Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          ADurDHVZXreTsLKLlwcHfYtx+UD2AwvPPCPouCLNESY=
Subject key identifier:   F6:B7:97:8F:AB:D9:7B:0E:39:D9:B2:9B:A5:67:A8:89:4F:1E:3A:50
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019646A07A4FC66C5F460BD7D7BF2CBC1C07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          01CD
Signing time:             Fri 18 Apr 2025 02:00:44 +0000
Manifest this update:     Fri 18 Apr 2025 02:00:44 +0000
Manifest next update:     Sat 19 Apr 2025 02:00:44 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: VGD+T+MUWppv3p3IwG3NICMjXF5PjyHvmbHnKpMXoKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 18:56:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:a0:7a:4f:c6:6c:5f:46:0b:d7:d7:bf:2c:bc:1c:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Apr 18 02:00:44 2025 GMT
            Not After : Apr 19 02:00:44 2025 GMT
        Subject: CN=f6b7978fabd97b0e39d9b29ba567a8894f1e3a50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1b:e2:18:4f:01:20:51:03:b3:53:de:19:11:
                    7b:18:e1:e1:72:99:3b:04:40:08:34:2a:7b:35:a5:
                    7a:34:41:f2:28:1c:a4:2a:d8:17:bb:fb:e2:4b:ea:
                    25:7f:91:06:6a:30:51:5b:00:db:0c:e7:b1:84:78:
                    1c:cf:56:31:17:d9:44:06:2e:75:eb:3c:14:04:b6:
                    21:6d:a4:ed:34:81:c1:bf:65:15:f7:9d:14:4c:9d:
                    50:01:53:a4:16:34:28:f7:9e:38:68:c4:ce:a5:86:
                    b0:56:b2:98:12:e4:a0:ce:6f:96:60:b9:33:98:ee:
                    4f:e4:e5:0b:ae:d4:f9:b9:36:11:11:4c:d5:5e:b3:
                    b2:b8:e6:f8:45:d4:6e:db:73:2d:17:39:7c:47:46:
                    f2:26:c9:26:81:a8:da:2f:55:9b:73:d3:97:f4:cf:
                    c2:7a:a8:81:12:0e:78:d5:76:6b:bb:e0:f1:22:8a:
                    5d:1f:3e:51:59:58:7e:11:40:85:0b:4d:5f:27:fa:
                    c8:b0:9a:30:2b:0f:78:55:9b:70:32:a3:ae:2d:29:
                    85:0c:2a:b7:e5:b7:7b:6b:93:99:d2:33:9e:6c:2e:
                    00:69:27:46:51:5a:e8:a1:b1:4b:59:02:ed:80:95:
                    f1:02:d1:ac:6b:44:1c:0f:70:23:e0:69:38:38:ec:
                    67:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B7:97:8F:AB:D9:7B:0E:39:D9:B2:9B:A5:67:A8:89:4F:1E:3A:50
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:da:22:d3:23:c7:bc:47:71:60:5a:2c:2d:a2:47:1e:c7:2b:
         33:d5:fa:b3:31:ce:7b:86:e4:65:17:2c:d3:3f:04:4b:8f:9f:
         8a:6b:d8:84:7a:2f:a8:ab:8e:47:ef:03:92:f0:cb:fe:c2:46:
         c6:ab:d4:57:5e:91:51:23:0b:d6:88:d1:a1:74:97:71:02:61:
         37:d4:28:ce:45:30:86:66:e1:ca:22:47:5f:36:31:e2:c3:0b:
         50:45:ec:ec:e5:ec:e3:4e:9c:e6:e9:57:82:cb:82:56:2c:55:
         c2:9c:e7:ca:a9:db:c7:9f:28:a8:24:ce:02:ac:01:c1:28:bd:
         91:03:4b:fe:f7:f2:bc:5f:a6:cf:90:c0:8b:a4:19:56:b5:31:
         5d:ae:e7:09:97:52:b0:3f:5f:76:14:07:32:d0:85:82:b3:82:
         e6:d9:b2:a4:46:fe:20:24:b5:5c:25:47:67:13:ad:bb:d4:7c:
         8c:a7:f2:6a:ea:99:53:e1:83:c1:16:42:68:4b:9a:cc:36:02:
         0d:3e:4f:d1:79:49:d6:6d:75:cf:2a:a4:8d:d9:0e:9d:c2:de:
         fd:0e:c5:a4:99:77:6f:76:9f:b0:c7:2a:3a:7a:09:d6:75:9c:
         eb:cd:97:ef:60:70:84:cc:78:69:f1:23:ea:b7:a7:ee:c6:35:
         c4:be:4b:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGoHpPxmxfRgvX178svBwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwNDE4MDIwMDQ0WhcNMjUwNDE5MDIwMDQ0WjAzMTEwLwYDVQQD
EyhmNmI3OTc4ZmFiZDk3YjBlMzlkOWIyOWJhNTY3YTg4OTRmMWUzYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRviGE8BIFEDs1PeGRF7GOHhcpk7
BEAINCp7NaV6NEHyKBykKtgXu/viS+olf5EGajBRWwDbDOexhHgcz1YxF9lEBi51
6zwUBLYhbaTtNIHBv2UV950UTJ1QAVOkFjQo9544aMTOpYawVrKYEuSgzm+WYLkz
mO5P5OULrtT5uTYREUzVXrOyuOb4RdRu23MtFzl8R0byJskmgajaL1Wbc9OX9M/C
eqiBEg541XZru+DxIopdHz5RWVh+EUCFC01fJ/rIsJowKw94VZtwMqOuLSmFDCq3
5bd7a5OZ0jOebC4AaSdGUVroobFLWQLtgJXxAtGsa0QcD3Aj4Gk4OOxn0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPa3l4+r2XsOOdmym6VnqIlPHjpQMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetoi0yPH
vEdxYFosLaJHHscrM9X6szHOe4bkZRcs0z8ES4+fimvYhHovqKuOR+8DkvDL/sJG
xqvUV16RUSML1ojRoXSXcQJhN9QozkUwhmbhyiJHXzYx4sMLUEXs7OXs406c5ulX
gsuCVixVwpznyqnbx58oqCTOAqwBwSi9kQNL/vfyvF+mz5DAi6QZVrUxXa7nCZdS
sD9fdhQHMtCFgrOC5tmypEb+ICS1XCVHZxOtu9R8jKfyauqZU+GDwRZCaEuazDYC
DT5P0XlJ1m11zyqkjdkOncLe/Q7FpJl3b3afsMcqOnoJ1nWc682X72BwhMx4afEj
6ren7sY1xL5LoQ==
-----END CERTIFICATE-----