Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          TSbXMnxAwbWkHeDAdfQMROvY6PRvC7fAE4Ie2kARIVA=
Subject key identifier:   B5:08:8D:78:20:48:A0:95:33:70:09:3A:C7:E8:14:C0:58:23:20:70
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       01962B98056EDFEAF55A9BC5F11723691B83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          87
Signing time:             Sat 12 Apr 2025 20:01:45 +0000
Manifest this update:     Sat 12 Apr 2025 20:01:45 +0000
Manifest next update:     Sun 13 Apr 2025 20:01:45 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: mxkGDRO5+GxSqDPB8E7vDjVcJ/5/waZSWQw784+DpQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 18:34:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2b:98:05:6e:df:ea:f5:5a:9b:c5:f1:17:23:69:1b:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Apr 12 20:01:45 2025 GMT
            Not After : Apr 13 20:01:45 2025 GMT
        Subject: CN=b5088d782048a0953370093ac7e814c058232070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d9:02:c8:f9:74:c3:cc:31:ad:bd:7e:fb:08:
                    cf:90:79:19:2a:b4:6a:87:a5:1c:6c:cb:ad:db:ba:
                    4b:b8:92:49:9d:50:54:f3:1e:79:bd:17:97:b0:3b:
                    88:35:91:c1:86:d6:cd:3a:4e:2e:3d:af:8e:ba:a7:
                    26:95:d4:2a:22:a0:54:2e:15:55:72:5a:15:96:8a:
                    e8:7a:da:8c:1a:00:b8:76:aa:af:62:37:c0:52:f4:
                    44:fb:c9:3d:59:88:bb:42:57:1f:3b:f2:5e:da:d4:
                    7f:f9:17:ab:53:a8:b9:d6:1d:14:ef:73:0b:d9:03:
                    6d:e6:26:66:fd:3b:a6:03:30:ea:e3:ec:14:16:62:
                    43:25:64:9d:02:0e:a0:2d:9d:8d:04:6f:99:68:1a:
                    ca:95:48:96:93:58:83:38:59:3a:e6:30:6d:f7:96:
                    a9:39:13:6c:ff:f4:1e:30:7a:63:03:26:51:a9:83:
                    60:88:93:67:a2:44:e4:de:2e:cc:2c:b6:36:76:61:
                    08:e7:f1:37:bf:a9:04:30:97:a4:80:fa:df:67:5f:
                    bd:5e:06:8b:be:f9:17:e4:3b:b1:5f:30:25:73:e6:
                    cc:c9:68:5b:ae:ea:8f:26:37:6e:a0:76:1e:ff:78:
                    b4:72:e2:6a:56:c8:f3:4d:cd:81:78:af:aa:3a:67:
                    6f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:08:8D:78:20:48:A0:95:33:70:09:3A:C7:E8:14:C0:58:23:20:70
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:1d:75:e4:67:63:c7:cb:7c:ea:04:30:b2:96:7d:88:02:8e:
         d6:c7:24:c4:f1:ef:14:6a:92:2e:df:f1:a2:ae:e9:15:9d:a7:
         e3:da:63:dd:aa:85:be:43:a3:c5:e9:68:f1:f1:31:52:5a:55:
         1e:9c:b9:5b:5d:52:a2:4a:13:d5:6b:b1:81:fd:68:cf:46:c0:
         da:0c:c2:39:e6:c2:71:ca:17:78:bf:bd:81:67:39:66:af:e9:
         b5:90:53:11:78:71:ff:33:96:10:72:c8:83:e6:2b:39:14:bd:
         65:d3:12:81:d8:eb:68:0e:27:db:94:c4:2a:f2:7c:4d:1d:f9:
         29:5c:42:e5:f4:c5:b8:7c:70:a4:07:b3:a7:d8:84:85:28:ff:
         d4:e4:a0:0c:c5:3a:ae:c2:0a:c9:b7:68:d1:a7:98:8f:ad:b8:
         f5:ec:93:af:a7:ad:fc:ed:11:60:37:75:45:e1:5a:84:c8:0a:
         e5:7f:aa:d8:8d:04:7f:c2:65:20:5c:c7:36:03:ad:91:5f:41:
         81:a1:dd:37:66:37:ff:a6:a7:11:e9:b5:bf:9f:b9:1c:97:a5:
         d3:aa:2c:01:c9:40:7b:eb:56:46:d7:3a:46:1c:17:5f:ec:7a:
         00:eb:cb:c6:3a:0b:27:6c:b7:c2:1b:9c:aa:66:be:d8:bd:fa:
         e4:4a:fe:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYrmAVu3+r1WpvF8RcjaRuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjUwNDEyMjAwMTQ1WhcNMjUwNDEzMjAwMTQ1WjAzMTEwLwYDVQQD
EyhiNTA4OGQ3ODIwNDhhMDk1MzM3MDA5M2FjN2U4MTRjMDU4MjMyMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9kCyPl0w8wxrb1++wjPkHkZKrRq
h6UcbMut27pLuJJJnVBU8x55vReXsDuINZHBhtbNOk4uPa+OuqcmldQqIqBULhVV
cloVloroetqMGgC4dqqvYjfAUvRE+8k9WYi7QlcfO/Je2tR/+RerU6i51h0U73ML
2QNt5iZm/TumAzDq4+wUFmJDJWSdAg6gLZ2NBG+ZaBrKlUiWk1iDOFk65jBt95ap
ORNs//QeMHpjAyZRqYNgiJNnokTk3i7MLLY2dmEI5/E3v6kEMJekgPrfZ1+9XgaL
vvkX5DuxXzAlc+bMyWhbruqPJjduoHYe/3i0cuJqVsjzTc2BeK+qOmdvwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUIjXggSKCVM3AJOsfoFMBYIyBwMB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjh115Gdj
x8t86gQwspZ9iAKO1sckxPHvFGqSLt/xoq7pFZ2n49pj3aqFvkOjxelo8fExUlpV
Hpy5W11SokoT1Wuxgf1oz0bA2gzCOebCccoXeL+9gWc5Zq/ptZBTEXhx/zOWEHLI
g+YrORS9ZdMSgdjraA4n25TEKvJ8TR35KVxC5fTFuHxwpAezp9iEhSj/1OSgDMU6
rsIKybdo0aeYj6249eyTr6et/O0RYDd1ReFahMgK5X+q2I0Ef8JlIFzHNgOtkV9B
gaHdN2Y3/6anEem1v5+5HJel06osAclAe+tWRtc6RhwXX+x6AOvLxjoLJ2y3whuc
qma+2L365Er+cA==
-----END CERTIFICATE-----