Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
File:                     GHRUZrThRoMLlit0kG2xxtCB_HA.mft (raw, json)
Hash identifier:          svAGq5rkPsmPRtW6SxcPj1D4nIa/Zoc2FQlrSMGCwKw=
Subject key identifier:   79:A5:8A:69:B5:5E:15:D7:F0:32:49:EB:2F:5A:91:AF:FA:31:81:82
Authority key identifier: 18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70
Certificate issuer:       /CN=18745466b4e146830b962b74906db1c6d081fc70
Certificate serial:       019651C872709F7EB0C78526C94FE1713034
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
Manifest number:          14C2
Signing time:             Sun 20 Apr 2025 06:00:12 +0000
Manifest this update:     Sun 20 Apr 2025 06:00:12 +0000
Manifest next update:     Mon 21 Apr 2025 06:00:12 +0000
Files and hashes:         1: GHRUZrThRoMLlit0kG2xxtCB_HA.crl (hash: 65b7YrycW1HiznXrV68i+yPRgQg77U2vfWxcCJ5pt0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:51:c8:72:70:9f:7e:b0:c7:85:26:c9:4f:e1:71:30:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18745466b4e146830b962b74906db1c6d081fc70
        Validity
            Not Before: Apr 20 06:00:12 2025 GMT
            Not After : Apr 21 06:00:12 2025 GMT
        Subject: CN=79a58a69b55e15d7f03249eb2f5a91affa318182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:d4:1d:84:fe:96:f2:a1:7a:b0:a2:fe:97:d0:
                    49:bf:d4:69:2f:a5:69:8a:2a:b5:a3:16:fa:9f:2b:
                    8a:45:17:d2:ad:13:a4:8c:ec:b3:b2:1b:06:91:83:
                    2c:f8:2a:7a:90:50:64:66:81:80:eb:ec:a4:56:ae:
                    ff:5b:88:cf:b1:03:ba:6d:3a:8c:ad:f6:a0:60:b4:
                    8d:2c:5c:90:e3:8b:eb:6e:10:6e:cf:fe:b6:be:fe:
                    b6:cd:43:61:4f:cb:07:d1:6c:83:00:63:b2:44:97:
                    44:11:e4:92:b0:41:2c:dd:69:91:8c:81:c5:2d:93:
                    a5:2d:93:ef:d0:c6:df:89:06:6a:56:4c:6d:c1:14:
                    ca:fa:53:24:79:5a:18:41:44:dc:b5:ba:ff:fb:cc:
                    22:21:d1:82:4c:d4:8d:c4:bf:ae:39:3c:f3:16:5d:
                    99:32:50:f2:ed:0e:78:c2:6f:d0:28:a3:e9:2d:78:
                    91:c2:4d:2a:0f:c6:d3:5c:c4:64:a8:34:9d:36:68:
                    4a:99:e6:2e:b9:1e:88:3c:ef:a6:70:a3:37:d4:a3:
                    bf:0b:d1:4a:6f:66:12:fc:d3:bf:f4:34:0f:3c:22:
                    71:80:7f:4d:11:d4:e3:46:80:b8:64:36:62:80:b9:
                    7c:34:3e:33:16:ec:a9:b3:02:c9:89:9f:b5:c4:56:
                    e8:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A5:8A:69:B5:5E:15:D7:F0:32:49:EB:2F:5A:91:AF:FA:31:81:82
            X509v3 Authority Key Identifier:
                keyid:18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:8a:9d:e7:f2:ce:42:9c:84:95:45:a6:88:24:47:40:ac:78:
         a0:db:f0:f1:fd:f5:2e:41:4f:b3:e4:aa:e6:a8:39:68:14:0b:
         5c:6c:07:25:c7:d2:ec:a2:0c:6c:a8:52:25:c3:72:5b:be:0d:
         22:ea:fb:15:f2:0a:ac:10:99:44:5c:8e:29:26:be:b5:81:18:
         fc:0f:93:d8:91:11:09:a1:8c:31:02:c9:8c:71:85:00:9d:d9:
         cf:5c:1e:78:6a:13:9d:bb:95:fb:8d:38:ec:f6:99:bd:b8:8a:
         14:ac:ec:25:27:57:f3:00:12:58:e0:a3:a4:4d:f1:3f:c7:34:
         db:c3:0f:eb:be:6e:4d:b4:99:d7:df:5c:4e:aa:d6:e0:8c:12:
         81:28:32:c9:85:ff:e1:d3:d6:99:65:73:bd:71:63:4c:6b:15:
         35:81:70:35:4f:62:24:6b:d3:f3:37:8a:ad:a3:95:27:6e:13:
         7d:b6:43:0a:c3:dc:dd:56:5f:0d:d0:34:69:3b:3a:06:b3:e0:
         77:e9:78:08:d8:a2:d5:37:f1:6d:b6:37:a6:39:c1:57:10:f1:
         b8:3b:30:69:7b:7a:16:35:7e:c5:95:bb:fd:de:0b:45:02:5a:
         68:09:0d:9d:02:b2:6f:e0:02:c1:e4:53:5c:0c:36:fb:16:11:
         9b:ff:cf:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZRyHJwn36wx4UmyU/hcTA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzQ1NDY2YjRlMTQ2ODMwYjk2MmI3NDkwNmRiMWM2ZDA4
MWZjNzAwHhcNMjUwNDIwMDYwMDEyWhcNMjUwNDIxMDYwMDEyWjAzMTEwLwYDVQQD
Eyg3OWE1OGE2OWI1NWUxNWQ3ZjAzMjQ5ZWIyZjVhOTFhZmZhMzE4MTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dQdhP6W8qF6sKL+l9BJv9RpL6Vp
iiq1oxb6nyuKRRfSrROkjOyzshsGkYMs+Cp6kFBkZoGA6+ykVq7/W4jPsQO6bTqM
rfagYLSNLFyQ44vrbhBuz/62vv62zUNhT8sH0WyDAGOyRJdEEeSSsEEs3WmRjIHF
LZOlLZPv0MbfiQZqVkxtwRTK+lMkeVoYQUTctbr/+8wiIdGCTNSNxL+uOTzzFl2Z
MlDy7Q54wm/QKKPpLXiRwk0qD8bTXMRkqDSdNmhKmeYuuR6IPO+mcKM31KO/C9FK
b2YS/NO/9DQPPCJxgH9NEdTjRoC4ZDZigLl8ND4zFuypswLJiZ+1xFboGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmlimm1XhXX8DJJ6y9aka/6MYGCMB8GA1UdIwQY
MBaAFBh0VGa04UaDC5YrdJBtscbQgfxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYt
ZjFmYzA1NDFjNjQ5LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYtZjFmYzA1NDFjNjQ5
LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABIqd5/LO
QpyElUWmiCRHQKx4oNvw8f31LkFPs+Sq5qg5aBQLXGwHJcfS7KIMbKhSJcNyW74N
Iur7FfIKrBCZRFyOKSa+tYEY/A+T2JERCaGMMQLJjHGFAJ3Zz1weeGoTnbuV+404
7PaZvbiKFKzsJSdX8wASWOCjpE3xP8c028MP675uTbSZ199cTqrW4IwSgSgyyYX/
4dPWmWVzvXFjTGsVNYFwNU9iJGvT8zeKraOVJ24TfbZDCsPc3VZfDdA0aTs6BrPg
d+l4CNii1TfxbbY3pjnBVxDxuDswaXt6FjV+xZW7/d4LRQJaaAkNnQKyb+ACweRT
XAw2+xYRm//PHg==
-----END CERTIFICATE-----