Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
File:                     hvH06JS38tbeGWF30OzA3s4oaZY.mft (raw, json)
Hash identifier:          aCorxkoyFUc9xZ/QIBYmQEYgNV4uTsT1hVHjW9v2/LQ=
Subject key identifier:   D7:BA:3D:5B:F4:DD:A3:BF:78:5C:3E:C1:31:2C:F5:3B:4F:06:BB:FB
Authority key identifier: 86:F1:F4:E8:94:B7:F2:D6:DE:19:61:77:D0:EC:C0:DE:CE:28:69:96
Certificate issuer:       /CN=86f1f4e894b7f2d6de196177d0ecc0dece286996
Certificate serial:       0195903D49F3B86C865D71A6D9E2EA43E2E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
Manifest number:          07DF
Signing time:             Thu 13 Mar 2025 16:01:30 +0000
Manifest this update:     Thu 13 Mar 2025 16:01:30 +0000
Manifest next update:     Fri 14 Mar 2025 16:01:30 +0000
Files and hashes:         1: hvH06JS38tbeGWF30OzA3s4oaZY.crl (hash: y/8K1Dp8lN+ugYEzRfm61SkMOrLTtt4exaGyWH5iSRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 09:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:3d:49:f3:b8:6c:86:5d:71:a6:d9:e2:ea:43:e2:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f1f4e894b7f2d6de196177d0ecc0dece286996
        Validity
            Not Before: Mar 13 16:01:30 2025 GMT
            Not After : Mar 14 16:01:30 2025 GMT
        Subject: CN=d7ba3d5bf4dda3bf785c3ec1312cf53b4f06bbfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d8:1d:35:92:56:3e:36:e0:5c:c2:8a:19:b8:
                    9c:8f:fc:da:79:21:20:e8:92:56:b7:0c:7e:23:0a:
                    ac:4e:99:ea:d7:32:9a:45:59:d7:f4:df:b0:b8:dc:
                    8c:ca:22:31:3e:dc:47:69:35:69:34:9e:18:64:fa:
                    ca:66:e7:02:9b:bc:dd:f7:67:44:ea:16:56:2f:17:
                    92:84:aa:16:fe:59:55:9f:76:20:39:c0:12:dd:e0:
                    d9:4f:b4:bf:c1:ea:8f:3b:db:1f:96:44:df:60:1b:
                    3d:43:a7:55:fc:15:f7:77:ef:f9:ac:57:5d:ee:c9:
                    0b:cc:5c:64:d2:c9:fe:60:fa:10:5a:12:3d:cd:0d:
                    81:39:fe:69:f9:5f:1e:bf:f9:da:64:14:88:a2:dd:
                    4f:e8:94:b6:fb:03:1d:9c:5b:00:ab:5f:a7:7d:b2:
                    d8:a3:db:a8:b2:88:da:9b:82:c9:f0:1b:33:c8:e7:
                    20:34:fb:25:fa:8b:0a:44:6d:00:4a:42:87:d9:c4:
                    81:da:e5:dd:af:7b:48:ed:05:d9:38:10:01:69:52:
                    f5:2e:cc:78:48:fb:f3:4b:18:9f:40:45:97:20:ea:
                    bc:2b:31:0c:68:b5:d1:c3:c2:9c:66:a2:86:35:d3:
                    00:65:b4:22:b5:b5:82:ec:29:fb:c2:b5:60:83:5d:
                    f1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:BA:3D:5B:F4:DD:A3:BF:78:5C:3E:C1:31:2C:F5:3B:4F:06:BB:FB
            X509v3 Authority Key Identifier:
