Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
File:                     HHOn_DBLwC2AdEdtB121zc0tq94.mft (raw, json)
Hash identifier:          a6SyWyTKJPbZCHoKeovMpvFSZ4+V0Zz82n0CPu8PBG4=
Subject key identifier:   18:83:52:9D:57:7D:EB:A5:FF:AB:AD:D4:04:35:D9:3E:44:8D:34:6D
Authority key identifier: 1C:73:A7:FC:30:4B:C0:2D:80:74:47:6D:07:5D:B5:CD:CD:2D:AB:DE
Certificate issuer:       /CN=1c73a7fc304bc02d8074476d075db5cdcd2dabde
Certificate serial:       01965349CACE712879C6E9524A9906383F6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 13:01:07 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:07 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:07 +0000
Files and hashes:         1: HHOn_DBLwC2AdEdtB121zc0tq94.crl (hash: L4Muog/hwcZoipA0zPLbUKXI5tcDYvOv7tTfh9iT6W4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 13:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:49:ca:ce:71:28:79:c6:e9:52:4a:99:06:38:3f:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c73a7fc304bc02d8074476d075db5cdcd2dabde
        Validity
            Not Before: Apr 20 13:01:07 2025 GMT
            Not After : Apr 21 13:01:07 2025 GMT
        Subject: CN=1883529d577deba5ffabadd40435d93e448d346d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:48:bd:bd:3c:35:30:43:10:25:de:48:06:ad:
                    a5:d2:47:3d:1a:b9:74:11:2c:98:bf:1c:37:df:3c:
                    80:89:e6:e1:a5:66:21:8f:a4:4b:82:ca:3b:60:0d:
                    3f:fd:af:9f:8b:7c:a7:f1:98:6b:30:de:c5:03:ed:
                    5c:b7:54:44:21:84:2d:ec:95:19:35:a8:96:e7:c6:
                    3d:35:49:da:79:af:f6:86:68:b2:34:5c:ab:20:aa:
                    0a:f5:ca:4f:f2:4c:d1:75:42:91:39:ae:a6:d6:c0:
                    83:01:65:d5:f8:69:00:42:5c:5f:2e:d3:86:d2:b7:
                    1a:85:4b:53:7c:f3:3e:03:2c:cf:c6:36:94:3e:78:
                    33:d7:f4:97:49:9b:97:8d:04:05:ec:3b:32:68:e7:
                    35:7a:26:2d:aa:7d:1f:e1:c3:9d:27:06:e4:a4:b6:
                    6a:1f:7a:d4:32:c5:ca:fb:87:dd:73:f2:72:b6:05:
                    a8:0c:b6:b8:b9:92:02:e0:83:70:21:d1:aa:a9:a8:
                    b7:e5:51:e2:d1:d6:fc:b2:78:90:8e:81:61:ab:bb:
                    8a:82:42:de:05:06:92:05:b7:b4:ab:5d:73:a0:a3:
                    0b:d5:58:7c:5c:e8:f8:4a:38:14:eb:07:0c:3e:60:
                    1d:9d:0b:f7:f3:20:17:19:64:55:36:7c:cc:8d:2b:
                    12:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:83:52:9D:57:7D:EB:A5:FF:AB:AD:D4:04:35:D9:3E:44:8D:34:6D
