Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          089PW5NXs3+4FDI6+tO3rPxal1vYmqnrStCMK0LG7EI=
Subject key identifier:   77:1E:C7:94:52:0A:EE:EA:73:50:17:64:D7:3C:89:07:FA:31:72:EE
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       01964DEBA65850929793EBBD08B623085CB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          04CB
Signing time:             Sat 19 Apr 2025 12:00:11 +0000
Manifest this update:     Sat 19 Apr 2025 12:00:11 +0000
Manifest next update:     Sun 20 Apr 2025 12:00:11 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: U/nb2f8HtEZ9llctwhNFUXJ5NGewF5yORnndOoyL4pc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 07:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:eb:a6:58:50:92:97:93:eb:bd:08:b6:23:08:5c:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Apr 19 12:00:11 2025 GMT
            Not After : Apr 20 12:00:11 2025 GMT
        Subject: CN=771ec794520aeeea73501764d73c8907fa3172ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d3:68:90:51:51:93:52:a9:bc:c1:79:1d:56:
                    b3:eb:d8:84:e4:94:6f:29:83:97:b5:9a:82:55:ce:
                    4f:ad:5c:da:c5:67:c8:20:dc:61:00:73:0b:48:19:
                    9c:d0:9a:33:16:0f:67:eb:b2:d4:a4:ea:59:0a:b9:
                    34:78:b1:55:55:cd:4b:d0:1e:3b:a0:06:5a:e7:86:
                    c3:6a:c5:7e:1f:dd:81:26:05:4c:e8:05:25:56:ba:
                    de:e4:6c:09:4b:95:f8:27:57:08:a8:43:20:77:b8:
                    e5:56:df:fd:19:9c:bf:90:1f:19:47:c6:b9:47:5e:
                    dc:f3:cc:2b:e8:bd:f2:53:1f:d0:a7:3b:32:02:fa:
                    25:83:be:6c:53:21:9c:c3:61:a2:a8:cb:01:32:ba:
                    d3:38:79:f2:c0:50:65:b8:90:81:d5:8e:30:9d:fb:
                    ee:cd:2b:9d:88:26:22:a5:0f:15:28:8a:47:ca:de:
                    ed:f8:92:2d:36:7a:be:45:97:a5:b1:f9:00:6e:d8:
                    cd:46:99:d3:86:fa:60:d0:17:15:90:dd:89:76:22:
                    26:45:5e:c3:b5:f8:fa:f1:f0:9b:4a:c0:b6:23:93:
                    0a:5c:c3:f4:f3:07:23:70:98:61:c2:e2:eb:d0:c7:
                    07:7b:19:7f:c7:74:35:1a:0b:79:fe:4e:a8:51:a4:
                    4f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1E:C7:94:52:0A:EE:EA:73:50:17:64:D7:3C:89:07:FA:31:72:EE
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:2d:de:0b:ce:51:38:0a:72:d2:e7:d1:bd:5b:05:ed:fb:ac:
         c6:e5:71:90:7a:b8:5c:a7:88:35:7d:75:65:ca:24:e6:f1:89:
         01:3b:a3:ba:32:65:ef:ce:7b:1b:d0:77:a3:7e:0e:94:9e:ba:
         9a:41:a6:6b:ae:66:d2:29:b2:8f:07:f4:ff:13:a4:f3:cd:53:
         cd:41:90:c1:32:91:42:13:b8:07:d4:ae:96:10:a3:39:0d:64:
         c3:95:5b:97:23:66:2f:60:15:17:3a:2b:7b:0d:8a:87:94:d8:
         52:5f:ce:e1:35:6f:16:58:b7:d9:8f:4d:2a:72:e7:3d:d6:20:
         b6:78:bc:e5:07:31:f9:76:cd:a2:6d:20:47:cf:93:eb:43:40:
         e3:bd:81:91:51:e0:17:9b:59:8c:69:2a:d3:c5:16:62:db:d6:
         84:27:c9:32:41:75:3c:39:74:64:4d:1d:13:8b:87:ce:dd:8a:
         8a:7e:55:e2:f7:ff:34:66:b6:86:e3:24:25:a6:19:2e:34:b9:
         b8:10:3b:ad:fd:3b:95:5f:06:f1:f9:29:04:8f:14:87:f4:76:
         74:b0:95:8c:4b:42:f0:d8:1b:1e:9d:07:13:86:46:72:b5:bc:
         7b:73:5e:0b:31:a6:4c:86:48:da:6b:13:77:53:f3:8d:31:93:
         1b:8e:6b:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZN66ZYUJKXk+u9CLYjCFyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNDE5MTIwMDExWhcNMjUwNDIwMTIwMDExWjAzMTEwLwYDVQQD
Eyg3NzFlYzc5NDUyMGFlZWVhNzM1MDE3NjRkNzNjODkwN2ZhMzE3MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtNokFFRk1KpvMF5HVaz69iE5JRv
KYOXtZqCVc5PrVzaxWfIINxhAHMLSBmc0JozFg9n67LUpOpZCrk0eLFVVc1L0B47
oAZa54bDasV+H92BJgVM6AUlVrre5GwJS5X4J1cIqEMgd7jlVt/9GZy/kB8ZR8a5
R17c88wr6L3yUx/QpzsyAvolg75sUyGcw2GiqMsBMrrTOHnywFBluJCB1Y4wnfvu
zSudiCYipQ8VKIpHyt7t+JItNnq+RZelsfkAbtjNRpnThvpg0BcVkN2JdiImRV7D
tfj68fCbSsC2I5MKXMP08wcjcJhhwuLr0McHexl/x3Q1Ggt5/k6oUaRPkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcex5RSCu7qc1AXZNc8iQf6MXLuMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiC3eC85R
OApy0ufRvVsF7fusxuVxkHq4XKeINX11Zcok5vGJATujujJl7857G9B3o34OlJ66
mkGma65m0imyjwf0/xOk881TzUGQwTKRQhO4B9SulhCjOQ1kw5VblyNmL2AVFzor
ew2Kh5TYUl/O4TVvFli32Y9NKnLnPdYgtni85Qcx+XbNom0gR8+T60NA472BkVHg
F5tZjGkq08UWYtvWhCfJMkF1PDl0ZE0dE4uHzt2Kin5V4vf/NGa2huMkJaYZLjS5
uBA7rf07lV8G8fkpBI8Uh/R2dLCVjEtC8NgbHp0HE4ZGcrW8e3NeCzGmTIZI2msT
d1PzjTGTG45rig==
-----END CERTIFICATE-----