Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
File:                     H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft (raw, json)
Hash identifier:          72VubO1JSwdlHZcPB07TV8CVbuLCkVwiBil37NAzKlM=
Subject key identifier:   EB:39:D7:0B:6A:66:16:50:3A:26:D5:01:A0:9E:5E:C6:00:1E:8A:07
Authority key identifier: 1F:89:7D:BF:F0:1A:FD:9D:1E:77:B6:F9:FE:08:D9:77:42:F5:6D:32
Certificate issuer:       /CN=1f897dbff01afd9d1e77b6f9fe08d97742f56d32
Certificate serial:       01958F9862E2443038A1BD3444825EE82431
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
Manifest number:          0206
Signing time:             Thu 13 Mar 2025 13:01:23 +0000
Manifest this update:     Thu 13 Mar 2025 13:01:23 +0000
Manifest next update:     Fri 14 Mar 2025 13:01:23 +0000
Files and hashes:         1: H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl (hash: H3eN+VMSd4cYtYKGwh6mGomCz0zTsEjEUXQ9VDgYfrU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 13:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8f:98:62:e2:44:30:38:a1:bd:34:44:82:5e:e8:24:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f897dbff01afd9d1e77b6f9fe08d97742f56d32
        Validity
            Not Before: Mar 13 13:01:23 2025 GMT
            Not After : Mar 14 13:01:23 2025 GMT
        Subject: CN=eb39d70b6a6616503a26d501a09e5ec6001e8a07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:80:71:bd:b0:64:5b:39:fe:ba:cd:87:4a:ec:
                    4f:a7:05:a7:76:1a:ce:be:9f:c5:7c:4f:2d:65:d3:
                    75:05:9c:25:f0:29:e9:11:78:3e:1f:3a:ce:a6:0e:
                    2f:d8:e9:b8:23:8d:bb:07:df:57:12:94:80:0f:78:
                    af:f9:1f:01:e6:a9:2b:fb:15:58:c7:1e:e0:39:e2:
                    bb:7a:54:9e:e6:f3:90:25:03:9a:02:1b:1f:30:d2:
                    d9:fc:83:67:f1:ae:63:28:27:cf:3f:a7:31:7d:77:
                    26:7a:43:6d:3b:79:46:b7:ea:a9:59:98:8f:53:de:
                    db:c8:47:ab:c7:2f:45:1e:ee:71:19:ae:47:79:10:
                    ba:5f:ab:aa:13:5d:76:38:ec:b9:cd:b2:cb:e0:ef:
                    9e:81:de:bc:d0:0b:cf:a0:51:2e:13:69:a7:9a:08:
                    e7:78:82:16:5f:3f:16:96:60:e5:cf:78:e1:1c:5d:
                    06:05:a1:4f:bc:4b:f2:59:d9:d2:2a:85:ee:d4:02:
                    ec:9a:ea:64:44:f7:f0:33:b5:3a:96:0f:f6:1b:d1:
                    f4:9b:31:fc:4e:ad:2f:db:e9:9e:6a:92:fc:1c:97:
                    40:dd:cb:f0:02:e2:57:65:74:71:8b:bf:f2:ae:4f:
                    ea:f3:88:ef:15:4e:19:cd:22:5b:d0:e1:4b:f0:56:
                    45:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:39:D7:0B:6A:66:16:50:3A:26:D5:01:A0:9E:5E:C6:00:1E:8A:07
            X509v3 Authority Key Identifier:
