Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          PdhKgq64M+AY8ZNG9gsk+kC+4qE0+mvos4WALZqrkcM=
Subject key identifier:   D4:19:46:12:8A:64:67:2B:39:E5:E0:95:E3:44:52:65:82:AE:2E:97
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       0196C539FB8F5FB47D225B3D067723085482
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          09AE
Signing time:             Mon 12 May 2025 16:00:33 +0000
Manifest this update:     Mon 12 May 2025 16:00:33 +0000
Manifest next update:     Tue 13 May 2025 16:00:33 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: uQiQBIKwXmVPNDAUuT9bXmjjw5L6+9ns+F/FZUMv2ek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:39:fb:8f:5f:b4:7d:22:5b:3d:06:77:23:08:54:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: May 12 16:00:33 2025 GMT
            Not After : May 13 16:00:33 2025 GMT
        Subject: CN=d41946128a64672b39e5e095e344526582ae2e97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f6:00:87:be:a4:ed:1e:e5:60:52:a7:2c:3a:
                    8e:b1:b2:bb:bb:d3:f8:ff:84:19:f7:13:b0:13:5c:
                    91:84:d1:8a:24:a7:25:d1:87:43:27:e9:80:61:ff:
                    d6:e5:82:25:f9:e8:d4:ed:28:bf:62:ca:1c:e8:4d:
                    cd:05:a0:dd:da:5f:e9:58:ab:19:f6:eb:b0:df:eb:
                    85:f4:e3:f1:2b:11:0b:87:e9:be:ab:6d:80:53:64:
                    1e:70:85:a8:e2:d7:37:1f:09:06:c3:8b:f1:4a:ed:
                    ad:39:e8:26:8c:24:f4:9c:de:d9:24:e2:39:c3:11:
                    27:9a:53:46:88:f5:55:bd:cb:07:dd:19:c3:6a:c0:
                    2d:9d:53:3b:3f:d0:9d:b3:6b:6d:dc:f3:ce:3c:1a:
                    62:8a:58:fb:e8:7f:e0:fb:aa:3e:fb:61:d1:79:c5:
                    dd:d0:e8:7b:05:04:b6:af:21:52:88:34:c7:2c:84:
                    66:8e:c6:ad:3c:05:68:40:2b:a6:2e:86:88:74:6b:
                    65:ca:68:96:cb:ff:3a:2c:2f:cb:f2:14:0b:c0:c2:
                    f3:0f:fc:1e:1e:de:fa:3d:6e:2a:22:23:4d:c4:c5:
                    8b:1f:b4:dc:51:45:95:76:d7:49:63:c3:8f:da:5a:
                    16:d0:cd:10:1d:5f:18:8d:30:86:24:01:b7:a7:33:
                    15:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:19:46:12:8A:64:67:2B:39:E5:E0:95:E3:44:52:65:82:AE:2E:97
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:52:fd:20:91:97:fd:d6:34:82:58:a4:53:25:34:fb:a1:36:
         bc:a8:7c:68:19:f4:96:70:e7:87:cc:ab:7f:c0:b1:3e:4f:ba:
         33:93:9f:bb:e0:e8:ac:a6:1b:0e:2a:4b:66:78:90:ac:7f:64:
         85:87:85:5a:5c:44:5c:42:4d:b8:04:37:30:df:6f:de:12:39:
         6d:f2:9c:03:18:4c:ab:af:35:61:5a:88:78:29:6a:fb:97:d1:
         c7:b7:e6:a6:e7:61:6f:fa:2f:70:b6:6e:3c:91:8b:17:cb:86:
         78:f2:e0:97:76:5b:aa:8c:08:d4:2a:20:81:48:9f:df:c9:85:
         d2:3a:22:38:ea:4f:92:5a:b7:70:95:50:2e:e6:1c:57:de:78:
         14:b1:93:d9:34:db:1f:ae:c7:fa:ac:76:42:85:0b:e4:79:ce:
         29:00:58:ef:f3:a8:0b:5a:53:ff:b7:b5:42:44:bb:2a:25:e5:
         ab:16:5c:c7:76:31:24:93:8e:36:90:0c:49:6c:e4:20:7d:8d:
         28:35:e8:f4:fc:a8:27:dd:95:4a:6d:41:48:6a:8a:ca:38:00:
         12:06:a1:9c:a8:40:c7:64:a6:66:01:68:dd:58:5e:06:ea:d7:
         7d:82:00:81:47:42:cf:fa:6b:e3:49:52:f4:03:4f:5f:ed:8c:
         9b:9b:ca:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbFOfuPX7R9Ils9BncjCFSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNTEyMTYwMDMzWhcNMjUwNTEzMTYwMDMzWjAzMTEwLwYDVQQD
EyhkNDE5NDYxMjhhNjQ2NzJiMzllNWUwOTVlMzQ0NTI2NTgyYWUyZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvYAh76k7R7lYFKnLDqOsbK7u9P4
/4QZ9xOwE1yRhNGKJKcl0YdDJ+mAYf/W5YIl+ejU7Si/Ysoc6E3NBaDd2l/pWKsZ
9uuw3+uF9OPxKxELh+m+q22AU2QecIWo4tc3HwkGw4vxSu2tOegmjCT0nN7ZJOI5
wxEnmlNGiPVVvcsH3RnDasAtnVM7P9Cds2tt3PPOPBpiilj76H/g+6o++2HRecXd
0Oh7BQS2ryFSiDTHLIRmjsatPAVoQCumLoaIdGtlymiWy/86LC/L8hQLwMLzD/we
Ht76PW4qIiNNxMWLH7TcUUWVdtdJY8OP2loW0M0QHV8YjTCGJAG3pzMVuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQZRhKKZGcrOeXgleNEUmWCri6XMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVL9IJGX
/dY0glikUyU0+6E2vKh8aBn0lnDnh8yrf8CxPk+6M5Ofu+DorKYbDipLZniQrH9k
hYeFWlxEXEJNuAQ3MN9v3hI5bfKcAxhMq681YVqIeClq+5fRx7fmpudhb/ovcLZu
PJGLF8uGePLgl3ZbqowI1CoggUif38mF0joiOOpPklq3cJVQLuYcV954FLGT2TTb
H67H+qx2QoUL5HnOKQBY7/OoC1pT/7e1QkS7KiXlqxZcx3YxJJOONpAMSWzkIH2N
KDXo9PyoJ92VSm1BSGqKyjgAEgahnKhAx2SmZgFo3VheBurXfYIAgUdCz/pr40lS
9ANPX+2Mm5vKhA==
-----END CERTIFICATE-----