Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft
File:                     hfR7ZaUlMyab0hmBOlIDr92eXb4.mft (raw, json)
Hash identifier:          ZFwkNgBru1u52aGu72PjFIuVQSUs+GZQLkTK80nC/4Q=
Subject key identifier:   73:9C:CA:05:4D:33:07:19:88:8F:26:AE:1A:C3:52:6D:C5:9D:76:C3
Authority key identifier: 85:F4:7B:65:A5:25:33:26:9B:D2:19:81:3A:52:03:AF:DD:9E:5D:BE
Certificate issuer:       /CN=85f47b65a52533269bd219813a5203afdd9e5dbe
Certificate serial:       0196BDEE8F980F609CC942ADFB65501F258F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft
Manifest number:          1126
Signing time:             Sun 11 May 2025 06:00:50 +0000
Manifest this update:     Sun 11 May 2025 06:00:50 +0000
Manifest next update:     Mon 12 May 2025 06:00:50 +0000
Files and hashes:         1: hfR7ZaUlMyab0hmBOlIDr92eXb4.crl (hash: 2frz+29IX+cchBAVZP0KVLSGxEoKBbkycdYvgc6r4n8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:8f:98:0f:60:9c:c9:42:ad:fb:65:50:1f:25:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85f47b65a52533269bd219813a5203afdd9e5dbe
        Validity
            Not Before: May 11 06:00:50 2025 GMT
            Not After : May 12 06:00:50 2025 GMT
        Subject: CN=739cca054d330719888f26ae1ac3526dc59d76c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4f:3d:2d:e2:63:f3:f2:96:9f:20:5f:84:89:
                    43:af:65:91:4e:77:dd:26:2b:71:cc:94:fd:39:33:
                    48:06:59:12:62:0b:02:e0:03:7c:5c:de:28:2d:cd:
                    22:c0:e4:17:f3:f3:0c:ce:4c:c0:a8:84:19:8c:dc:
                    99:94:f8:1b:89:c0:0e:26:f9:96:7d:47:21:b1:f3:
                    5d:eb:8c:7c:df:c0:43:51:19:2c:11:ae:4e:f0:2e:
                    19:e8:f7:e0:36:70:72:68:fd:51:de:e6:44:58:c1:
                    66:46:21:9c:89:97:fa:c2:77:0f:ca:7a:91:16:ba:
                    63:7b:59:b9:2b:6e:85:51:d6:dc:2f:63:a5:c5:d8:
                    e8:b3:25:6f:1f:73:9c:26:22:e5:19:21:d2:b2:c8:
                    23:3b:88:55:10:43:20:34:51:cb:89:20:15:aa:eb:
                    0d:92:d7:13:8d:8e:95:cd:c2:dd:4d:67:d8:48:d7:
                    f2:35:91:c6:ce:13:5c:57:ce:48:3f:3a:f6:8f:fa:
                    ce:6e:92:c3:68:22:80:9a:5b:02:0c:57:d5:79:1a:
                    77:8c:1c:ca:a5:e6:dd:65:09:9c:5e:13:81:af:7f:
                    d8:92:e0:6a:cb:16:aa:de:bb:69:9d:1e:b7:29:0f:
                    4f:61:0f:3e:b3:bc:e7:98:c0:2b:53:ba:c1:e0:c7:
                    e4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:9C:CA:05:4D:33:07:19:88:8F:26:AE:1A:C3:52:6D:C5:9D:76:C3
