Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          HDssK7hDUGdGoaj0/L393efidSY7IE+SIgxq1tCy5FU=
Subject key identifier:   C5:24:7A:82:5A:63:EF:5D:46:74:C6:A4:42:4B:12:85:C2:75:2C:81
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       0194BABB315D10020A2F79E77CCDA28D8853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          0469
Signing time:             Fri 31 Jan 2025 05:00:17 +0000
Manifest this update:     Fri 31 Jan 2025 05:00:17 +0000
Manifest next update:     Sat 01 Feb 2025 05:00:17 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: 05oB6/9l4BD7ey+t4xxD9gldMGGweb+k9Kiy0xdawNc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 05:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:ba:bb:31:5d:10:02:0a:2f:79:e7:7c:cd:a2:8d:88:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Jan 31 05:00:17 2025 GMT
            Not After : Feb  1 05:00:17 2025 GMT
        Subject: CN=c5247a825a63ef5d4674c6a4424b1285c2752c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:09:b3:20:b9:03:25:68:23:b2:b4:c0:ae:1f:
                    5b:1b:69:43:05:47:45:39:d0:2e:ea:2c:3d:18:5f:
                    cf:36:74:00:b2:37:3b:5a:f8:c1:a2:f4:84:eb:bb:
                    a4:85:5d:9d:77:57:f3:96:0b:2b:4e:ff:dc:0a:94:
                    e5:25:1e:40:d2:bb:f9:a1:ce:9e:6c:22:94:6b:69:
                    35:ff:13:1d:8a:e5:ab:3d:48:b8:16:00:64:58:cc:
                    7f:5c:a9:97:f0:38:6a:c9:34:6d:81:ee:a3:ce:b4:
                    ba:1a:98:d5:33:db:a5:08:86:bb:cc:75:90:8b:93:
                    24:67:c6:98:cb:b6:c1:fc:42:e5:ff:94:27:b3:ff:
                    c5:ea:c4:92:8a:ae:2e:09:b8:3c:74:ee:3e:a4:23:
                    50:4b:71:fc:08:92:e1:39:a5:bc:7b:27:c7:ca:cc:
                    e2:47:59:b1:2e:c9:3b:4d:de:6c:72:82:f5:19:1a:
                    fa:01:d5:e0:cb:d1:69:fd:e1:0b:90:45:3c:e6:a5:
                    2a:02:a5:42:48:b8:5c:08:ce:93:cd:b3:e9:e7:15:
                    70:c1:c2:bf:55:ae:95:01:6a:29:c3:b9:62:b9:0e:
                    fe:71:c1:12:ad:83:d3:d2:f3:4a:e4:23:d1:bd:7c:
                    3a:55:94:90:7d:16:e4:0f:28:f2:ab:50:4e:71:cd:
                    eb:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:24:7A:82:5A:63:EF:5D:46:74:C6:A4:42:4B:12:85:C2:75:2C:81
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:1c:50:6f:ad:34:22:83:65:12:e2:00:4f:69:07:7e:93:36:
         d6:1d:7f:d8:0b:40:27:0b:e3:c4:86:18:eb:da:ae:75:bc:55:
         76:8b:14:bf:4e:16:32:b7:c5:ee:02:c0:8d:1b:05:4d:9f:e8:
         eb:50:6f:7e:2f:1d:90:a2:cf:38:2d:b3:52:cd:32:86:84:97:
         29:89:c5:a1:1b:34:12:4c:d7:9b:b2:29:b9:e0:69:5f:dc:96:
         36:15:54:58:39:fc:20:cf:70:8f:31:6a:ac:dc:25:d8:b5:fb:
         73:e4:94:aa:dc:55:8e:78:2e:70:f1:18:94:f0:f1:91:27:0a:
         48:c1:82:02:7b:79:59:d0:af:de:23:f3:0b:48:2d:b5:6d:54:
         e5:ac:28:21:db:e1:42:3d:19:27:ea:d6:3c:0e:55:0a:c0:82:
         6f:bd:b0:c0:46:a6:18:d4:79:40:67:c9:92:4f:96:da:06:ea:
         d9:eb:7b:12:2a:89:31:f8:6e:b8:78:f3:9b:5b:e2:2e:8f:7c:
         14:54:ee:b8:da:62:57:07:12:ae:9b:0f:9d:66:90:cb:c6:0f:
         64:7b:3f:cf:d1:a7:bf:0f:a9:8e:e9:23:17:73:5b:37:e3:2c:
         d9:f3:97:d2:51:f0:8e:aa:25:2d:b7:ff:e1:6e:82:85:e3:92:
         e2:a5:53:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS6uzFdEAIKL3nnfM2ijYhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwMTMxMDUwMDE3WhcNMjUwMjAxMDUwMDE3WjAzMTEwLwYDVQQD
EyhjNTI0N2E4MjVhNjNlZjVkNDY3NGM2YTQ0MjRiMTI4NWMyNzUyYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwmzILkDJWgjsrTArh9bG2lDBUdF
OdAu6iw9GF/PNnQAsjc7WvjBovSE67ukhV2dd1fzlgsrTv/cCpTlJR5A0rv5oc6e
bCKUa2k1/xMdiuWrPUi4FgBkWMx/XKmX8DhqyTRtge6jzrS6GpjVM9ulCIa7zHWQ
i5MkZ8aYy7bB/ELl/5Qns//F6sSSiq4uCbg8dO4+pCNQS3H8CJLhOaW8eyfHyszi
R1mxLsk7Td5scoL1GRr6AdXgy9Fp/eELkEU85qUqAqVCSLhcCM6TzbPp5xVwwcK/
Va6VAWopw7liuQ7+ccESrYPT0vNK5CPRvXw6VZSQfRbkDyjyq1BOcc3rewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUkeoJaY+9dRnTGpEJLEoXCdSyBMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPhxQb600
IoNlEuIAT2kHfpM21h1/2AtAJwvjxIYY69qudbxVdosUv04WMrfF7gLAjRsFTZ/o
61Bvfi8dkKLPOC2zUs0yhoSXKYnFoRs0EkzXm7IpueBpX9yWNhVUWDn8IM9wjzFq
rNwl2LX7c+SUqtxVjngucPEYlPDxkScKSMGCAnt5WdCv3iPzC0gttW1U5awoIdvh
Qj0ZJ+rWPA5VCsCCb72wwEamGNR5QGfJkk+W2gbq2et7EiqJMfhuuHjzm1viLo98
FFTuuNpiVwcSrpsPnWaQy8YPZHs/z9Gnvw+pjukjF3NbN+Ms2fOX0lHwjqolLbf/
4W6CheOS4qVTkg==
-----END CERTIFICATE-----