                keyid:1F:89:7D:BF:F0:1A:FD:9D:1E:77:B6:F9:FE:08:D9:77:42:F5:6D:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e401d0-69fe-4326-a042-411c3d2d069e/1/H4l9v_Aa_Z0ed7b5_gjZd0L1bTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:10:b0:ae:26:de:4c:76:c7:cb:6d:ff:54:7f:bd:06:54:ea:
         78:31:11:9d:14:11:e0:f0:04:4f:b8:d2:47:ae:51:3e:76:59:
         e0:ca:4e:7e:6a:ee:d5:24:da:5d:1f:30:4b:4c:73:d2:2f:18:
         ba:b6:08:16:a0:37:bd:cc:fd:1b:dd:90:00:73:ca:2d:88:28:
         7a:bf:ad:06:60:8a:5e:a7:a8:fa:35:83:a9:db:3e:4a:8d:f3:
         92:eb:4d:49:6c:e1:cd:ba:05:86:32:42:aa:aa:21:7c:53:73:
         01:a0:15:69:fe:20:69:17:47:62:45:8f:5b:e3:fb:2a:6f:6c:
         87:92:48:bd:6a:9f:7e:89:d7:84:c4:b2:e5:d7:7a:ad:c9:1b:
         d0:61:1a:22:b3:7d:bc:97:10:6c:da:69:b0:85:53:0b:dd:7f:
         08:8c:cb:39:95:95:e3:77:e6:dd:28:d3:a2:e8:97:fb:78:4b:
         eb:e6:a7:20:24:50:06:02:b8:e2:95:17:7c:24:40:b6:0d:bb:
         90:b2:d1:0f:0b:40:4d:3f:53:41:e2:5b:49:15:f2:62:25:d6:
         9d:05:cd:d3:76:b3:67:bb:a5:77:b0:aa:7a:1e:d4:c9:30:45:
         9a:6b:a7:91:f4:32:0c:44:d6:49:34:d0:e8:7f:e6:96:cd:b3:
         43:0f:28:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWPmGLiRDA4ob00RIJe6CQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODk3ZGJmZjAxYWZkOWQxZTc3YjZmOWZlMDhkOTc3NDJm
NTZkMzIwHhcNMjUwMzEzMTMwMTIzWhcNMjUwMzE0MTMwMTIzWjAzMTEwLwYDVQQD
EyhlYjM5ZDcwYjZhNjYxNjUwM2EyNmQ1MDFhMDllNWVjNjAwMWU4YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4BxvbBkWzn+us2HSuxPpwWndhrO
vp/FfE8tZdN1BZwl8CnpEXg+HzrOpg4v2Om4I427B99XEpSAD3iv+R8B5qkr+xVY
xx7gOeK7elSe5vOQJQOaAhsfMNLZ/INn8a5jKCfPP6cxfXcmekNtO3lGt+qpWZiP
U97byEerxy9FHu5xGa5HeRC6X6uqE112OOy5zbLL4O+egd680AvPoFEuE2mnmgjn
eIIWXz8WlmDlz3jhHF0GBaFPvEvyWdnSKoXu1ALsmupkRPfwM7U6lg/2G9H0mzH8
Tq0v2+meapL8HJdA3cvwAuJXZXRxi7/yrk/q84jvFU4ZzSJb0OFL8FZFawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOs51wtqZhZQOibVAaCeXsYAHooHMB8GA1UdIwQY
MBaAFB+Jfb/wGv2dHne2+f4I2XdC9W0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lNDAxZDAtNjlmZS00MzI2LWEwNDIt
NDExYzNkMmQwNjllLzEvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lNDAxZDAtNjlmZS00MzI2LWEwNDItNDExYzNkMmQwNjll
LzEvSDRsOXZfQWFfWjBlZDdiNV9nalpkMEwxYlRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxCwribe
THbHy23/VH+9BlTqeDERnRQR4PAET7jSR65RPnZZ4MpOfmru1STaXR8wS0xz0i8Y
urYIFqA3vcz9G92QAHPKLYgoer+tBmCKXqeo+jWDqds+So3zkutNSWzhzboFhjJC
qqohfFNzAaAVaf4gaRdHYkWPW+P7Km9sh5JIvWqffonXhMSy5dd6rckb0GEaIrN9
vJcQbNppsIVTC91/CIzLOZWV43fm3SjTouiX+3hL6+anICRQBgK44pUXfCRAtg27
kLLRDwtATT9TQeJbSRXyYiXWnQXN03azZ7uld7Cqeh7UyTBFmmunkfQyDETWSTTQ
6H/mls2zQw8oEw==
-----END CERTIFICATE-----