            X509v3 Authority Key Identifier:
                keyid:85:F4:7B:65:A5:25:33:26:9B:D2:19:81:3A:52:03:AF:DD:9E:5D:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:e3:c2:96:da:eb:6b:90:e0:b1:20:42:2c:0f:21:1d:fc:6b:
         8b:fc:7d:da:79:de:e3:bd:02:bc:fb:43:8e:07:47:08:11:d1:
         3c:1a:36:99:3f:40:f1:7e:04:06:fc:69:16:bc:0e:a5:61:51:
         05:fa:27:d5:fb:2e:b7:a1:bc:c5:0b:fd:46:d1:2e:af:4d:4d:
         98:90:4c:cb:cc:4d:3d:13:ee:96:7f:99:d2:a9:53:91:f2:60:
         06:08:a4:e9:92:82:0e:f6:67:02:e3:78:18:e3:4a:62:aa:ee:
         dc:21:a5:be:8b:04:6f:48:6f:66:1c:37:6b:ec:a2:b1:7d:e6:
         d8:b4:85:08:eb:81:38:24:76:60:c9:2e:76:f5:39:65:df:0e:
         51:02:79:95:36:6c:d8:ea:3d:18:f0:82:04:06:89:a7:d3:39:
         c6:c7:81:04:8a:3c:bd:e1:e3:34:d4:34:85:72:86:74:e2:6e:
         ba:97:9c:a6:88:f8:80:17:78:13:b1:04:07:c0:21:ab:a3:fa:
         a9:ba:dd:90:5a:dd:8f:5b:cb:9b:53:d4:1d:0b:32:0d:39:37:
         3e:74:65:26:c0:a6:93:c8:de:61:e9:6b:cc:bf:04:5a:54:31:
         9a:c6:a7:85:89:58:30:8e:0d:d1:56:53:89:c7:4c:ea:6a:36:
         8a:56:01:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97o+YD2CcyUKt+2VQHyWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjQ3YjY1YTUyNTMzMjY5YmQyMTk4MTNhNTIwM2FmZGQ5
ZTVkYmUwHhcNMjUwNTExMDYwMDUwWhcNMjUwNTEyMDYwMDUwWjAzMTEwLwYDVQQD
Eyg3MzljY2EwNTRkMzMwNzE5ODg4ZjI2YWUxYWMzNTI2ZGM1OWQ3NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk89LeJj8/KWnyBfhIlDr2WRTnfd
JitxzJT9OTNIBlkSYgsC4AN8XN4oLc0iwOQX8/MMzkzAqIQZjNyZlPgbicAOJvmW
fUchsfNd64x838BDURksEa5O8C4Z6PfgNnByaP1R3uZEWMFmRiGciZf6wncPynqR
Frpje1m5K26FUdbcL2OlxdjosyVvH3OcJiLlGSHSssgjO4hVEEMgNFHLiSAVqusN
ktcTjY6VzcLdTWfYSNfyNZHGzhNcV85IPzr2j/rObpLDaCKAmlsCDFfVeRp3jBzK
pebdZQmcXhOBr3/YkuBqyxaq3rtpnR63KQ9PYQ8+s7znmMArU7rB4Mfk6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOcygVNMwcZiI8mrhrDUm3FnXbDMB8GA1UdIwQY
MBaAFIX0e2WlJTMmm9IZgTpSA6/dnl2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy82MzNmZjQtNDZlOC00MjA0LWI2MzYt
MjQxMzc4MmM3MTY2LzEvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy82MzNmZjQtNDZlOC00MjA0LWI2MzYtMjQxMzc4MmM3MTY2
LzEvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuPCltrr
a5DgsSBCLA8hHfxri/x92nne470CvPtDjgdHCBHRPBo2mT9A8X4EBvxpFrwOpWFR
Bfon1fsut6G8xQv9RtEur01NmJBMy8xNPRPuln+Z0qlTkfJgBgik6ZKCDvZnAuN4
GONKYqru3CGlvosEb0hvZhw3a+yisX3m2LSFCOuBOCR2YMkudvU5Zd8OUQJ5lTZs
2Oo9GPCCBAaJp9M5xseBBIo8veHjNNQ0hXKGdOJuupecpoj4gBd4E7EEB8Ahq6P6
qbrdkFrdj1vLm1PUHQsyDTk3PnRlJsCmk8jeYelrzL8EWlQxmsanhYlYMI4N0VZT
icdM6mo2ilYB2w==
-----END CERTIFICATE-----