Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          hen0G24R5cV/bKy1fXxPApVemvZnEFpH5hIjneldWzc=
Subject key identifier:   4E:93:7D:FE:BA:4E:FD:E1:1E:9E:34:6C:D5:08:87:31:9C:E9:8C:D8
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       01959073A8EE93B4A3F4130EA155E770F52B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          040E
Signing time:             Thu 13 Mar 2025 17:00:53 +0000
Manifest this update:     Thu 13 Mar 2025 17:00:53 +0000
Manifest next update:     Fri 14 Mar 2025 17:00:53 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: rdSWdUdwd3W0ZBWJZL8uIUL0U1gnEi+DQ7/ayCgYHbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:90:73:a8:ee:93:b4:a3:f4:13:0e:a1:55:e7:70:f5:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Mar 13 17:00:53 2025 GMT
            Not After : Mar 14 17:00:53 2025 GMT
        Subject: CN=4e937dfeba4efde11e9e346cd50887319ce98cd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:45:2e:b7:12:26:d0:b7:67:5a:90:90:8e:7c:
                    2a:82:ad:ae:97:19:04:e7:22:29:d7:7f:7b:3a:0f:
                    9c:32:fb:a5:24:e6:9c:bb:93:c7:0d:c7:b9:90:e2:
                    3d:9f:c2:8c:3f:d0:df:5c:d9:b3:14:94:95:f0:40:
                    73:71:0a:cb:21:46:4c:6b:34:15:15:91:18:d0:38:
                    96:24:6f:8c:5c:30:6a:87:0e:6d:3a:8a:cf:12:61:
                    2d:87:cd:e0:e5:25:5d:05:72:df:ab:9d:b7:2d:07:
                    7a:de:2a:9f:d5:4f:48:19:9d:93:b0:83:cd:fa:0f:
                    19:39:8a:8b:55:cd:10:66:a6:06:2f:38:fc:a1:0d:
                    ab:dd:13:78:8e:7e:2b:a8:0b:a4:a0:29:47:f9:39:
                    3d:a0:4c:4b:19:69:f7:63:bf:47:4d:50:5e:ea:e9:
                    2d:29:b0:aa:69:a5:4f:7d:80:79:c7:9e:d7:1b:19:
                    29:dd:1a:0e:e2:dd:cd:72:64:57:34:e3:45:d5:6f:
                    5d:d8:14:0e:ee:02:ba:2c:89:ea:42:36:8a:34:e4:
                    70:af:4b:5f:4c:43:f6:10:22:8f:f0:8d:a2:6a:29:
                    5c:b6:b3:ef:0a:7e:2d:2c:6b:e3:94:e2:bb:94:0d:
                    d7:22:58:fe:c4:e0:74:4f:55:d2:e5:62:61:ad:19:
                    0a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:93:7D:FE:BA:4E:FD:E1:1E:9E:34:6C:D5:08:87:31:9C:E9:8C:D8
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:9e:74:7b:1e:cf:dc:3a:76:30:37:3c:82:4f:8b:84:6e:2f:
         db:12:32:6a:e1:b6:69:79:db:cc:ec:be:ea:52:86:9e:fe:de:
         f7:9f:cb:5c:46:92:c9:38:c6:16:88:07:08:98:c8:ba:ee:ab:
         c0:45:4d:a6:57:b6:98:b4:4d:36:81:85:ee:d7:0c:2c:36:bb:
         d3:c9:71:4d:d5:f5:69:5b:b6:ce:ec:88:28:2b:68:2f:57:c5:
         e0:20:eb:e2:33:8c:0b:2b:13:91:4c:88:be:1b:aa:cd:79:9c:
         e9:ee:3e:d9:ec:ea:8a:66:58:f9:16:52:6b:d7:e3:37:12:b6:
         1d:88:20:86:a1:aa:9c:14:cd:a6:26:17:16:ef:62:f5:7a:6a:
         91:93:d9:b3:7b:d2:39:b6:73:45:51:df:8f:e9:0d:68:95:58:
         cd:a4:c1:e6:47:bd:c3:a7:21:6b:7a:a5:79:c7:03:d3:b8:78:
         19:29:a3:e0:5d:e2:b4:04:33:7b:c1:25:16:5f:99:07:4c:24:
         0c:d8:20:16:ff:64:48:76:91:29:de:0d:b0:a5:1a:54:76:db:
         da:62:45:55:fa:80:42:8d:11:1b:4e:92:91:77:7d:53:27:9b:
         68:58:7f:79:80:6c:1c:8e:54:f8:f8:2e:95:99:a3:1f:56:e5:
         e1:c6:32:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWQc6juk7Sj9BMOoVXncPUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwMzEzMTcwMDUzWhcNMjUwMzE0MTcwMDUzWjAzMTEwLwYDVQQD
Eyg0ZTkzN2RmZWJhNGVmZGUxMWU5ZTM0NmNkNTA4ODczMTljZTk4Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0UutxIm0LdnWpCQjnwqgq2ulxkE
5yIp1397Og+cMvulJOacu5PHDce5kOI9n8KMP9DfXNmzFJSV8EBzcQrLIUZMazQV
FZEY0DiWJG+MXDBqhw5tOorPEmEth83g5SVdBXLfq523LQd63iqf1U9IGZ2TsIPN
+g8ZOYqLVc0QZqYGLzj8oQ2r3RN4jn4rqAukoClH+Tk9oExLGWn3Y79HTVBe6ukt
KbCqaaVPfYB5x57XGxkp3RoO4t3NcmRXNONF1W9d2BQO7gK6LInqQjaKNORwr0tf
TEP2ECKP8I2iailctrPvCn4tLGvjlOK7lA3XIlj+xOB0T1XS5WJhrRkKMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6Tff66Tv3hHp40bNUIhzGc6YzYMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAp50ex7P
3Dp2MDc8gk+LhG4v2xIyauG2aXnbzOy+6lKGnv7e95/LXEaSyTjGFogHCJjIuu6r
wEVNple2mLRNNoGF7tcMLDa708lxTdX1aVu2zuyIKCtoL1fF4CDr4jOMCysTkUyI
vhuqzXmc6e4+2ezqimZY+RZSa9fjNxK2HYgghqGqnBTNpiYXFu9i9XpqkZPZs3vS
ObZzRVHfj+kNaJVYzaTB5ke9w6cha3qleccD07h4GSmj4F3itAQze8ElFl+ZB0wk
DNggFv9kSHaRKd4NsKUaVHbb2mJFVfqAQo0RG06SkXd9UyebaFh/eYBsHI5U+Pgu
lZmjH1bl4cYyHg==
-----END CERTIFICATE-----