Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          NWMCy55QJ8YWPMPcTLzaVW83dhKmxRLiZzzxQicQUdc=
Subject key identifier:   2A:DC:0D:76:DB:CB:DB:6D:63:A1:C3:E2:9B:B4:4D:1F:B2:DC:79:2F
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       0196BE5CB84088A2DCB6399E28FD4C453506
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          F1
Signing time:             Sun 11 May 2025 08:01:09 +0000
Manifest this update:     Sun 11 May 2025 08:01:09 +0000
Manifest next update:     Mon 12 May 2025 08:01:09 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: ReKfwwkDekWK/z8Wz5jM8Fgfkjjo23B8/eAeT9wZiAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:b8:40:88:a2:dc:b6:39:9e:28:fd:4c:45:35:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: May 11 08:01:09 2025 GMT
            Not After : May 12 08:01:09 2025 GMT
        Subject: CN=2adc0d76dbcbdb6d63a1c3e29bb44d1fb2dc792f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:93:88:b9:da:e6:94:90:9a:20:69:20:7e:fa:
                    82:cb:27:49:a7:26:07:ac:a5:87:e1:5c:d3:0a:a5:
                    8d:d5:07:64:c2:38:80:1c:d9:08:9f:59:95:01:ad:
                    62:47:56:ed:89:c9:df:9b:d9:58:cd:9f:0a:b1:7b:
                    3e:14:22:1b:b7:dc:d0:b1:46:3e:95:a5:74:05:cb:
                    ad:ec:83:29:a8:a8:05:da:b7:40:56:29:a0:04:e5:
                    e8:9c:43:0c:60:87:3f:87:5c:16:98:f4:21:33:df:
                    74:43:e4:e2:aa:86:0c:8a:61:39:38:0b:fc:0d:78:
                    3f:29:c7:8f:bc:8f:37:61:83:18:c7:f3:30:9c:5a:
                    bb:d0:33:9a:f3:bc:a4:44:f1:66:6c:65:05:f3:5a:
                    ed:85:80:42:e6:e5:53:4c:44:0b:c6:a2:c3:a9:e7:
                    81:1f:5e:28:a3:8b:69:98:a3:b7:4b:c7:ba:ed:da:
                    ef:22:3a:c5:fb:87:d4:f7:01:1b:46:38:fe:a5:54:
                    11:9c:60:1a:8f:6e:a2:f9:23:63:fe:b0:3f:cc:0d:
                    ce:29:9d:88:61:c3:88:0d:91:c4:78:0a:b8:5b:79:
                    8b:2f:97:af:48:2e:6d:66:ed:7d:4d:6b:a3:eb:a8:
                    a6:77:fd:c5:0b:ca:f6:0d:d7:84:04:f1:cd:6c:88:
                    b4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:DC:0D:76:DB:CB:DB:6D:63:A1:C3:E2:9B:B4:4D:1F:B2:DC:79:2F
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:3c:77:78:f8:0e:c0:24:6d:a6:ce:f7:b8:6c:9a:dc:e5:76:
         32:36:a4:bd:22:d7:a7:f0:98:ab:87:29:2a:2e:ef:39:58:18:
         4f:5c:68:80:64:79:44:bc:2e:c4:21:94:71:33:58:7d:97:28:
         81:40:76:18:cc:40:c6:a4:51:50:03:60:68:f9:f1:b8:d2:95:
         55:26:49:03:55:8a:e5:69:92:86:e1:24:4e:31:3c:12:34:50:
         77:7f:4c:46:b1:7a:09:15:0d:02:da:5c:df:91:0b:95:ed:e9:
         cc:e1:51:a5:e8:8c:2d:04:e6:9b:36:95:78:0b:88:80:f3:b8:
         45:5a:73:6a:83:1e:c5:de:52:4c:48:33:2e:79:87:97:f0:1d:
         2d:ec:4a:f6:fa:c5:85:e5:fe:5b:c7:bc:fb:23:1b:ad:65:93:
         c5:d0:e0:83:b8:d7:8d:ca:d4:c5:e9:9d:06:44:24:15:46:4b:
         c6:84:ef:8a:89:cb:fb:49:41:4a:18:9c:64:33:f1:3b:70:be:
         46:12:f0:8c:e4:25:19:d2:70:d3:7b:a2:78:14:72:7e:a9:cc:
         f2:38:53:c1:75:79:1a:60:bd:2a:07:92:56:60:28:7f:18:12:
         bd:3e:c4:58:86:3a:21:2f:0d:b8:64:67:be:3f:40:0b:d2:5b:
         67:49:23:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XLhAiKLctjmeKP1MRTUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwNTExMDgwMTA5WhcNMjUwNTEyMDgwMTA5WjAzMTEwLwYDVQQD
EygyYWRjMGQ3NmRiY2JkYjZkNjNhMWMzZTI5YmI0NGQxZmIyZGM3OTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJOIudrmlJCaIGkgfvqCyydJpyYH
rKWH4VzTCqWN1QdkwjiAHNkIn1mVAa1iR1bticnfm9lYzZ8KsXs+FCIbt9zQsUY+
laV0Bcut7IMpqKgF2rdAVimgBOXonEMMYIc/h1wWmPQhM990Q+TiqoYMimE5OAv8
DXg/KcePvI83YYMYx/MwnFq70DOa87ykRPFmbGUF81rthYBC5uVTTEQLxqLDqeeB
H14oo4tpmKO3S8e67drvIjrF+4fU9wEbRjj+pVQRnGAaj26i+SNj/rA/zA3OKZ2I
YcOIDZHEeAq4W3mLL5evSC5tZu19TWuj66imd/3FC8r2DdeEBPHNbIi0cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrcDXbby9ttY6HD4pu0TR+y3HkvMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjx3ePgO
wCRtps73uGya3OV2MjakvSLXp/CYq4cpKi7vOVgYT1xogGR5RLwuxCGUcTNYfZco
gUB2GMxAxqRRUANgaPnxuNKVVSZJA1WK5WmShuEkTjE8EjRQd39MRrF6CRUNAtpc
35ELle3pzOFRpeiMLQTmmzaVeAuIgPO4RVpzaoMexd5STEgzLnmHl/AdLexK9vrF
heX+W8e8+yMbrWWTxdDgg7jXjcrUxemdBkQkFUZLxoTvionL+0lBShicZDPxO3C+
RhLwjOQlGdJw03uieBRyfqnM8jhTwXV5GmC9KgeSVmAofxgSvT7EWIY6IS8NuGRn
vj9AC9JbZ0kj2A==
-----END CERTIFICATE-----