            X509v3 Authority Key Identifier:
                keyid:1C:73:A7:FC:30:4B:C0:2D:80:74:47:6D:07:5D:B5:CD:CD:2D:AB:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:8a:7b:9e:55:b9:19:28:14:c3:1a:03:1a:dc:72:aa:71:b2:
         04:23:47:c2:d8:10:90:f6:b1:bd:90:64:b7:e9:7a:ad:dd:57:
         22:69:ca:b9:9b:d4:94:ee:86:d0:fc:12:f9:59:84:33:51:b6:
         4c:b5:7a:8d:30:12:b2:a2:6f:32:c6:eb:38:d4:fc:03:c3:36:
         70:65:83:ee:fd:6f:34:73:68:bd:7e:71:af:16:82:28:28:e7:
         7f:13:20:c4:c2:6b:21:ab:59:69:d8:9f:cc:ec:32:b8:20:a2:
         79:ec:ac:1e:2b:c7:dd:b7:55:23:58:a6:81:d2:e1:b0:a7:61:
         f0:76:d2:d9:37:27:58:9e:49:89:a8:f7:5c:c9:c7:4b:fe:3d:
         46:37:6a:a2:1b:2d:7e:b6:27:2e:a1:3f:fe:6d:cc:0d:64:d7:
         0b:63:4e:ae:63:db:d1:76:b4:4e:62:d0:07:0a:3e:22:12:ed:
         e9:d3:7a:f0:4f:a9:6f:48:61:bb:34:b4:d8:8f:83:36:59:66:
         5d:70:4e:88:41:89:ea:e7:43:96:78:38:05:fd:ce:6f:2f:d2:
         41:bb:fa:e4:6c:ae:41:df:87:f5:80:c6:f2:74:b5:00:d2:0e:
         a3:cd:62:2f:cb:01:29:08:5b:f6:1c:20:cd:a0:01:a4:c7:96:
         cd:5b:cb:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTScrOcSh5xulSSpkGOD9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzNhN2ZjMzA0YmMwMmQ4MDc0NDc2ZDA3NWRiNWNkY2Qy
ZGFiZGUwHhcNMjUwNDIwMTMwMTA3WhcNMjUwNDIxMTMwMTA3WjAzMTEwLwYDVQQD
EygxODgzNTI5ZDU3N2RlYmE1ZmZhYmFkZDQwNDM1ZDkzZTQ0OGQzNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEi9vTw1MEMQJd5IBq2l0kc9Grl0
ESyYvxw33zyAiebhpWYhj6RLgso7YA0//a+fi3yn8ZhrMN7FA+1ct1REIYQt7JUZ
NaiW58Y9NUnaea/2hmiyNFyrIKoK9cpP8kzRdUKROa6m1sCDAWXV+GkAQlxfLtOG
0rcahUtTfPM+AyzPxjaUPngz1/SXSZuXjQQF7DsyaOc1eiYtqn0f4cOdJwbkpLZq
H3rUMsXK+4fdc/JytgWoDLa4uZIC4INwIdGqqai35VHi0db8sniQjoFhq7uKgkLe
BQaSBbe0q11zoKML1Vh8XOj4SjgU6wcMPmAdnQv38yAXGWRVNnzMjSsS3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiDUp1Xfeul/6ut1AQ12T5EjTRtMB8GA1UdIwQY
MBaAFBxzp/wwS8AtgHRHbQddtc3NLaveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84MTBjNzItZDQxNi00YTE0LThhY2Et
YThmYWVlYjdlZTUyLzEvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84MTBjNzItZDQxNi00YTE0LThhY2EtYThmYWVlYjdlZTUy
LzEvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYp7nlW5
GSgUwxoDGtxyqnGyBCNHwtgQkPaxvZBkt+l6rd1XImnKuZvUlO6G0PwS+VmEM1G2
TLV6jTASsqJvMsbrONT8A8M2cGWD7v1vNHNovX5xrxaCKCjnfxMgxMJrIatZadif
zOwyuCCieeysHivH3bdVI1imgdLhsKdh8HbS2TcnWJ5Jiaj3XMnHS/49Rjdqohst
frYnLqE//m3MDWTXC2NOrmPb0Xa0TmLQBwo+IhLt6dN68E+pb0hhuzS02I+DNllm
XXBOiEGJ6udDlng4Bf3Oby/SQbv65GyuQd+H9YDG8nS1ANIOo81iL8sBKQhb9hwg
zaABpMeWzVvLJg==
-----END CERTIFICATE-----