Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          nRGJwFvpR4zXyFGlF2xKpmEfo20iAjQtr9LbpdfGRYc=
Subject key identifier:   5B:8C:79:F7:52:06:AC:94:24:CC:19:FE:DC:2F:CD:FE:BD:60:E0:2C
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       0196BAED0ACC77278BE186B90ED4697A950E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          09FE
Signing time:             Sat 10 May 2025 16:00:18 +0000
Manifest this update:     Sat 10 May 2025 16:00:18 +0000
Manifest next update:     Sun 11 May 2025 16:00:18 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: ckO3U3Bfxf+pgM/cNmR5h94RYbqI8zOBB2YkzIyMt+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ba:ed:0a:cc:77:27:8b:e1:86:b9:0e:d4:69:7a:95:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: May 10 16:00:18 2025 GMT
            Not After : May 11 16:00:18 2025 GMT
        Subject: CN=5b8c79f75206ac9424cc19fedc2fcdfebd60e02c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:95:09:e0:37:90:f6:90:c5:3c:d2:d9:5e:08:
                    99:8b:af:f2:3c:e7:5b:50:17:5c:e9:dd:71:6f:2b:
                    27:9f:bb:61:08:ed:88:20:97:0d:25:b1:07:3c:b7:
                    9c:3d:5e:5a:2f:e2:63:f0:cf:44:67:e9:b9:82:b1:
                    d2:24:a4:20:26:06:13:f7:48:84:9c:88:46:fd:34:
                    88:1c:f8:3c:ba:ea:13:ad:25:15:a4:ad:c0:c0:f4:
                    6d:19:fe:75:bc:84:c8:5a:64:28:30:7e:87:bc:8e:
                    9d:25:55:a1:01:80:05:1e:07:26:3b:96:78:41:83:
                    98:1c:b2:01:25:fd:f2:80:f5:93:6d:f9:a6:27:51:
                    dc:17:fb:62:2c:f2:fa:7b:ef:02:ac:ad:64:b6:1c:
                    af:91:55:20:b6:39:7a:5c:83:9e:f9:67:f6:6f:a7:
                    87:3e:b4:f8:4a:7f:66:c8:d5:c0:b6:ee:68:2e:63:
                    29:f7:c7:1a:08:0b:54:ba:7f:37:2a:0c:9c:d9:2d:
                    65:82:21:de:07:6e:9a:65:7f:3c:0c:97:8d:95:2f:
                    8f:4f:c0:ac:29:e4:3c:5e:ee:0c:6a:52:aa:d0:33:
                    f6:06:65:73:43:ce:39:ab:0e:dc:b1:16:2f:be:b2:
                    c6:25:42:b8:83:0e:fc:5a:19:88:4f:47:dc:6a:ec:
                    dc:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:8C:79:F7:52:06:AC:94:24:CC:19:FE:DC:2F:CD:FE:BD:60:E0:2C
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:56:4c:dc:9f:ec:d8:f6:25:b4:a4:bd:93:dd:03:ed:17:5f:
         ae:eb:e8:d8:7b:de:3b:c7:98:6a:02:a2:7f:ab:3e:87:ab:8a:
         61:b6:4b:43:d9:39:2a:73:6c:89:df:a1:89:ee:8d:00:c1:41:
         b1:19:48:ca:68:75:cf:15:ac:d4:33:ee:12:26:47:cc:07:2e:
         65:9f:86:f6:3e:dc:6b:ba:0b:d5:b8:25:f1:db:65:71:4d:e2:
         1e:73:6d:61:ba:3a:51:d1:6c:ae:dc:dd:5b:8e:f3:5f:50:7f:
         aa:55:59:c9:92:ba:c7:fd:6c:16:76:09:3b:1d:54:61:b7:54:
         e5:4c:24:0f:74:87:06:39:27:33:52:ab:43:53:51:c1:eb:ef:
         7c:5a:08:9e:76:61:f0:90:33:de:49:8b:7a:11:ce:26:c1:b6:
         a2:8f:65:8f:2b:5c:7c:e6:a0:99:38:ea:7b:2b:db:3b:dd:a2:
         51:fe:45:22:40:6a:5e:59:91:18:98:cd:bc:4b:75:01:03:ee:
         78:8b:88:a0:8f:6d:54:f9:87:12:00:46:10:72:98:cf:a6:25:
         4d:e9:fd:9f:9b:46:af:76:2d:f4:43:fa:e2:64:cf:a7:8d:dd:
         f1:37:e7:5e:de:1f:b8:eb:c7:23:c8:10:e7:a0:f9:d0:c6:cf:
         39:36:be:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa67QrMdyeL4Ya5DtRpepUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUwNTEwMTYwMDE4WhcNMjUwNTExMTYwMDE4WjAzMTEwLwYDVQQD
Eyg1YjhjNzlmNzUyMDZhYzk0MjRjYzE5ZmVkYzJmY2RmZWJkNjBlMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5UJ4DeQ9pDFPNLZXgiZi6/yPOdb
UBdc6d1xbysnn7thCO2IIJcNJbEHPLecPV5aL+Jj8M9EZ+m5grHSJKQgJgYT90iE
nIhG/TSIHPg8uuoTrSUVpK3AwPRtGf51vITIWmQoMH6HvI6dJVWhAYAFHgcmO5Z4
QYOYHLIBJf3ygPWTbfmmJ1HcF/tiLPL6e+8CrK1kthyvkVUgtjl6XIOe+Wf2b6eH
PrT4Sn9myNXAtu5oLmMp98caCAtUun83Kgyc2S1lgiHeB26aZX88DJeNlS+PT8Cs
KeQ8Xu4MalKq0DP2BmVzQ845qw7csRYvvrLGJUK4gw78WhmIT0fcauzcXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFuMefdSBqyUJMwZ/twvzf69YOAsMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABFZM3J/s
2PYltKS9k90D7Rdfruvo2HveO8eYagKif6s+h6uKYbZLQ9k5KnNsid+hie6NAMFB
sRlIymh1zxWs1DPuEiZHzAcuZZ+G9j7ca7oL1bgl8dtlcU3iHnNtYbo6UdFsrtzd
W47zX1B/qlVZyZK6x/1sFnYJOx1UYbdU5UwkD3SHBjknM1KrQ1NRwevvfFoInnZh
8JAz3kmLehHOJsG2oo9ljytcfOagmTjqeyvbO92iUf5FIkBqXlmRGJjNvEt1AQPu
eIuIoI9tVPmHEgBGEHKYz6YlTen9n5tGr3Yt9EP64mTPp43d8TfnXt4fuOvHI8gQ
56D50MbPOTa+4g==
-----END CERTIFICATE-----