Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          5DuXQg4jia5tHEoCKc1cEzrybxD0YFh5cJ3mp8SGiZs=
Subject key identifier:   7F:CD:E9:9C:2C:14:5E:29:DD:8C:78:3B:6D:27:4B:19:7C:A0:A6:F6
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       0196D5F6628C0E447FCD6D04C2839330D627
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0700
Signing time:             Thu 15 May 2025 22:00:16 +0000
Manifest this update:     Thu 15 May 2025 22:00:16 +0000
Manifest next update:     Fri 16 May 2025 22:00:16 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: hK6c2QcOP2KuRA0BGzw5xia9RaYjWK8fkJiUmdr8R0M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 16 May 2025 22:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d5:f6:62:8c:0e:44:7f:cd:6d:04:c2:83:93:30:d6:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: May 15 22:00:16 2025 GMT
            Not After : May 16 22:00:16 2025 GMT
        Subject: CN=7fcde99c2c145e29dd8c783b6d274b197ca0a6f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:8e:ad:d4:bc:68:36:a8:93:5f:2e:95:cb:7f:
                    a5:af:b3:83:2d:46:e7:dc:ae:20:f6:e6:98:aa:33:
                    84:34:92:0d:1a:01:51:36:2c:65:74:43:5c:90:88:
                    28:dc:d0:51:95:c6:23:ee:78:e5:cc:a9:66:f5:c3:
                    25:0a:48:08:42:a1:71:88:b8:5e:56:d0:82:81:3f:
                    34:a4:c8:e0:98:e6:0a:9a:7b:c3:a9:f8:9f:c1:c0:
                    2f:c7:d3:1c:98:5c:bd:af:c1:83:88:82:11:81:be:
                    b2:65:e5:b3:57:bb:03:ec:6d:b9:c7:6a:f9:87:1f:
                    6e:dc:f6:82:a3:3e:64:3d:4f:d4:35:3b:ec:4e:81:
                    0c:38:6c:85:05:07:2d:f4:f9:d3:19:3a:bb:91:3a:
                    ee:e7:e0:3d:9a:6b:e4:59:c4:ce:cc:b3:9e:b8:13:
                    01:fb:30:de:0c:57:4a:2a:f8:79:b2:ae:8a:66:8d:
                    96:17:e6:da:c6:16:37:45:69:f4:58:49:0c:41:ca:
                    f2:8d:b2:67:3a:24:cc:ad:6d:da:aa:3f:8e:d3:ea:
                    e8:fc:80:ea:ee:bc:e9:69:80:a4:57:d5:5a:13:eb:
                    58:af:fb:e4:ab:be:f4:b6:e7:09:c4:66:21:a8:90:
                    af:66:8a:6e:80:ad:3e:ac:53:15:ea:3e:ee:82:81:
                    11:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:CD:E9:9C:2C:14:5E:29:DD:8C:78:3B:6D:27:4B:19:7C:A0:A6:F6
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:12:ac:2a:31:0d:73:a8:90:c1:b4:14:32:07:09:d3:a0:b2:
         5c:3d:f9:d7:eb:52:e2:5f:c7:4e:3c:94:d2:94:28:75:4c:56:
         34:b6:58:79:5e:2d:a7:2a:08:17:1c:1a:b7:4e:ad:29:5f:9a:
         70:93:f9:51:08:e0:23:ff:04:9c:7f:a6:5a:ab:15:0d:2e:5e:
         9c:c7:f5:22:2c:d2:cf:33:10:37:83:d4:bd:e6:c4:01:8e:b1:
         74:76:5e:68:55:5c:85:3b:6f:f1:a1:95:1c:76:30:8a:ef:5c:
         ce:f0:d5:7f:a4:19:63:4b:0e:86:fd:f0:f0:0c:35:a1:e3:c5:
         05:fc:1c:6a:cf:c0:75:37:fd:62:04:bf:39:c6:e1:c9:f6:0d:
         57:6d:d4:ce:fd:77:e3:b3:3e:08:37:fa:bf:8f:00:e1:88:75:
         ae:90:b6:4b:46:db:fe:1c:05:33:bb:a1:14:1c:0a:eb:f9:9e:
         3e:70:af:8e:15:60:c3:1e:98:b1:bd:5f:4c:5d:5e:bc:26:04:
         c5:64:38:11:41:ae:74:fe:a3:ed:36:da:34:39:56:2c:44:aa:
         55:10:ac:af:53:90:e5:4f:fc:c9:dd:5e:e8:a3:2b:28:6c:65:
         4f:0d:d6:df:ce:dc:55:20:85:d5:36:3a:03:6e:d4:86:49:1e:
         87:2f:9d:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbV9mKMDkR/zW0EwoOTMNYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwNTE1MjIwMDE2WhcNMjUwNTE2MjIwMDE2WjAzMTEwLwYDVQQD
Eyg3ZmNkZTk5YzJjMTQ1ZTI5ZGQ4Yzc4M2I2ZDI3NGIxOTdjYTBhNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA246t1LxoNqiTXy6Vy3+lr7ODLUbn
3K4g9uaYqjOENJINGgFRNixldENckIgo3NBRlcYj7njlzKlm9cMlCkgIQqFxiLhe
VtCCgT80pMjgmOYKmnvDqfifwcAvx9McmFy9r8GDiIIRgb6yZeWzV7sD7G25x2r5
hx9u3PaCoz5kPU/UNTvsToEMOGyFBQct9PnTGTq7kTru5+A9mmvkWcTOzLOeuBMB
+zDeDFdKKvh5sq6KZo2WF+baxhY3RWn0WEkMQcryjbJnOiTMrW3aqj+O0+ro/IDq
7rzpaYCkV9VaE+tYr/vkq770tucJxGYhqJCvZopugK0+rFMV6j7ugoERRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/N6ZwsFF4p3Yx4O20nSxl8oKb2MB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXhKsKjEN
c6iQwbQUMgcJ06CyXD351+tS4l/HTjyU0pQodUxWNLZYeV4tpyoIFxwat06tKV+a
cJP5UQjgI/8EnH+mWqsVDS5enMf1IizSzzMQN4PUvebEAY6xdHZeaFVchTtv8aGV
HHYwiu9czvDVf6QZY0sOhv3w8Aw1oePFBfwcas/AdTf9YgS/OcbhyfYNV23Uzv13
47M+CDf6v48A4Yh1rpC2S0bb/hwFM7uhFBwK6/mePnCvjhVgwx6Ysb1fTF1evCYE
xWQ4EUGudP6j7TbaNDlWLESqVRCsr1OQ5U/8yd1e6KMrKGxlTw3W387cVSCF1TY6
A27Uhkkehy+d1w==
-----END CERTIFICATE-----