Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          Vqvgb23pS+RE+2ZwoI85HzuEe0YtEf6JHdVouiptL/M=
Subject key identifier:   35:A1:82:35:95:57:0E:E1:10:9D:2D:73:6D:D7:10:48:E8:79:22:F6
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       019651FFF7C0AB63475BFBB0006A96439609
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          05E1
Signing time:             Sun 20 Apr 2025 07:00:51 +0000
Manifest this update:     Sun 20 Apr 2025 07:00:51 +0000
Manifest next update:     Mon 21 Apr 2025 07:00:51 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: 6g0Mly+oyUCqiX8wlWIGwp/bjebsH3Gq/+mLXaX66eQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:ff:f7:c0:ab:63:47:5b:fb:b0:00:6a:96:43:96:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Apr 20 07:00:51 2025 GMT
            Not After : Apr 21 07:00:51 2025 GMT
        Subject: CN=35a1823595570ee1109d2d736dd71048e87922f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b1:fc:0b:70:44:d8:ae:c4:be:dd:03:81:7b:
                    dc:85:2b:65:b7:76:dd:d1:a1:0a:8c:84:c9:cf:33:
                    66:24:5c:79:5c:c9:71:34:a8:94:c2:b6:22:97:f7:
                    bc:2d:51:e7:a1:1f:80:99:6f:43:ba:ec:b4:60:a1:
                    fd:b3:b9:fc:ff:31:23:38:b1:1e:e4:a3:79:9a:08:
                    3d:54:a5:e0:11:91:18:6f:2c:70:26:44:49:a7:d8:
                    22:d3:60:44:bd:1f:73:5e:08:26:bd:42:94:4d:d0:
                    9b:e3:02:9f:34:62:e5:6c:e8:70:8a:54:b5:0d:a0:
                    39:0a:38:31:c8:99:1f:a4:67:f9:aa:b8:4c:f3:d6:
                    29:f8:ff:a9:41:a9:f8:5e:bf:28:22:0c:4a:82:07:
                    d2:b0:d1:cd:3a:ef:b7:c2:ba:02:9c:c3:b0:54:f2:
                    92:f1:11:d5:e9:24:ab:c8:9f:e1:4d:c6:74:1c:05:
                    ee:47:3a:4c:fe:f9:74:0e:5f:93:75:9b:b0:83:4b:
                    18:63:f0:0e:00:98:19:fd:b4:03:0b:42:3f:0f:e6:
                    a0:19:7c:6b:75:af:ae:c8:15:7e:59:6d:fa:e1:7c:
                    2f:31:89:1c:52:cc:02:b1:3f:68:57:a5:0a:99:ec:
                    b2:45:ed:dc:75:07:0b:fd:5d:84:1a:06:87:80:da:
                    ea:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:A1:82:35:95:57:0E:E1:10:9D:2D:73:6D:D7:10:48:E8:79:22:F6
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:ca:9b:29:d4:01:0f:20:87:0d:2d:99:a2:41:fc:99:b0:4c:
         60:5b:29:1e:d2:12:ea:ad:b9:f3:55:49:6f:75:79:f3:57:80:
         39:0b:b4:bc:7e:2e:c2:9e:76:f6:84:6d:ae:2c:a7:c3:4b:73:
         62:f4:96:85:42:45:b4:2f:62:b6:32:86:88:87:64:f0:84:d7:
         48:55:26:bc:44:fa:78:c9:7c:c1:62:89:7c:55:c3:4b:93:ca:
         e5:34:b8:80:50:9b:85:58:59:6e:d7:e9:a0:23:b3:82:f2:bd:
         62:b6:d0:68:70:0a:d1:d3:35:ee:a0:b6:4d:fb:40:ae:f9:0a:
         cf:21:92:da:11:c2:b9:2b:09:75:2c:dd:85:59:87:f3:0c:80:
         12:a3:66:07:13:1e:2c:e7:7d:e6:9f:31:4d:5e:d8:50:4e:88:
         a8:4a:4b:25:4d:ec:6d:8f:cd:e4:16:6b:a5:2a:84:c7:69:42:
         06:93:bd:4b:1c:c2:73:89:e8:3a:43:04:dc:4e:af:4c:fd:6f:
         4c:81:c8:cb:5f:65:36:d9:23:38:2e:71:30:a9:f5:a7:e8:72:
         7b:2a:b8:9d:19:a7:be:e3:98:2d:cb:8e:70:7f:8f:0e:1e:ce:
         7d:5d:f6:37:0e:aa:be:8c:19:1f:95:76:4b:b0:df:0f:bb:38:
         f2:bb:ec:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZR//fAq2NHW/uwAGqWQ5YJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwNDIwMDcwMDUxWhcNMjUwNDIxMDcwMDUxWjAzMTEwLwYDVQQD
EygzNWExODIzNTk1NTcwZWUxMTA5ZDJkNzM2ZGQ3MTA0OGU4NzkyMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLH8C3BE2K7Evt0DgXvchStlt3bd
0aEKjITJzzNmJFx5XMlxNKiUwrYil/e8LVHnoR+AmW9Duuy0YKH9s7n8/zEjOLEe
5KN5mgg9VKXgEZEYbyxwJkRJp9gi02BEvR9zXggmvUKUTdCb4wKfNGLlbOhwilS1
DaA5CjgxyJkfpGf5qrhM89Yp+P+pQan4Xr8oIgxKggfSsNHNOu+3wroCnMOwVPKS
8RHV6SSryJ/hTcZ0HAXuRzpM/vl0Dl+TdZuwg0sYY/AOAJgZ/bQDC0I/D+agGXxr
da+uyBV+WW364XwvMYkcUswCsT9oV6UKmeyyRe3cdQcL/V2EGgaHgNrqUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWhgjWVVw7hEJ0tc23XEEjoeSL2MB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMqbKdQB
DyCHDS2ZokH8mbBMYFspHtIS6q2581VJb3V581eAOQu0vH4uwp529oRtriynw0tz
YvSWhUJFtC9itjKGiIdk8ITXSFUmvET6eMl8wWKJfFXDS5PK5TS4gFCbhVhZbtfp
oCOzgvK9YrbQaHAK0dM17qC2TftArvkKzyGS2hHCuSsJdSzdhVmH8wyAEqNmBxMe
LOd95p8xTV7YUE6IqEpLJU3sbY/N5BZrpSqEx2lCBpO9SxzCc4noOkME3E6vTP1v
TIHIy19lNtkjOC5xMKn1p+hyeyq4nRmnvuOYLcuOcH+PDh7OfV32Nw6qvowZH5V2
S7DfD7s48rvsxA==
-----END CERTIFICATE-----