Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          g9+3Wr5Zg1ZxaHKM59G9pFj8HcSv2l9mwU+Tksdgj/U=
Subject key identifier:   BF:B3:7D:20:41:2B:EF:3F:9E:CF:F1:57:30:E6:61:30:93:FD:72:8B
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019650B63922C684B8496F29AED09D443E49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          14FA
Signing time:             Sun 20 Apr 2025 01:00:41 +0000
Manifest this update:     Sun 20 Apr 2025 01:00:41 +0000
Manifest next update:     Mon 21 Apr 2025 01:00:41 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: UvV+H3WT2oy+5/SPh9QU57AkxrWIFx1XvC4JSY7OeF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:50:b6:39:22:c6:84:b8:49:6f:29:ae:d0:9d:44:3e:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Apr 20 01:00:41 2025 GMT
            Not After : Apr 21 01:00:41 2025 GMT
        Subject: CN=bfb37d20412bef3f9ecff15730e6613093fd728b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9d:0d:5b:a5:85:19:09:e2:b8:a3:11:c2:da:
                    67:fb:52:6a:b0:c3:11:d4:c0:87:1c:50:e5:fb:26:
                    a2:64:eb:44:84:4e:68:90:ea:09:fa:f3:4c:0d:85:
                    29:a6:18:d8:13:33:7b:9e:64:ae:03:20:f9:a3:8f:
                    75:d3:4c:c9:a5:52:d1:33:be:7d:02:53:29:30:82:
                    de:b9:c0:7b:03:3f:69:ae:3a:88:00:b0:a2:02:06:
                    93:c2:89:a2:77:7e:45:22:ea:72:af:8f:29:5b:ca:
                    54:3f:11:50:66:fb:ba:a0:ff:fe:83:25:0f:f3:fe:
                    47:79:00:69:fc:bc:ba:95:b1:b5:72:8b:59:62:72:
                    a6:a5:59:3a:4e:6c:a5:50:84:ab:a2:c7:dd:1a:74:
                    a8:e9:cf:af:c1:59:87:4a:c5:9d:2e:3a:20:ff:ff:
                    f1:a8:9d:81:40:d6:8f:bb:6c:c3:42:76:82:aa:2e:
                    3f:12:7c:e9:a3:f1:d4:14:8e:81:7c:f4:85:b7:29:
                    f1:b2:79:6b:5d:6a:99:87:c7:9a:4d:69:cb:cb:8f:
                    19:00:0e:5b:e8:00:3a:df:68:22:c2:b7:b4:ef:5d:
                    f1:6c:b3:dd:df:66:75:5c:12:7d:99:70:23:b0:9d:
                    e3:2d:25:24:b1:7e:ca:6a:87:8a:72:e1:c2:f5:20:
                    81:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:B3:7D:20:41:2B:EF:3F:9E:CF:F1:57:30:E6:61:30:93:FD:72:8B
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:54:1f:37:c2:73:25:38:38:50:e4:f3:3a:54:41:b0:96:8f:
         ea:2c:b7:2a:e7:7c:c0:c9:c0:f9:6f:a2:2b:51:41:da:20:10:
         01:b3:77:bb:ce:f4:fc:42:09:03:56:28:c7:cd:5f:02:91:c4:
         0c:c3:dd:2a:ba:0d:a3:a0:9a:a1:ae:17:12:17:45:dc:07:4c:
         dd:c5:5b:e5:b8:51:a5:cc:64:ad:12:3d:ac:ce:88:95:dc:2f:
         a9:7c:82:8e:68:75:00:61:80:1b:94:6a:2b:c1:97:dd:04:89:
         59:93:72:dd:ad:15:bb:fb:c3:5c:88:96:c0:cf:ad:12:1c:4f:
         81:b9:be:b4:8c:ce:90:fb:dd:f4:94:04:fd:fe:f1:5c:aa:fa:
         b9:c3:53:06:2f:81:34:c3:73:81:42:44:9e:58:db:5c:1f:20:
         6e:86:9a:c8:a6:57:56:14:8d:cb:26:39:09:b7:8f:f0:e8:4a:
         a4:ac:8c:89:22:06:a3:74:0f:7c:9a:31:ff:19:61:ab:7c:ca:
         95:47:98:53:2e:2e:36:1f:18:87:01:78:ff:e2:fa:5b:62:84:
         36:0c:bb:2a:22:84:b2:3c:70:17:46:5d:21:86:5f:6c:8c:40:
         d4:78:e0:14:fb:5f:c8:8b:8e:ff:47:dc:1a:9a:60:3b:1d:24:
         73:d0:eb:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZQtjkixoS4SW8prtCdRD5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwNDIwMDEwMDQxWhcNMjUwNDIxMDEwMDQxWjAzMTEwLwYDVQQD
EyhiZmIzN2QyMDQxMmJlZjNmOWVjZmYxNTczMGU2NjEzMDkzZmQ3MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ0NW6WFGQniuKMRwtpn+1JqsMMR
1MCHHFDl+yaiZOtEhE5okOoJ+vNMDYUpphjYEzN7nmSuAyD5o49100zJpVLRM759
AlMpMILeucB7Az9prjqIALCiAgaTwomid35FIupyr48pW8pUPxFQZvu6oP/+gyUP
8/5HeQBp/Ly6lbG1cotZYnKmpVk6TmylUISrosfdGnSo6c+vwVmHSsWdLjog///x
qJ2BQNaPu2zDQnaCqi4/Enzpo/HUFI6BfPSFtynxsnlrXWqZh8eaTWnLy48ZAA5b
6AA632giwre0713xbLPd32Z1XBJ9mXAjsJ3jLSUksX7KaoeKcuHC9SCB0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+zfSBBK+8/ns/xVzDmYTCT/XKLMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVQfN8Jz
JTg4UOTzOlRBsJaP6iy3Kud8wMnA+W+iK1FB2iAQAbN3u870/EIJA1Yox81fApHE
DMPdKroNo6Caoa4XEhdF3AdM3cVb5bhRpcxkrRI9rM6IldwvqXyCjmh1AGGAG5Rq
K8GX3QSJWZNy3a0Vu/vDXIiWwM+tEhxPgbm+tIzOkPvd9JQE/f7xXKr6ucNTBi+B
NMNzgUJEnljbXB8gboaayKZXVhSNyyY5CbeP8OhKpKyMiSIGo3QPfJox/xlhq3zK
lUeYUy4uNh8YhwF4/+L6W2KENgy7KiKEsjxwF0ZdIYZfbIxA1HjgFPtfyIuO/0fc
GppgOx0kc9Dr2w==
-----END CERTIFICATE-----