Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
File:                     hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json)
Hash identifier:          r6xvP0NnawdC1CUymWmDZoDETjAtGu1w0yMusjpr+tw=
Subject key identifier:   D5:F7:F2:2B:2C:70:76:58:D1:34:46:F6:10:11:1B:9F:44:99:63:A5
Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C
Certificate issuer:       /CN=869acd19e23a816644bad0e8a12b86e1288ad33c
Certificate serial:       0196553831E0FB89FC58D471CFB617777F95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
Manifest number:          0EE7
Signing time:             Sun 20 Apr 2025 22:01:08 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:08 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:08 +0000
Files and hashes:         1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: acLcyl8BNWnbiWSKj9ExaKzQigkUbn25NaxtcJ7OWe4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:31:e0:fb:89:fc:58:d4:71:cf:b6:17:77:7f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c
        Validity
            Not Before: Apr 20 22:01:08 2025 GMT
            Not After : Apr 21 22:01:08 2025 GMT
        Subject: CN=d5f7f22b2c707658d13446f610111b9f449963a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b2:f0:52:e0:73:c0:e8:90:cc:0d:15:f3:23:
                    2d:67:39:5c:0c:55:19:e1:3d:80:7d:fc:6b:da:9a:
                    d3:1e:17:5d:78:eb:e5:f4:e4:d9:e7:eb:dc:2c:05:
                    67:9f:b1:54:13:37:03:8e:04:3e:2e:5a:f1:e8:e6:
                    7d:5f:43:47:54:41:7c:9b:5a:6d:1b:4d:ab:90:c5:
                    a0:a9:8c:68:7c:04:56:65:e1:97:cd:49:21:3a:e5:
                    88:84:52:59:60:02:51:19:0f:3d:7e:a2:ae:07:55:
                    38:b2:7d:6b:a8:f4:fb:2b:84:1c:f1:2e:11:27:b9:
                    93:35:ef:be:b1:7f:23:4b:29:10:8d:d3:5b:52:28:
                    f4:87:49:79:18:0f:f8:f8:6c:5e:9b:ca:76:90:0b:
                    78:a5:d4:93:7b:3a:e9:64:85:2b:4b:b1:f6:f7:c6:
                    f1:77:ad:25:38:31:4a:c9:26:c5:bd:2c:c9:14:b3:
                    25:53:44:45:0c:05:06:49:4f:fb:2c:91:e0:3f:ab:
                    f9:1b:ae:b3:e6:d3:e1:86:83:83:08:02:a0:f3:0a:
                    32:43:e7:40:be:de:da:87:94:27:69:c1:73:47:2d:
                    9e:42:4b:52:66:1f:3c:46:fa:de:6f:3a:2c:9e:fc:
                    f3:f8:4c:2b:46:14:ed:89:a1:bf:7f:3b:1e:9d:7a:
                    fd:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:F7:F2:2B:2C:70:76:58:D1:34:46:F6:10:11:1B:9F:44:99:63:A5
            X509v3 Authority Key Identifier:
                keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:2a:64:b9:54:af:61:41:6f:3a:32:df:ea:52:f6:4f:ac:9a:
         e6:94:25:3e:20:2d:7b:f8:66:b2:3c:c1:48:47:b5:3d:81:30:
         80:04:b1:4e:d1:44:74:82:4f:7b:2c:ac:8b:62:03:3d:bd:94:
         a0:c1:22:2e:6d:7b:25:4a:50:0f:53:06:46:64:d6:f9:30:c1:
         f0:fb:05:1e:95:da:e4:fe:72:cf:77:58:52:1d:ba:7c:42:08:
         5b:47:07:45:15:da:db:77:31:90:47:da:0b:11:66:e3:87:aa:
         c7:80:d1:6f:a2:6d:83:bb:19:6d:ba:18:23:85:a5:11:87:84:
         5e:3a:80:2a:17:db:1d:50:a6:18:86:ee:33:67:ee:d9:d6:2d:
         65:29:39:c3:fc:78:35:63:5a:62:1d:4c:12:8d:d9:73:2a:3b:
         92:93:e7:99:38:05:2d:83:ec:c2:3a:8a:38:52:4d:37:7a:9a:
         36:79:94:52:21:96:4f:fa:63:6b:b0:5b:78:43:84:67:44:f0:
         29:1b:85:4f:3e:cd:30:8e:34:ff:26:4f:c1:2d:61:15:1b:24:
         d5:f0:6f:bb:62:78:79:f1:bd:20:16:70:52:66:15:62:12:dd:
         bb:3c:1e:19:b5:63:96:d9:1e:8c:86:ec:3b:81:5e:96:69:db:
         74:12:d6:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVODHg+4n8WNRxz7YXd3+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4
YWQzM2MwHhcNMjUwNDIwMjIwMTA4WhcNMjUwNDIxMjIwMTA4WjAzMTEwLwYDVQQD
EyhkNWY3ZjIyYjJjNzA3NjU4ZDEzNDQ2ZjYxMDExMWI5ZjQ0OTk2M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrLwUuBzwOiQzA0V8yMtZzlcDFUZ
4T2Affxr2prTHhddeOvl9OTZ5+vcLAVnn7FUEzcDjgQ+Llrx6OZ9X0NHVEF8m1pt
G02rkMWgqYxofARWZeGXzUkhOuWIhFJZYAJRGQ89fqKuB1U4sn1rqPT7K4Qc8S4R
J7mTNe++sX8jSykQjdNbUij0h0l5GA/4+Gxem8p2kAt4pdSTezrpZIUrS7H298bx
d60lODFKySbFvSzJFLMlU0RFDAUGSU/7LJHgP6v5G66z5tPhhoODCAKg8woyQ+dA
vt7ah5QnacFzRy2eQktSZh88Rvrebzosnvzz+EwrRhTtiaG/fzsenXr9IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNX38isscHZY0TRG9hARG59EmWOlMB8GA1UdIwQY
MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt
N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw
LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhCpkuVSv
YUFvOjLf6lL2T6ya5pQlPiAte/hmsjzBSEe1PYEwgASxTtFEdIJPeyysi2IDPb2U
oMEiLm17JUpQD1MGRmTW+TDB8PsFHpXa5P5yz3dYUh26fEIIW0cHRRXa23cxkEfa
CxFm44eqx4DRb6Jtg7sZbboYI4WlEYeEXjqAKhfbHVCmGIbuM2fu2dYtZSk5w/x4
NWNaYh1MEo3Zcyo7kpPnmTgFLYPswjqKOFJNN3qaNnmUUiGWT/pja7BbeEOEZ0Tw
KRuFTz7NMI40/yZPwS1hFRsk1fBvu2J4efG9IBZwUmYVYhLduzweGbVjltkejIbs
O4FelmnbdBLWDg==
-----END CERTIFICATE-----