Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          KMFwQHef1fcycd/aOass3m21gZ+p+gRMhOwWe8s8wDY=
Subject key identifier:   73:2F:93:CE:2B:82:C1:2B:C8:58:C6:F3:A7:EA:69:6F:7A:FB:7B:07
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       019656132C1C25976FC76C163FF2BA8CB5BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          053E
Signing time:             Mon 21 Apr 2025 02:00:19 +0000
Manifest this update:     Mon 21 Apr 2025 02:00:19 +0000
Manifest next update:     Tue 22 Apr 2025 02:00:19 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: /rEt54B2CctZ3jpL1BYOPoniIz5xuXzlmUQJwcZ5Qqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:56:13:2c:1c:25:97:6f:c7:6c:16:3f:f2:ba:8c:b5:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Apr 21 02:00:19 2025 GMT
            Not After : Apr 22 02:00:19 2025 GMT
        Subject: CN=732f93ce2b82c12bc858c6f3a7ea696f7afb7b07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:45:fd:e1:4c:86:17:f0:1c:61:77:b1:59:5a:
                    b1:e4:21:29:ed:d5:59:2b:08:27:35:0c:4e:11:4e:
                    8c:19:c8:b7:5d:87:0d:07:91:c5:f3:75:de:d7:9d:
                    f5:ba:da:c0:f4:74:59:03:51:54:46:15:97:7a:13:
                    82:51:0b:06:ab:73:f0:ab:90:10:51:26:85:16:74:
                    72:17:85:b6:38:c3:65:6f:f7:56:d9:3f:74:3e:80:
                    d8:7e:d2:ff:ea:46:28:6b:50:03:49:c1:7f:15:a2:
                    30:4f:1b:2c:a6:12:93:cf:15:7f:35:08:58:9f:4d:
                    21:2e:83:6b:b4:ba:68:da:38:b3:2d:f9:57:3a:5a:
                    c7:14:ae:77:8a:a7:58:d8:9e:32:ad:e7:5e:ad:37:
                    8b:b7:99:39:85:a0:c0:80:82:81:ee:ac:a5:20:45:
                    b8:21:a7:ea:6c:b4:48:b4:48:03:ec:b1:40:0f:27:
                    77:e9:d2:e5:91:6e:98:0e:21:2c:df:c6:f7:bb:5e:
                    73:90:e4:6a:7c:51:f5:90:cd:84:08:be:97:b9:a0:
                    23:d4:2d:bf:02:da:86:5e:2e:1e:48:f1:9b:f7:1a:
                    51:d2:3d:58:2d:c9:5e:57:0e:23:18:11:ba:80:ae:
                    ff:3b:e4:0b:95:2d:d5:b9:b3:5d:0d:26:6c:bb:be:
                    0f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:2F:93:CE:2B:82:C1:2B:C8:58:C6:F3:A7:EA:69:6F:7A:FB:7B:07
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:4b:1a:84:98:f9:a6:d4:ac:4b:49:4f:01:ba:b2:96:ae:5c:
         49:f0:78:1a:dc:20:96:cc:65:be:fc:cc:89:47:93:e4:03:23:
         d0:ae:8e:43:a6:ab:8c:9e:26:d0:52:4c:ef:04:36:12:8c:f8:
         a7:90:16:63:71:4b:7a:19:15:91:11:e2:a9:92:72:05:6e:c6:
         d5:58:d8:e1:ea:66:88:48:6a:a7:9a:d4:74:2c:2b:ce:fc:48:
         73:0a:c6:b3:0a:90:60:7e:b7:61:30:9b:aa:8e:54:55:a5:72:
         ba:13:8e:4f:cc:c2:4e:75:01:44:40:7e:3c:1f:61:b2:77:3f:
         0e:c6:ef:af:45:be:42:9a:ca:9e:65:cf:75:bd:76:18:80:46:
         b4:ec:f2:fe:54:00:39:07:2e:dc:2e:db:42:0b:bf:f4:dd:1c:
         a5:4b:ca:5a:27:0a:2f:d9:ab:c9:a2:9e:9d:7a:e6:43:d6:c4:
         66:28:c5:a2:36:51:8c:d8:37:c6:cf:69:97:57:59:e1:23:81:
         59:8c:64:48:cd:31:03:0b:5d:53:57:2a:d9:30:97:43:79:1d:
         ac:c0:a3:ad:4b:ec:7e:96:25:ac:f8:61:ba:76:bc:7f:8d:b1:
         1d:17:92:d8:a8:85:c3:c4:89:cb:c0:35:b8:0f:40:79:44:56:
         95:c7:a9:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZWEywcJZdvx2wWP/K6jLW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwNDIxMDIwMDE5WhcNMjUwNDIyMDIwMDE5WjAzMTEwLwYDVQQD
Eyg3MzJmOTNjZTJiODJjMTJiYzg1OGM2ZjNhN2VhNjk2ZjdhZmI3YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEX94UyGF/AcYXexWVqx5CEp7dVZ
KwgnNQxOEU6MGci3XYcNB5HF83Xe1531utrA9HRZA1FURhWXehOCUQsGq3Pwq5AQ
USaFFnRyF4W2OMNlb/dW2T90PoDYftL/6kYoa1ADScF/FaIwTxssphKTzxV/NQhY
n00hLoNrtLpo2jizLflXOlrHFK53iqdY2J4yrederTeLt5k5haDAgIKB7qylIEW4
IafqbLRItEgD7LFADyd36dLlkW6YDiEs38b3u15zkORqfFH1kM2ECL6XuaAj1C2/
AtqGXi4eSPGb9xpR0j1YLcleVw4jGBG6gK7/O+QLlS3VubNdDSZsu74PPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMvk84rgsEryFjG86fqaW96+3sHMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeEsahJj5
ptSsS0lPAbqylq5cSfB4GtwglsxlvvzMiUeT5AMj0K6OQ6arjJ4m0FJM7wQ2Eoz4
p5AWY3FLehkVkRHiqZJyBW7G1VjY4epmiEhqp5rUdCwrzvxIcwrGswqQYH63YTCb
qo5UVaVyuhOOT8zCTnUBREB+PB9hsnc/Dsbvr0W+QprKnmXPdb12GIBGtOzy/lQA
OQcu3C7bQgu/9N0cpUvKWicKL9mryaKenXrmQ9bEZijFojZRjNg3xs9pl1dZ4SOB
WYxkSM0xAwtdU1cq2TCXQ3kdrMCjrUvsfpYlrPhhuna8f42xHReS2KiFw8SJy8A1
uA9AeURWlcepXw==
-----END CERTIFICATE-----