                keyid:86:F1:F4:E8:94:B7:F2:D6:DE:19:61:77:D0:EC:C0:DE:CE:28:69:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvH06JS38tbeGWF30OzA3s4oaZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/8b0b93-867e-4062-a65b-66775b0ab7d1/1/hvH06JS38tbeGWF30OzA3s4oaZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:37:35:11:ce:57:02:78:a1:eb:5f:e9:de:5c:21:f9:b0:35:
         66:61:8d:23:06:67:58:24:cb:74:71:94:c2:bf:8d:3e:a1:11:
         b8:cd:39:05:ca:29:2f:fe:37:46:98:11:2c:47:8d:2a:7c:6f:
         05:0e:cb:53:bd:d6:95:8d:b8:be:f9:97:8f:b5:c4:d5:b6:c0:
         ae:4c:97:e8:15:f1:41:b3:e8:06:70:e3:fa:e0:a4:64:b8:18:
         7f:3c:1e:40:6c:f1:c1:e2:e3:8b:8e:6f:68:d9:46:e7:95:98:
         06:f8:50:9d:24:44:f0:ae:a8:cc:d2:4e:fd:a1:a6:d6:99:98:
         1f:d5:d3:03:60:97:66:fb:26:fb:33:6a:56:67:ac:ea:81:e1:
         70:36:73:b9:b0:a9:17:8b:ec:33:7d:17:4a:78:cb:50:b4:16:
         66:e8:a3:88:45:d5:db:b9:44:2c:91:a7:4a:26:d8:fd:84:81:
         c3:f4:60:e8:2d:d5:d6:36:79:7e:f3:8e:6e:a3:76:75:0f:5f:
         07:bc:1e:4b:79:c0:bd:22:a3:a0:d2:f6:27:db:e4:8d:c2:73:
         f9:13:af:f0:85:1d:8e:f5:43:53:47:bd:8f:3e:3b:17:36:cb:
         b2:19:61:bf:fe:0b:c5:57:7a:e1:c7:fe:99:91:66:c0:df:fd:
         a7:fc:20:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQPUnzuGyGXXGm2eLqQ+LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjFmNGU4OTRiN2YyZDZkZTE5NjE3N2QwZWNjMGRlY2Uy
ODY5OTYwHhcNMjUwMzEzMTYwMTMwWhcNMjUwMzE0MTYwMTMwWjAzMTEwLwYDVQQD
EyhkN2JhM2Q1YmY0ZGRhM2JmNzg1YzNlYzEzMTJjZjUzYjRmMDZiYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09gdNZJWPjbgXMKKGbicj/zaeSEg
6JJWtwx+IwqsTpnq1zKaRVnX9N+wuNyMyiIxPtxHaTVpNJ4YZPrKZucCm7zd92dE
6hZWLxeShKoW/llVn3YgOcAS3eDZT7S/weqPO9sflkTfYBs9Q6dV/BX3d+/5rFdd
7skLzFxk0sn+YPoQWhI9zQ2BOf5p+V8ev/naZBSIot1P6JS2+wMdnFsAq1+nfbLY
o9uosojam4LJ8BszyOcgNPsl+osKRG0ASkKH2cSB2uXdr3tI7QXZOBABaVL1Lsx4
SPvzSxifQEWXIOq8KzEMaLXRw8KcZqKGNdMAZbQitbWC7Cn7wrVgg13xbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNe6PVv03aO/eFw+wTEs9TtPBrv7MB8GA1UdIwQY
MBaAFIbx9OiUt/LW3hlhd9DswN7OKGmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84YjBiOTMtODY3ZS00MDYyLWE2NWIt
NjY3NzViMGFiN2QxLzEvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84YjBiOTMtODY3ZS00MDYyLWE2NWItNjY3NzViMGFiN2Qx
LzEvaHZIMDZKUzM4dGJlR1dGMzBPekEzczRvYVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTc1Ec5X
Anih61/p3lwh+bA1ZmGNIwZnWCTLdHGUwr+NPqERuM05BcopL/43RpgRLEeNKnxv
BQ7LU73WlY24vvmXj7XE1bbArkyX6BXxQbPoBnDj+uCkZLgYfzweQGzxweLji45v
aNlG55WYBvhQnSRE8K6ozNJO/aGm1pmYH9XTA2CXZvsm+zNqVmes6oHhcDZzubCp
F4vsM30XSnjLULQWZuijiEXV27lELJGnSibY/YSBw/Rg6C3V1jZ5fvOObqN2dQ9f
B7weS3nAvSKjoNL2J9vkjcJz+ROv8IUdjvVDU0e9jz47FzbLshlhv/4LxVd64cf+
mZFmwN/9p/wg/g==
-----END CERTIFICATE-----