Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
File:                     hUYhlvWiZe4_S4kOKGZyQCCNO68.mft (raw, json)
Hash identifier:          lMIk/yo3VfJe2ECYO43vlZuME2uG1Att97B7os7+n9M=
Subject key identifier:   C4:2B:D4:88:33:20:45:9D:19:43:EE:5C:D0:5E:2A:C8:79:A6:21:55
Authority key identifier: 85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF
Certificate issuer:       /CN=85462196f5a265ee3f4b890e28667240208d3baf
Certificate serial:       0196B66C389BE1370586E5291DC2C444BC46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
Manifest number:          036F
Signing time:             Fri 09 May 2025 19:01:07 +0000
Manifest this update:     Fri 09 May 2025 19:01:07 +0000
Manifest next update:     Sat 10 May 2025 19:01:07 +0000
Files and hashes:         1: hUYhlvWiZe4_S4kOKGZyQCCNO68.crl (hash: cNHC6YPgbL+BFJQwCfGyuGKHfWQKMt/6SkVuQqTvmrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b6:6c:38:9b:e1:37:05:86:e5:29:1d:c2:c4:44:bc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85462196f5a265ee3f4b890e28667240208d3baf
        Validity
            Not Before: May  9 19:01:07 2025 GMT
            Not After : May 10 19:01:07 2025 GMT
        Subject: CN=c42bd4883320459d1943ee5cd05e2ac879a62155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7a:f0:dc:7e:64:82:35:af:e3:08:df:20:2c:
                    2e:cb:f4:0e:ea:5a:a2:20:39:7d:58:aa:c5:ab:8f:
                    7b:92:3a:62:5d:f2:52:c1:34:66:e7:41:63:0d:6b:
                    ed:47:77:64:78:c2:68:74:59:6b:be:30:60:db:e8:
                    4b:d4:aa:7d:0f:e4:ad:80:86:eb:a0:b8:dc:aa:ee:
                    ef:2e:c4:6f:11:53:40:03:bb:10:ea:3c:87:2e:d5:
                    0f:1d:dc:be:24:72:51:4d:aa:a8:f9:ce:d9:bc:f8:
                    6f:27:4e:dd:b8:7d:5a:f1:30:68:a8:62:f7:f8:ad:
                    71:c1:e2:b8:ee:3c:06:75:f3:92:66:9c:60:38:0f:
                    71:81:e9:db:24:63:e7:56:df:54:82:8d:3c:96:a6:
                    e4:4b:a0:84:9c:93:69:50:b5:f9:04:f4:fc:53:c0:
                    e8:4d:e8:43:4c:00:8b:45:0f:df:e6:82:84:36:d1:
                    84:0a:b4:77:6b:a9:2c:14:66:8d:b9:b9:50:fb:7a:
                    3a:18:a3:5a:1e:2a:2b:ee:a1:ff:46:f5:28:26:73:
                    49:75:0d:7d:e5:fc:00:26:2a:74:ca:f7:0c:aa:ec:
                    e6:75:d5:e1:a1:c8:94:79:8b:9a:8f:31:76:43:67:
                    b9:01:03:66:11:05:8c:0f:4c:fa:1c:ee:1c:60:a4:
                    d9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:2B:D4:88:33:20:45:9D:19:43:EE:5C:D0:5E:2A:C8:79:A6:21:55
            X509v3 Authority Key Identifier:
                keyid:85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:69:95:02:5e:bc:30:48:ee:83:bd:e4:ad:03:e1:7c:33:ae:
         39:46:9d:6f:e7:7f:00:b0:ba:57:6d:9c:c5:ce:87:94:60:05:
         89:6e:d1:75:da:76:7a:e9:b8:b6:2b:24:2a:42:9c:dc:95:fe:
         38:73:9e:a4:e9:d3:02:ad:30:ed:b5:2b:db:cf:72:f4:9c:cc:
         e9:e3:9f:fc:6b:61:c4:5a:5d:d1:ff:96:d6:de:57:cc:b3:d5:
         53:79:59:a6:24:73:39:b1:f8:f4:70:73:02:a0:1c:f3:20:47:
         d8:d5:ea:d1:b3:d3:ac:e5:6c:15:1b:60:3f:56:80:84:ad:aa:
         7f:59:1c:e9:cf:9f:05:c5:36:3a:eb:41:a7:66:b0:01:e8:0a:
         bc:73:93:a6:92:22:27:6c:f0:b3:88:42:01:9d:ec:7d:61:51:
         9c:20:0d:e5:12:65:2b:c2:7d:a9:5b:3c:df:b4:ff:cb:4d:b3:
         5d:0c:33:b7:f0:d3:cc:6a:2a:18:f9:2a:8d:0f:dc:33:e3:d6:
         b1:d1:c9:5f:fe:98:fb:0b:3d:39:ee:62:c5:13:83:fa:db:46:
         74:b6:02:fd:69:76:12:2d:59:fd:59:b1:e0:db:d8:e0:a8:1b:
         46:0a:b3:aa:d7:04:a3:51:75:a4:e6:26:14:d4:9b:e1:7e:2b:
         16:c4:b0:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa2bDib4TcFhuUpHcLERLxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYyMTk2ZjVhMjY1ZWUzZjRiODkwZTI4NjY3MjQwMjA4
ZDNiYWYwHhcNMjUwNTA5MTkwMTA3WhcNMjUwNTEwMTkwMTA3WjAzMTEwLwYDVQQD
EyhjNDJiZDQ4ODMzMjA0NTlkMTk0M2VlNWNkMDVlMmFjODc5YTYyMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3rw3H5kgjWv4wjfICwuy/QO6lqi
IDl9WKrFq497kjpiXfJSwTRm50FjDWvtR3dkeMJodFlrvjBg2+hL1Kp9D+StgIbr
oLjcqu7vLsRvEVNAA7sQ6jyHLtUPHdy+JHJRTaqo+c7ZvPhvJ07duH1a8TBoqGL3
+K1xweK47jwGdfOSZpxgOA9xgenbJGPnVt9Ugo08lqbkS6CEnJNpULX5BPT8U8Do
TehDTACLRQ/f5oKENtGECrR3a6ksFGaNublQ+3o6GKNaHior7qH/RvUoJnNJdQ19
5fwAJip0yvcMquzmddXhociUeYuajzF2Q2e5AQNmEQWMD0z6HO4cYKTZDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQr1IgzIEWdGUPuXNBeKsh5piFVMB8GA1UdIwQY
MBaAFIVGIZb1omXuP0uJDihmckAgjTuvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQt
YWE2NDM0ZTU0ZjM5LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQtYWE2NDM0ZTU0ZjM5
LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGmVAl68
MEjug73krQPhfDOuOUadb+d/ALC6V22cxc6HlGAFiW7Rddp2eum4tiskKkKc3JX+
OHOepOnTAq0w7bUr289y9JzM6eOf/GthxFpd0f+W1t5XzLPVU3lZpiRzObH49HBz
AqAc8yBH2NXq0bPTrOVsFRtgP1aAhK2qf1kc6c+fBcU2OutBp2awAegKvHOTppIi
J2zws4hCAZ3sfWFRnCAN5RJlK8J9qVs837T/y02zXQwzt/DTzGoqGPkqjQ/cM+PW
sdHJX/6Y+ws9Oe5ixROD+ttGdLYC/Wl2Ei1Z/Vmx4NvY4KgbRgqzqtcEo1F1pOYm
FNSb4X4rFsSwpg==
-----END CERTIFICATE-----