Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
File:                     HLjjf1E93Cn_15HDjJZjI2nKVFE.mft (raw, json)
Hash identifier:          NkcCDASSp5tmEzLwcv+9yI67/YVDMWSXE6hd1P7elPk=
Subject key identifier:   4C:BF:A3:8C:0B:73:CE:B6:2D:57:18:51:DD:E9:77:B8:AF:F8:1F:E2
Authority key identifier: 1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51
Certificate issuer:       /CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
Certificate serial:       01958C970C8C0BC6BAFC7F8E126C7B87B126
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
Manifest number:          1043
Signing time:             Wed 12 Mar 2025 23:01:03 +0000
Manifest this update:     Wed 12 Mar 2025 23:01:03 +0000
Manifest next update:     Thu 13 Mar 2025 23:01:03 +0000
Files and hashes:         1: HLjjf1E93Cn_15HDjJZjI2nKVFE.crl (hash: pWzPqxv1sgQu2x0xcMGTw3KDNGXGy7EESRSgGMH4KFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:97:0c:8c:0b:c6:ba:fc:7f:8e:12:6c:7b:87:b1:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
        Validity
            Not Before: Mar 12 23:01:03 2025 GMT
            Not After : Mar 13 23:01:03 2025 GMT
        Subject: CN=4cbfa38c0b73ceb62d571851dde977b8aff81fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f9:f3:6d:6a:06:8c:8d:ac:2c:ab:8f:11:66:
                    96:51:2d:6d:57:f6:54:64:e1:52:ce:2a:a7:67:fb:
                    1b:95:e6:c5:c2:c4:68:40:5e:73:cb:6b:0a:c2:1a:
                    88:34:b6:cc:56:32:bb:f9:10:8f:f3:23:a7:de:e0:
                    b3:9b:94:99:80:31:3f:0f:1e:0a:cb:f5:60:d1:97:
                    63:15:56:a4:4f:c0:b4:00:82:93:7b:67:32:24:b3:
                    a6:3d:cc:ab:53:30:f2:b3:7f:c0:5b:67:25:34:38:
                    98:ae:bf:60:a7:4c:28:c8:46:38:d2:3b:09:1f:38:
                    1e:8a:05:f0:12:34:43:24:84:c6:76:c9:bb:5e:10:
                    40:af:3b:64:d5:e3:bd:99:2c:a9:f8:e7:71:92:54:
                    ac:cd:6e:4a:81:36:00:5e:fc:85:9d:68:2b:1d:dd:
                    d3:40:b9:1b:3f:c8:6e:d4:9a:75:43:c6:fd:e6:db:
                    f3:7b:eb:6b:2f:c5:35:dc:bd:dc:43:dc:44:29:da:
                    ab:a7:7c:ea:09:d1:17:86:f4:67:2a:6d:9f:e7:0b:
                    dc:f6:db:91:e6:6a:68:55:be:e9:2f:79:3e:a1:20:
                    21:e7:64:62:3b:e6:a1:fc:e8:91:d5:ea:33:fe:a2:
                    7d:e7:27:99:13:54:f9:13:ab:74:4e:34:a7:4b:e9:
                    c8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:BF:A3:8C:0B:73:CE:B6:2D:57:18:51:DD:E9:77:B8:AF:F8:1F:E2
            X509v3 Authority Key Identifier:
                keyid:1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:29:1b:03:62:50:95:05:06:2c:66:e5:e6:6d:c2:c3:18:5e:
         f8:a5:00:3b:72:3c:37:5a:af:42:b7:ae:72:7e:93:87:96:f7:
         5e:1b:5a:b2:b9:c2:a5:e4:94:7c:09:bb:1e:d8:05:15:82:1a:
         26:09:97:7a:18:5d:91:b6:a5:9e:52:cf:01:75:a5:2b:ea:c5:
         48:bb:38:d7:50:be:f9:60:e6:d6:6e:25:ac:03:3a:dd:f4:7e:
         c0:f2:c2:3c:71:0a:a4:25:85:a9:6a:b4:a0:b2:9d:3b:d9:21:
         04:d2:ec:6e:ba:66:56:69:9f:94:1e:de:aa:10:88:b7:ce:0e:
         eb:e5:7d:28:28:de:a8:41:79:23:6c:3e:a5:06:88:93:20:8b:
         f4:f2:d9:f4:ea:e4:02:54:8b:f4:0c:f7:de:62:de:cc:41:c3:
         83:6d:b4:97:a0:a9:2d:b2:b4:8b:62:d1:55:08:fc:47:0d:fa:
         3d:e9:de:2d:15:3c:eb:a0:6f:82:1b:b8:ad:a8:50:1f:18:d7:
         87:94:74:5c:b8:ba:cc:f6:55:74:30:96:f3:51:ee:cf:96:a9:
         6c:73:9a:29:06:4a:24:7a:a0:e6:59:d5:ad:00:51:c1:60:0c:
         98:73:54:00:4c:c7:f7:23:10:14:01:b3:ff:e6:c3:0f:17:b9:
         41:2d:32:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMlwyMC8a6/H+OEmx7h7EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYjhlMzdmNTEzZGRjMjlmZmQ3OTFjMzhjOTY2MzIzNjlj
YTU0NTEwHhcNMjUwMzEyMjMwMTAzWhcNMjUwMzEzMjMwMTAzWjAzMTEwLwYDVQQD
Eyg0Y2JmYTM4YzBiNzNjZWI2MmQ1NzE4NTFkZGU5NzdiOGFmZjgxZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/nzbWoGjI2sLKuPEWaWUS1tV/ZU
ZOFSziqnZ/sblebFwsRoQF5zy2sKwhqINLbMVjK7+RCP8yOn3uCzm5SZgDE/Dx4K
y/Vg0ZdjFVakT8C0AIKTe2cyJLOmPcyrUzDys3/AW2clNDiYrr9gp0woyEY40jsJ
HzgeigXwEjRDJITGdsm7XhBArztk1eO9mSyp+OdxklSszW5KgTYAXvyFnWgrHd3T
QLkbP8hu1Jp1Q8b95tvze+trL8U13L3cQ9xEKdqrp3zqCdEXhvRnKm2f5wvc9tuR
5mpoVb7pL3k+oSAh52RiO+ah/OiR1eoz/qJ95yeZE1T5E6t0TjSnS+nIFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEy/o4wLc862LVcYUd3pd7iv+B/iMB8GA1UdIwQY
MBaAFBy4439RPdwp/9eRw4yWYyNpylRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMt
ZTFjZGIyNGMxODBiLzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMtZTFjZGIyNGMxODBi
LzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzSkbA2JQ
lQUGLGbl5m3Cwxhe+KUAO3I8N1qvQreucn6Th5b3XhtasrnCpeSUfAm7HtgFFYIa
JgmXehhdkbalnlLPAXWlK+rFSLs411C++WDm1m4lrAM63fR+wPLCPHEKpCWFqWq0
oLKdO9khBNLsbrpmVmmflB7eqhCIt84O6+V9KCjeqEF5I2w+pQaIkyCL9PLZ9Ork
AlSL9Az33mLezEHDg220l6CpLbK0i2LRVQj8Rw36PeneLRU866Bvghu4rahQHxjX
h5R0XLi6zPZVdDCW81Huz5apbHOaKQZKJHqg5lnVrQBRwWAMmHNUAEzH9yMQFAGz
/+bDDxe5QS0yTg==
-----END CERTIFICATE-----