Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          WULIkt3eiCoYA10dsdnitlVyfnr/12GcImGbShZe/D0=
Subject key identifier:   66:53:DB:AA:D9:46:2B:1A:4F:84:7B:E6:7D:79:76:EC:8D:0A:49:E6
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       01974B56495B9CF2A7B444E4CAFCFA4A1637
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          011C
Signing time:             Sat 07 Jun 2025 17:00:35 +0000
Manifest this update:     Sat 07 Jun 2025 17:00:35 +0000
Manifest next update:     Sun 08 Jun 2025 17:00:35 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: Jo7GFULyKnoceFBpiYQq+qCe/beiSYifZCHIy0B1Iiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:49:5b:9c:f2:a7:b4:44:e4:ca:fc:fa:4a:16:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Jun  7 17:00:35 2025 GMT
            Not After : Jun  8 17:00:35 2025 GMT
        Subject: CN=6653dbaad9462b1a4f847be67d7976ec8d0a49e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:43:36:fc:d6:9a:46:b0:01:40:27:60:b7:fa:
                    c7:d4:f2:42:68:52:c2:73:42:0e:89:08:1e:82:86:
                    08:1a:63:fa:a2:2a:e7:c2:1e:fa:95:85:70:24:19:
                    63:e4:21:f8:f5:d2:c1:24:00:5a:1e:b7:57:08:dd:
                    8d:a6:fc:e7:57:ef:f5:c9:e3:f7:1a:7f:10:b5:ce:
                    81:a8:e8:a1:90:24:d5:39:6b:42:f4:0f:9a:7f:3f:
                    d5:c2:d7:56:c8:7f:20:0a:e5:7f:e7:04:ed:30:54:
                    c5:0f:e5:ed:1b:69:c4:fb:5d:c4:9d:fb:1f:dc:b2:
                    8f:2d:9b:7c:e4:98:ef:32:6b:8f:96:50:01:c8:ef:
                    58:17:9b:52:29:6f:75:64:de:42:a8:a8:03:29:fd:
                    48:d2:6c:ef:e8:fb:6f:eb:cf:c1:fe:97:bb:6b:8c:
                    42:63:74:40:bc:b8:cc:05:79:be:6a:25:60:4a:a0:
                    77:f0:f6:d9:56:40:2a:cd:99:83:d6:e3:ac:ed:22:
                    56:22:48:d3:fb:28:a0:ce:c0:4f:4b:f2:d9:90:e9:
                    c2:88:37:e9:4b:c0:16:8f:fd:ee:d1:ff:08:d3:c3:
                    52:65:4b:16:17:a9:1c:73:83:67:79:ff:70:bd:9a:
                    e2:a3:aa:37:26:83:5a:1d:78:5f:12:00:ec:c0:ce:
                    8c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:53:DB:AA:D9:46:2B:1A:4F:84:7B:E6:7D:79:76:EC:8D:0A:49:E6
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:fb:f3:1a:0c:56:9c:c2:c1:55:c9:a4:be:1a:8d:fb:31:3b:
         cc:4b:fe:5f:6a:e2:06:89:a9:d0:62:22:77:48:ec:6b:c4:40:
         a2:a7:f6:37:b9:dc:5c:1b:84:03:1a:aa:ba:0f:47:5a:cb:e9:
         34:2b:8a:a2:95:c3:8b:ed:9d:93:74:cc:6e:67:9d:39:b2:9d:
         aa:44:a1:18:88:65:2e:ae:68:b9:88:29:43:ef:08:50:a6:1c:
         79:25:20:87:4e:b1:8c:ec:40:23:78:a9:cd:8a:60:8f:42:41:
         65:2b:cb:58:60:fb:3d:ca:70:47:59:ac:9b:68:30:92:f4:4b:
         15:60:6a:6a:b2:b0:f8:be:37:91:74:09:ca:1f:57:4c:3d:6b:
         83:93:4e:28:cd:32:89:65:08:68:73:b8:f5:be:41:0a:41:4b:
         82:c7:e6:c3:a9:70:d3:d6:c7:bf:c5:a8:3e:15:e5:03:f2:df:
         7f:9a:50:36:69:d2:e3:86:8e:95:9e:e3:b5:d6:3a:aa:6f:38:
         51:26:71:d1:d4:b9:d0:ec:85:1c:a1:73:cf:a2:e7:1f:01:bb:
         58:6b:89:83:d0:d0:45:c4:db:b9:5b:14:20:64:50:a5:65:49:
         31:76:59:aa:fd:d8:74:8a:3f:f7:eb:17:10:4c:41:15:52:e8:
         62:a8:90:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVklbnPKntETkyvz6ShY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjUwNjA3MTcwMDM1WhcNMjUwNjA4MTcwMDM1WjAzMTEwLwYDVQQD
Eyg2NjUzZGJhYWQ5NDYyYjFhNGY4NDdiZTY3ZDc5NzZlYzhkMGE0OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUM2/NaaRrABQCdgt/rH1PJCaFLC
c0IOiQgegoYIGmP6oirnwh76lYVwJBlj5CH49dLBJABaHrdXCN2NpvznV+/1yeP3
Gn8Qtc6BqOihkCTVOWtC9A+afz/VwtdWyH8gCuV/5wTtMFTFD+XtG2nE+13Enfsf
3LKPLZt85JjvMmuPllAByO9YF5tSKW91ZN5CqKgDKf1I0mzv6Ptv68/B/pe7a4xC
Y3RAvLjMBXm+aiVgSqB38PbZVkAqzZmD1uOs7SJWIkjT+yigzsBPS/LZkOnCiDfp
S8AWj/3u0f8I08NSZUsWF6kcc4Nnef9wvZrio6o3JoNaHXhfEgDswM6MPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZT26rZRisaT4R75n15duyNCknmMB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqvvzGgxW
nMLBVcmkvhqN+zE7zEv+X2riBomp0GIid0jsa8RAoqf2N7ncXBuEAxqqug9HWsvp
NCuKopXDi+2dk3TMbmedObKdqkShGIhlLq5ouYgpQ+8IUKYceSUgh06xjOxAI3ip
zYpgj0JBZSvLWGD7PcpwR1msm2gwkvRLFWBqarKw+L43kXQJyh9XTD1rg5NOKM0y
iWUIaHO49b5BCkFLgsfmw6lw09bHv8WoPhXlA/Lff5pQNmnS44aOlZ7jtdY6qm84
USZx0dS50OyFHKFzz6LnHwG7WGuJg9DQRcTbuVsUIGRQpWVJMXZZqv3YdIo/9+sX
EExBFVLoYqiQ1A==
-----END CERTIFICATE-----