Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          tdY8Ya5DpjSAZYsx3aoHKmPAYvgsZgguNTtIpEi3G94=
Subject key identifier:   F1:82:37:E3:0D:21:23:DC:90:57:A2:C0:9D:30:F3:09:31:D5:2C:8F
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       0196538004FADAD00310C7FC24495A280960
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          0473
Signing time:             Sun 20 Apr 2025 14:00:20 +0000
Manifest this update:     Sun 20 Apr 2025 14:00:20 +0000
Manifest next update:     Mon 21 Apr 2025 14:00:20 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: Sf42Mkji9MFBh0GrssNGct5AkcPaLyIsC2hehOndPkU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 14:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:80:04:fa:da:d0:03:10:c7:fc:24:49:5a:28:09:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Apr 20 14:00:20 2025 GMT
            Not After : Apr 21 14:00:20 2025 GMT
        Subject: CN=f18237e30d2123dc9057a2c09d30f30931d52c8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:05:12:d4:99:fa:1a:9e:cb:1d:de:a4:91:81:
                    31:bd:1c:03:03:14:c0:39:2a:0f:5f:4a:af:c2:aa:
                    fc:07:6b:03:5e:94:11:4f:cc:36:a1:48:49:0c:13:
                    d2:8f:df:2a:52:ec:c6:90:6e:bd:56:54:6a:b6:d4:
                    64:73:09:a7:8e:99:26:10:3d:67:bd:19:e8:66:90:
                    60:d6:ef:20:7b:c2:e3:3f:6a:2d:f7:12:e2:2a:5f:
                    fa:fd:74:e1:a1:53:97:98:4e:b2:81:76:ac:08:8a:
                    0d:51:ee:2b:f6:ba:43:43:68:39:63:42:f1:5b:36:
                    13:6d:de:d8:70:43:af:d4:4e:18:de:08:df:3b:c1:
                    3d:f2:f2:93:09:ae:e6:b5:d3:ff:de:0a:0e:3b:a5:
                    95:32:aa:c2:0d:ca:0b:7d:39:39:a5:57:bb:18:09:
                    c5:66:04:8b:5f:59:d4:5c:e2:92:a9:79:93:0d:28:
                    3c:4d:88:61:8c:4f:b4:ea:b3:6a:38:b7:03:70:2c:
                    69:da:82:52:da:52:47:a4:bd:cd:a5:69:92:d3:63:
                    81:f2:69:62:87:d5:af:39:9b:9d:a6:f1:e7:c5:d6:
                    43:92:00:b6:11:ed:17:a4:ec:6a:9e:50:03:2a:aa:
                    8f:2f:aa:17:ff:e7:10:88:5f:e9:74:6c:a6:0b:0d:
                    19:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:82:37:E3:0D:21:23:DC:90:57:A2:C0:9D:30:F3:09:31:D5:2C:8F
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:ba:8e:6b:fc:59:5c:8c:30:38:f3:fa:c3:d7:56:6b:0b:af:
         35:f1:ab:0f:a4:b5:06:e8:3e:59:34:65:7a:0c:cd:85:c4:a6:
         aa:c1:8c:9d:c7:aa:ca:35:9c:7c:ab:66:27:d4:fe:76:b6:4f:
         49:46:4d:08:39:73:65:ca:1c:b7:9a:7c:7d:83:f8:64:d6:61:
         c5:58:6c:24:08:04:67:68:4c:cf:30:4b:ff:db:88:64:f3:a7:
         35:dc:20:78:28:78:d3:50:e1:f0:cb:d3:d5:9a:72:9d:61:2e:
         9c:f7:c3:5d:5a:71:6d:59:a5:8c:4d:ee:ff:74:70:5a:ee:c6:
         9d:29:ba:1b:d3:52:e7:7e:29:a5:96:95:6a:49:a8:20:29:94:
         b2:e6:ff:5c:2b:eb:7a:2a:18:1d:46:30:0b:c8:01:4a:4a:12:
         a0:1d:24:84:18:7e:a2:cf:5c:4a:9c:2f:94:94:b8:a0:c0:ff:
         3e:e5:4b:24:5c:0e:12:43:4e:26:a9:1a:70:16:71:69:f4:aa:
         a9:33:d3:7d:fa:72:6b:ea:1b:84:d9:91:df:00:39:7d:1f:e9:
         10:3e:8f:35:89:f7:2c:4c:c8:0b:f6:bc:ab:22:5e:69:7f:07:
         34:b3:d0:b7:77:e1:29:63:28:13:be:2c:05:8d:aa:cd:de:9d:
         69:6c:cf:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTgAT62tADEMf8JElaKAlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNDIwMTQwMDIwWhcNMjUwNDIxMTQwMDIwWjAzMTEwLwYDVQQD
EyhmMTgyMzdlMzBkMjEyM2RjOTA1N2EyYzA5ZDMwZjMwOTMxZDUyYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gUS1Jn6Gp7LHd6kkYExvRwDAxTA
OSoPX0qvwqr8B2sDXpQRT8w2oUhJDBPSj98qUuzGkG69VlRqttRkcwmnjpkmED1n
vRnoZpBg1u8ge8LjP2ot9xLiKl/6/XThoVOXmE6ygXasCIoNUe4r9rpDQ2g5Y0Lx
WzYTbd7YcEOv1E4Y3gjfO8E98vKTCa7mtdP/3goOO6WVMqrCDcoLfTk5pVe7GAnF
ZgSLX1nUXOKSqXmTDSg8TYhhjE+06rNqOLcDcCxp2oJS2lJHpL3NpWmS02OB8mli
h9WvOZudpvHnxdZDkgC2Ee0XpOxqnlADKqqPL6oX/+cQiF/pdGymCw0ZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGCN+MNISPckFeiwJ0w8wkx1SyPMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7qOa/xZ
XIwwOPP6w9dWawuvNfGrD6S1Bug+WTRlegzNhcSmqsGMnceqyjWcfKtmJ9T+drZP
SUZNCDlzZcoct5p8fYP4ZNZhxVhsJAgEZ2hMzzBL/9uIZPOnNdwgeCh401Dh8MvT
1ZpynWEunPfDXVpxbVmljE3u/3RwWu7GnSm6G9NS534ppZaVakmoICmUsub/XCvr
eioYHUYwC8gBSkoSoB0khBh+os9cSpwvlJS4oMD/PuVLJFwOEkNOJqkacBZxafSq
qTPTffpya+obhNmR3wA5fR/pED6PNYn3LEzIC/a8qyJeaX8HNLPQt3fhKWMoE74s
BY2qzd6daWzP9A==
-----END CERTIFICATE-----