Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          Qgz28NzufVNw8vO0snXl0BeGAkP+Kgh59e3Mkygcblc=
Subject key identifier:   AB:AD:3D:A9:25:6D:8C:24:F4:06:6D:FC:31:FA:15:76:77:BD:EB:28
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019655A55A3E0A823C16C12CB3173187E90F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          14F9
Signing time:             Mon 21 Apr 2025 00:00:21 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:21 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:21 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: DwfpQEBQ9v1INKtDMz8F4iysw6ZWj2MArAQJDZwuBOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:5a:3e:0a:82:3c:16:c1:2c:b3:17:31:87:e9:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Apr 21 00:00:21 2025 GMT
            Not After : Apr 22 00:00:21 2025 GMT
        Subject: CN=abad3da9256d8c24f4066dfc31fa157677bdeb28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5d:c3:b0:75:a7:ea:37:6e:01:b8:42:23:62:
                    92:c5:96:e2:37:26:bb:d6:8c:ff:bb:d0:73:8a:a2:
                    e9:b4:86:bc:19:cd:a6:98:cd:2b:0c:ac:7c:22:3f:
                    9c:1b:36:dd:55:d6:6d:dd:19:1d:60:ca:c1:67:4e:
                    bc:7c:ae:6b:f3:32:d5:ed:42:b3:f6:85:c7:8f:f0:
                    4e:1d:c9:3a:d6:38:16:0d:89:cd:64:6b:31:ce:2c:
                    6f:ff:35:b4:5d:77:aa:ee:e5:d8:6e:ab:7a:02:2e:
                    fb:2c:ce:0e:78:06:ef:20:a7:de:e0:5b:5f:12:bc:
                    23:79:8e:9c:0f:5e:91:33:44:d7:bf:e7:eb:39:77:
                    76:56:2b:45:4f:88:06:22:f3:46:81:a7:05:73:2c:
                    1f:21:85:f5:5e:f4:f2:d1:65:4e:ac:93:1b:d8:de:
                    66:24:ae:a2:10:b9:6d:03:21:c8:88:dc:31:7f:91:
                    97:55:9b:84:b9:08:8d:b4:9b:6c:12:03:fc:4f:51:
                    7d:f6:13:72:d8:71:b5:b5:7c:9c:8b:3a:48:5b:cd:
                    c5:77:a5:2b:93:e5:45:81:44:c2:f2:59:b0:2e:01:
                    3c:76:a3:74:1c:36:0a:18:f6:03:7e:ad:aa:60:a9:
                    17:e6:f4:a6:84:d4:d9:66:f2:5d:aa:91:63:6f:fb:
                    f6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:AD:3D:A9:25:6D:8C:24:F4:06:6D:FC:31:FA:15:76:77:BD:EB:28
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:11:c9:c8:ba:59:b0:88:66:58:3f:71:35:2f:e5:57:e4:7f:
         f7:be:0b:05:93:77:e0:27:f2:e8:5c:f7:09:13:4c:3d:9b:33:
         58:0e:00:50:e6:a6:4c:20:3d:e2:9c:42:83:32:a3:09:d6:ed:
         9c:04:1e:f8:54:ba:7d:ea:e0:ca:45:15:fb:e3:5d:2d:07:19:
         86:13:24:1f:b4:b5:b2:db:56:e5:d5:f9:a0:8b:75:90:da:59:
         a8:6b:09:22:52:0c:c6:f8:19:d9:78:4d:7b:0c:1d:aa:f6:60:
         51:3f:d5:ee:5c:88:10:7f:3c:66:40:2b:23:0f:03:bd:f0:0c:
         fb:18:da:d8:3c:7e:6d:18:6c:f7:9b:4a:3a:3c:be:89:9c:a7:
         1d:92:77:a8:b7:76:17:6c:a5:79:d5:5a:37:f4:4d:2a:29:e6:
         e1:d5:09:5d:d7:e7:a9:a5:77:f3:9f:2c:4d:2f:92:46:81:c8:
         78:74:1d:2c:1b:c3:c0:f4:34:8f:d3:12:57:4b:26:b1:bd:8d:
         d7:61:0a:f0:62:a9:33:b5:a0:a7:02:c1:56:ce:8c:1a:81:f5:
         8c:ac:92:4a:e8:95:44:f2:63:1c:24:81:2f:a7:05:18:c5:8a:
         2c:f4:ce:59:52:b4:15:4d:ec:97:70:e0:46:c3:6b:a0:3f:32:
         30:d4:3d:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpVo+CoI8FsEssxcxh+kPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNDIxMDAwMDIxWhcNMjUwNDIyMDAwMDIxWjAzMTEwLwYDVQQD
EyhhYmFkM2RhOTI1NmQ4YzI0ZjQwNjZkZmMzMWZhMTU3Njc3YmRlYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq13DsHWn6jduAbhCI2KSxZbiNya7
1oz/u9BziqLptIa8Gc2mmM0rDKx8Ij+cGzbdVdZt3RkdYMrBZ068fK5r8zLV7UKz
9oXHj/BOHck61jgWDYnNZGsxzixv/zW0XXeq7uXYbqt6Ai77LM4OeAbvIKfe4Ftf
ErwjeY6cD16RM0TXv+frOXd2VitFT4gGIvNGgacFcywfIYX1XvTy0WVOrJMb2N5m
JK6iELltAyHIiNwxf5GXVZuEuQiNtJtsEgP8T1F99hNy2HG1tXycizpIW83Fd6Ur
k+VFgUTC8lmwLgE8dqN0HDYKGPYDfq2qYKkX5vSmhNTZZvJdqpFjb/v26wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKutPaklbYwk9AZt/DH6FXZ3vesoMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghHJyLpZ
sIhmWD9xNS/lV+R/974LBZN34Cfy6Fz3CRNMPZszWA4AUOamTCA94pxCgzKjCdbt
nAQe+FS6fergykUV++NdLQcZhhMkH7S1sttW5dX5oIt1kNpZqGsJIlIMxvgZ2XhN
ewwdqvZgUT/V7lyIEH88ZkArIw8DvfAM+xja2Dx+bRhs95tKOjy+iZynHZJ3qLd2
F2yledVaN/RNKinm4dUJXdfnqaV3858sTS+SRoHIeHQdLBvDwPQ0j9MSV0smsb2N
12EK8GKpM7WgpwLBVs6MGoH1jKySSuiVRPJjHCSBL6cFGMWKLPTOWVK0FU3sl3Dg
RsNroD8yMNQ9zQ==
-----END CERTIFICATE-----