Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          IZgAh3+SvSy1/GVVePbs7XnWRFjgOfW82GFLezjZlQ8=
Subject key identifier:   4F:3E:7E:95:CF:81:9C:C2:28:F9:6F:E4:F6:33:84:BC:38:AF:BD:D8
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       0196B1EAA7C279500FDD9F6BEC8C0268C7B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          03CF
Signing time:             Thu 08 May 2025 22:01:07 +0000
Manifest this update:     Thu 08 May 2025 22:01:07 +0000
Manifest next update:     Fri 09 May 2025 22:01:07 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: 5BlGnxqo0pwKwhpt+yvMLC2VKV5sPp7pDQiaTQT5eJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b1:ea:a7:c2:79:50:0f:dd:9f:6b:ec:8c:02:68:c7:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: May  8 22:01:07 2025 GMT
            Not After : May  9 22:01:07 2025 GMT
        Subject: CN=4f3e7e95cf819cc228f96fe4f63384bc38afbdd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:88:33:2e:fd:3c:54:a7:79:32:26:5f:90:19:
                    6b:55:04:ff:55:9d:79:6a:a2:bc:63:50:10:ee:8a:
                    44:98:ee:77:c8:7b:fa:ba:2b:bf:8d:5d:0e:d7:98:
                    76:ed:c5:7f:06:bb:cc:c8:de:65:da:50:f1:28:fe:
                    1b:a1:c0:0c:36:64:15:4d:f4:1b:01:77:a0:80:ac:
                    22:87:6a:80:5f:5b:74:1f:ca:0f:df:81:e5:95:e0:
                    9b:d7:4e:e8:ed:71:3c:a7:f3:84:a9:04:47:be:a4:
                    ae:85:0b:63:10:e5:4c:e8:29:13:7c:58:e6:2b:bb:
                    37:8c:53:67:d6:7b:85:71:d5:f0:6b:e7:2c:19:37:
                    ac:8f:96:06:3c:0c:ed:99:81:43:68:2a:7d:f9:4d:
                    8e:35:c0:8a:78:69:dc:f7:b7:ba:db:26:67:da:4d:
                    20:23:9e:3b:76:a2:cc:6f:37:26:cf:57:df:ef:84:
                    f1:e4:b7:53:12:d2:fd:30:c9:74:d2:f8:b6:19:e3:
                    5f:fd:20:a2:7d:f9:4f:b8:b7:ed:2e:57:93:a9:37:
                    22:ff:1f:27:0e:5d:77:b1:3b:12:ed:9f:4c:10:3a:
                    71:6d:a9:9d:b7:b2:bf:a1:12:de:70:46:43:f5:5e:
                    82:cd:5f:f3:7d:75:af:c0:84:f5:04:7c:18:ca:9f:
                    71:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:3E:7E:95:CF:81:9C:C2:28:F9:6F:E4:F6:33:84:BC:38:AF:BD:D8
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:31:ae:9b:ca:3e:74:6e:3f:4e:6c:36:fb:74:6a:c9:07:7d:
         38:f2:87:40:05:c8:5d:0f:bf:72:74:93:90:13:ea:0e:86:5e:
         0c:e6:63:bf:74:c1:34:78:b0:7c:01:95:33:dd:44:74:e1:08:
         66:12:2f:37:12:db:e8:62:cf:ae:d8:74:cd:13:ae:5e:78:c4:
         00:3d:6d:2d:14:c6:1b:58:84:4c:db:74:1d:b4:97:78:af:10:
         56:5c:39:7b:28:5f:cc:44:69:7f:dc:92:cb:25:19:88:e9:a5:
         8f:49:ac:e3:d8:fd:24:31:23:5d:c6:92:e1:74:cc:ca:c1:59:
         b1:16:7c:7f:b1:39:63:d3:46:8c:3f:73:b5:fd:0d:61:0a:0b:
         9d:38:e7:b2:f2:0b:f5:1f:47:f3:50:ab:b4:51:b3:b3:de:e4:
         e3:3f:d9:2f:a5:06:0c:5c:dd:92:89:97:d4:2c:66:48:5a:92:
         13:cf:a2:c8:58:8d:b8:dc:87:7f:be:e1:bd:75:8a:4c:37:27:
         fb:5e:db:a2:58:d5:8b:f0:62:f4:94:da:64:74:12:20:d6:7f:
         fe:78:3a:ef:e0:a3:98:4b:8a:bb:6d:ca:9e:de:87:c3:62:1f:
         fc:10:56:a3:d3:0b:1d:69:61:32:4f:b6:89:27:b7:c0:61:90:
         6d:a3:1b:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZax6qfCeVAP3Z9r7IwCaMe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUwNTA4MjIwMTA3WhcNMjUwNTA5MjIwMTA3WjAzMTEwLwYDVQQD
Eyg0ZjNlN2U5NWNmODE5Y2MyMjhmOTZmZTRmNjMzODRiYzM4YWZiZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4gzLv08VKd5MiZfkBlrVQT/VZ15
aqK8Y1AQ7opEmO53yHv6uiu/jV0O15h27cV/BrvMyN5l2lDxKP4bocAMNmQVTfQb
AXeggKwih2qAX1t0H8oP34HlleCb107o7XE8p/OEqQRHvqSuhQtjEOVM6CkTfFjm
K7s3jFNn1nuFcdXwa+csGTesj5YGPAztmYFDaCp9+U2ONcCKeGnc97e62yZn2k0g
I547dqLMbzcmz1ff74Tx5LdTEtL9MMl00vi2GeNf/SCifflPuLftLleTqTci/x8n
Dl13sTsS7Z9MEDpxbamdt7K/oRLecEZD9V6CzV/zfXWvwIT1BHwYyp9xoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8+fpXPgZzCKPlv5PYzhLw4r73YMB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjGum8o+
dG4/Tmw2+3RqyQd9OPKHQAXIXQ+/cnSTkBPqDoZeDOZjv3TBNHiwfAGVM91EdOEI
ZhIvNxLb6GLPrth0zROuXnjEAD1tLRTGG1iETNt0HbSXeK8QVlw5eyhfzERpf9yS
yyUZiOmlj0ms49j9JDEjXcaS4XTMysFZsRZ8f7E5Y9NGjD9ztf0NYQoLnTjnsvIL
9R9H81CrtFGzs97k4z/ZL6UGDFzdkomX1CxmSFqSE8+iyFiNuNyHf77hvXWKTDcn
+17boljVi/Bi9JTaZHQSINZ//ng67+CjmEuKu23Knt6Hw2If/BBWo9MLHWlhMk+2
iSe3wGGQbaMbpg==
-----END CERTIFICATE-----