Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
File:                     hlonCgsIptsPlMdDV96OSC1944Y.mft (raw, json)
Hash identifier:          dqCIbslfO69Jg0q/nYvgWV0hwQDFmPc2nFq7sq4ZbZA=
Subject key identifier:   44:31:8B:19:58:49:FE:A4:18:25:BA:9F:4D:82:36:DC:80:51:AD:CE
Authority key identifier: 86:5A:27:0A:0B:08:A6:DB:0F:94:C7:43:57:DE:8E:48:2D:7D:E3:86
Certificate issuer:       /CN=865a270a0b08a6db0f94c74357de8e482d7de386
Certificate serial:       01961245A95C3AA4E9B23441E81753C07011
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
Manifest number:          06AD
Signing time:             Mon 07 Apr 2025 22:01:17 +0000
Manifest this update:     Mon 07 Apr 2025 22:01:17 +0000
Manifest next update:     Tue 08 Apr 2025 22:01:17 +0000
Files and hashes:         1: hlonCgsIptsPlMdDV96OSC1944Y.crl (hash: HOdGPI3EIoW9XrhlbRz9meo2QyADrnYveu0avnwbiW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:12:45:a9:5c:3a:a4:e9:b2:34:41:e8:17:53:c0:70:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=865a270a0b08a6db0f94c74357de8e482d7de386
        Validity
            Not Before: Apr  7 22:01:17 2025 GMT
            Not After : Apr  8 22:01:17 2025 GMT
        Subject: CN=44318b195849fea41825ba9f4d8236dc8051adce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:02:bd:4d:68:ae:bc:8d:7b:3e:27:a7:ce:ef:
                    29:0d:a6:ad:96:a2:c0:af:5e:0a:45:c4:5f:a3:bf:
                    6f:ea:3e:44:06:00:c5:64:f6:da:bb:30:5f:a3:74:
                    9a:eb:8c:b2:f6:52:7c:0c:91:a0:bb:57:ed:47:18:
                    2a:19:f0:30:2a:cc:5c:87:1c:c3:df:07:4e:16:9e:
                    b8:8a:6a:e1:46:19:3d:4b:12:c4:1f:af:c6:04:8f:
                    7b:d5:27:da:81:7a:39:05:5a:fe:04:59:f2:27:50:
                    92:2c:14:55:aa:1c:34:51:ff:ca:81:d2:20:05:54:
                    0d:d4:d7:4e:45:d4:01:d8:8c:d8:e7:8e:d3:4e:71:
                    21:c6:2d:3a:93:7f:86:45:0d:1c:30:f3:47:db:b7:
                    9f:ae:ae:46:b8:e1:06:4a:a3:37:04:ca:53:8e:e8:
                    03:78:25:71:6e:79:ba:f2:59:87:9a:1d:b0:a3:e9:
                    61:66:b7:d4:57:bf:1b:5d:ad:b8:e7:2d:27:fa:57:
                    c9:cf:ed:66:a9:12:fe:ae:e8:18:2d:82:63:1d:71:
                    60:6e:84:1d:ab:b2:6b:89:94:88:47:d5:d4:c6:b5:
                    28:56:5a:2f:ed:70:c0:19:00:5e:b2:f1:c3:c5:66:
                    e5:40:61:f0:aa:eb:1c:08:90:84:57:b7:76:7a:00:
                    9a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:31:8B:19:58:49:FE:A4:18:25:BA:9F:4D:82:36:DC:80:51:AD:CE
            X509v3 Authority Key Identifier:
                keyid:86:5A:27:0A:0B:08:A6:DB:0F:94:C7:43:57:DE:8E:48:2D:7D:E3:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlonCgsIptsPlMdDV96OSC1944Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/df8278-9b6e-4b8c-a0d0-65a99eee50c5/1/hlonCgsIptsPlMdDV96OSC1944Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:f8:bf:15:01:2a:dc:c6:1c:e6:38:0a:37:e5:7e:ba:7f:4f:
         a3:08:d4:85:51:ff:c2:8e:e2:6a:a6:24:ba:40:8d:02:15:b4:
         82:b1:21:4a:3a:83:9b:b9:f8:0d:10:d8:8d:4f:ed:e5:12:38:
         90:52:00:8a:7d:b6:70:38:59:f3:87:cc:f0:a0:93:05:4e:39:
         53:01:d5:04:9c:42:83:2a:49:38:eb:35:ed:5a:7f:a8:98:7f:
         e4:3c:44:5c:1f:44:43:dd:bd:fe:8f:2b:51:22:9c:5f:31:52:
         85:2d:ed:aa:c9:1b:a1:f5:51:9d:ad:a2:dc:e2:68:6e:34:5a:
         e5:a6:eb:4f:6b:88:83:d8:15:06:0b:e4:81:c0:fd:01:43:71:
         88:b0:ff:b3:f3:24:6f:cc:46:08:42:c2:ec:7e:89:15:c2:cf:
         a5:99:a3:53:7b:54:77:e1:ad:0b:65:47:56:4f:3a:3d:0f:62:
         8a:c2:57:95:bc:f8:02:90:94:c3:26:4f:ef:c4:53:26:77:4b:
         39:e9:e9:5b:7a:fa:fc:6a:2e:b9:61:3e:00:c0:6e:f8:f2:6f:
         a8:96:8a:35:f5:ed:3e:c4:54:59:fb:d2:58:c5:1d:50:0a:5d:
         c0:7e:dc:52:f3:29:41:7c:69:c9:5f:3d:54:0c:14:a8:b3:c6:
         83:f3:4d:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYSRalcOqTpsjRB6BdTwHARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NWEyNzBhMGIwOGE2ZGIwZjk0Yzc0MzU3ZGU4ZTQ4MmQ3
ZGUzODYwHhcNMjUwNDA3MjIwMTE3WhcNMjUwNDA4MjIwMTE3WjAzMTEwLwYDVQQD
Eyg0NDMxOGIxOTU4NDlmZWE0MTgyNWJhOWY0ZDgyMzZkYzgwNTFhZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgK9TWiuvI17Pienzu8pDaatlqLA
r14KRcRfo79v6j5EBgDFZPbauzBfo3Sa64yy9lJ8DJGgu1ftRxgqGfAwKsxchxzD
3wdOFp64imrhRhk9SxLEH6/GBI971SfagXo5BVr+BFnyJ1CSLBRVqhw0Uf/KgdIg
BVQN1NdORdQB2IzY547TTnEhxi06k3+GRQ0cMPNH27efrq5GuOEGSqM3BMpTjugD
eCVxbnm68lmHmh2wo+lhZrfUV78bXa245y0n+lfJz+1mqRL+rugYLYJjHXFgboQd
q7JriZSIR9XUxrUoVlov7XDAGQBesvHDxWblQGHwquscCJCEV7d2egCagQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQxixlYSf6kGCW6n02CNtyAUa3OMB8GA1UdIwQY
MBaAFIZaJwoLCKbbD5THQ1fejkgtfeOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZjgyNzgtOWI2ZS00YjhjLWEwZDAt
NjVhOTllZWU1MGM1LzEvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZjgyNzgtOWI2ZS00YjhjLWEwZDAtNjVhOTllZWU1MGM1
LzEvaGxvbkNnc0lwdHNQbE1kRFY5Nk9TQzE5NDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/i/FQEq
3MYc5jgKN+V+un9PowjUhVH/wo7iaqYkukCNAhW0grEhSjqDm7n4DRDYjU/t5RI4
kFIAin22cDhZ84fM8KCTBU45UwHVBJxCgypJOOs17Vp/qJh/5DxEXB9EQ929/o8r
USKcXzFShS3tqskbofVRna2i3OJobjRa5abrT2uIg9gVBgvkgcD9AUNxiLD/s/Mk
b8xGCELC7H6JFcLPpZmjU3tUd+GtC2VHVk86PQ9iisJXlbz4ApCUwyZP78RTJndL
OenpW3r6/GouuWE+AMBu+PJvqJaKNfXtPsRUWfvSWMUdUApdwH7cUvMpQXxpyV89
VAwUqLPGg/NNDg==
-----END CERTIFICATE-----