Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
File:                     HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json)
Hash identifier:          ZqPDzRi5qP5GagvPYVhHY94JIhm/W3mh2hI8f9VyZLQ=
Subject key identifier:   2D:6C:81:70:46:7E:3F:94:95:43:8B:79:76:2B:A5:9F:67:18:AE:E5
Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8
Certificate issuer:       /CN=1d25d0c8845b79886c199345b890f5e8acd516d8
Certificate serial:       01969D1979F6C8D5B4CA4D66B7D9D508F211
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
Manifest number:          151D
Signing time:             Sun 04 May 2025 21:00:14 +0000
Manifest this update:     Sun 04 May 2025 21:00:14 +0000
Manifest next update:     Mon 05 May 2025 21:00:14 +0000
Files and hashes:         1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: XbfSsOHSged/momO/yj7dVEBTPM7/GKJHqh/f2LEt64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 21:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:19:79:f6:c8:d5:b4:ca:4d:66:b7:d9:d5:08:f2:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8
        Validity
            Not Before: May  4 21:00:14 2025 GMT
            Not After : May  5 21:00:14 2025 GMT
        Subject: CN=2d6c8170467e3f9495438b79762ba59f6718aee5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a9:bd:b1:45:11:25:4c:ff:10:45:91:4f:9d:
                    fa:07:a9:98:95:ab:80:14:f5:b2:19:bf:23:48:3e:
                    67:51:af:85:c1:9a:c0:cf:14:ba:c0:13:da:2d:b3:
                    fd:85:69:39:1e:2c:10:01:b4:4a:0b:a8:90:63:e8:
                    ca:d0:7b:df:4d:63:33:dc:12:7b:7a:18:a2:61:c8:
                    06:fb:8e:c0:d3:0e:d4:e8:71:5a:9f:42:24:c1:55:
                    6f:19:17:f7:dd:43:8d:4b:3d:08:53:8d:c7:27:ec:
                    f3:f7:0e:23:4a:c3:0b:03:c1:2b:4f:b7:44:20:c9:
                    59:02:6e:5a:0b:6b:e8:9f:ba:46:6a:1c:b2:af:97:
                    9c:76:9f:51:dd:ac:73:73:94:6e:06:5e:67:76:3d:
                    79:3f:3e:69:0b:94:e5:c3:dc:8e:6b:43:db:56:16:
                    4f:f8:6e:25:08:83:00:5e:13:79:55:27:84:22:65:
                    6f:6f:e2:3d:85:33:a1:e8:0f:5c:bf:18:16:94:de:
                    2e:cd:79:10:18:60:1b:2c:4d:85:b7:f5:63:1d:19:
                    9e:e5:d5:3b:88:8c:32:ce:d0:18:58:e5:77:ea:61:
                    c7:da:bf:c8:ec:9d:47:23:8b:a4:bd:db:c9:14:bb:
                    a7:ef:ba:d6:6e:89:e3:5b:27:a0:bf:b6:f3:df:fe:
                    b7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:6C:81:70:46:7E:3F:94:95:43:8B:79:76:2B:A5:9F:67:18:AE:E5
            X509v3 Authority Key Identifier:
                keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:c7:39:ba:c5:c9:39:3b:71:a1:d4:ad:eb:a9:06:13:93:b3:
         34:21:2a:83:19:45:d7:2e:b8:ca:0f:f5:95:b8:03:83:8f:7e:
         cb:8e:14:7b:61:6a:16:44:5b:b1:a3:74:a8:3e:ae:b0:e2:d8:
         f3:b6:db:99:6b:d9:4b:96:7e:ac:da:49:3b:cf:38:cf:bc:87:
         e4:78:46:92:6b:40:12:ab:b6:0b:b3:1d:5d:9d:96:e7:f7:f6:
         0f:98:91:9c:4b:03:41:87:63:c0:f9:70:80:79:f6:b3:94:f6:
         22:e3:94:ee:2f:2c:d1:e3:37:75:47:66:eb:0e:76:ce:18:69:
         9f:e4:b1:7e:0c:fa:a1:e8:f5:fc:f8:0b:a6:24:21:5a:93:97:
         66:2b:b9:e5:75:f1:be:b3:4c:26:d3:f6:4a:e0:bb:4a:45:bb:
         3a:55:2b:00:25:84:cf:66:f1:bf:f1:d7:c6:9b:f6:6f:c4:0f:
         6b:bb:43:6a:b0:92:24:be:b8:41:fa:96:2b:b3:f6:23:e0:2a:
         e5:2d:ac:a6:69:4d:63:0e:f3:48:b8:ab:92:18:7a:c4:bc:31:
         ca:74:f5:8b:9c:ea:f2:3e:6d:ae:6e:40:4e:92:89:93:f4:a4:
         79:10:d3:6e:dd:25:0e:2c:ee:d3:78:28:1f:93:ec:cd:45:48:
         37:c5:f3:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadGXn2yNW0yk1mt9nVCPIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk
NTE2ZDgwHhcNMjUwNTA0MjEwMDE0WhcNMjUwNTA1MjEwMDE0WjAzMTEwLwYDVQQD
EygyZDZjODE3MDQ2N2UzZjk0OTU0MzhiNzk3NjJiYTU5ZjY3MThhZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqm9sUURJUz/EEWRT536B6mYlauA
FPWyGb8jSD5nUa+FwZrAzxS6wBPaLbP9hWk5HiwQAbRKC6iQY+jK0HvfTWMz3BJ7
ehiiYcgG+47A0w7U6HFan0IkwVVvGRf33UONSz0IU43HJ+zz9w4jSsMLA8ErT7dE
IMlZAm5aC2von7pGahyyr5ecdp9R3axzc5RuBl5ndj15Pz5pC5Tlw9yOa0PbVhZP
+G4lCIMAXhN5VSeEImVvb+I9hTOh6A9cvxgWlN4uzXkQGGAbLE2Ft/VjHRme5dU7
iIwyztAYWOV36mHH2r/I7J1HI4ukvdvJFLun77rWbonjWyegv7bz3/63hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1sgXBGfj+UlUOLeXYrpZ9nGK7lMB8GA1UdIwQY
MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt
YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi
LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8c5usXJ
OTtxodSt66kGE5OzNCEqgxlF1y64yg/1lbgDg49+y44Ue2FqFkRbsaN0qD6usOLY
87bbmWvZS5Z+rNpJO884z7yH5HhGkmtAEqu2C7MdXZ2W5/f2D5iRnEsDQYdjwPlw
gHn2s5T2IuOU7i8s0eM3dUdm6w52zhhpn+Sxfgz6oej1/PgLpiQhWpOXZiu55XXx
vrNMJtP2SuC7SkW7OlUrACWEz2bxv/HXxpv2b8QPa7tDarCSJL64QfqWK7P2I+Aq
5S2spmlNYw7zSLirkhh6xLwxynT1i5zq8j5trm5ATpKJk/SkeRDTbt0lDizu03go
H5PszUVIN8XzLA==
-----END CERTIFICATE-----