a:eb:9c:
         9f:a3:01:22:3e:1c:24:9f:7b:ef:7a:cc:e8:e6:66:a1:65:bb:
         be:c1:4d:1c:80:84:3b:f0:c9:57:6f:ef:57:a7:bc:9b:a7:43:
         b3:b4:e2:80:07:bc:46:3b:67:f7:3a:34:4c:99:3b:14:43:20:
         a9:9a:25:b1:2c:48:28:e9:cb:f8:fb:fc:d9:61:89:af:76:28:
         b7:64:4e:cd:42:50:12:08:57:14:67:76:ef:18:9c:65:40:60:
         44:60:a7:10:0f:90:cc:a6:bd:90:30:29:e4:12:97:76:53:ef:
         67:3f:6d:f9:23:0a:ad:e7:31:e2:4f:a6:a4:b3:3e:e0:00:57:
         56:77:04:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOA4dNEJxCPd7h6fSpnuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjFmNGU4OTRiN2YyZDZkZTE5NjE3N2QwZWNjMGRlY2Uy
ODY5OTYwHhcNMjUwNDIwMjIwMDU4WhcNMjUwNDIxMjIwMDU4WjAzMTEwLwYDVQQD
Eyg3ZmRkMGYwODAxYmYwMmY3ZGI3ZmYxMGJmYmIxNDkyZTNlMmI5NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqOwEG7l2qF4IJ3YfBUssaXfjp8G
pRy1pkOOFecFYj0Lg2Cb8FY67S7C9SeMivEqv3iLvqEA/QQh37kbgtMylGHyoQp9
o0wYoIYOxGst1bFgzaL357UqqSeh7h6BljoUbRlD7cg2jDHiD/U2ZquEeQWKoB53
dEIT7vwosu7V3frvMX02zs1BvTK6Pm4iT2HgUh6ycbH4AQQWs/o7HxWY31/QE4sS
y3G+CaPjNkwPNO079fj1ESlMkRXt4gcQcleVl0r9M3XBDNZjCKmS5iklj+f5hR8n
Y/JvCLoil2jB1GatBVDK0Cp1RE/d2k3fRmqxA3gv1bIOysMjOxFFVDAmfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/dDwgBvwL323/xC/uxSS4+K5XrMB8GA1UdIwQY
MBaAFIbx9OiUt/LW3hlhd9DswN7OKGmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84YjBiOTMtODY3ZS00MDYyLWE2NWIt
NjY3NzViMGFiN2QxLzEvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84YjBiOTMtODY3ZS00MDYyLWE2NWItNjY3NzViMGFiN2Qx
LzEvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkuRW9F8i
tDJEsTvTknIL09bz7bRQbVO0o1ERx8H9D8T5ctXg24DTmS0zMYX1C1mSfvklQOS7
GTzx0CCoQDm73Wm99sbeRhCTFfdbDh5D8VF9ozOHlktIzzli5VPBJ4E1bSZ3MeQL
55tqIHuSQKtnwPJ1jxdT259nBLN8auucn6MBIj4cJJ9773rM6OZmoWW7vsFNHICE
O/DJV2/vV6e8m6dDs7TigAe8Rjtn9zo0TJk7FEMgqZolsSxIKOnL+Pv82WGJr3Yo
t2ROzUJQEghXFGd27xicZUBgRGCnEA+QzKa9kDAp5BKXdlPvZz9t+SMKrecx4k+m
pLM+4ABXVncEZg==
-----END CERTIFICATE-----