Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
File:                     hheg4tbmBy6I03dN18z78HochjI.mft (raw, json)
Hash identifier:          XfF940Mfe3bPs0vgK8vIhH5vSFDWe+z2OWdEB7jsro4=
Subject key identifier:   9A:E3:E7:68:E6:D8:B5:6F:18:2E:43:BF:A3:3F:4F:91:8D:44:7D:CF
Authority key identifier: 86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32
Certificate issuer:       /CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
Certificate serial:       0196D02BBD10F06294AD1B39129AA1B1CCEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
Manifest number:          112F
Signing time:             Wed 14 May 2025 19:00:49 +0000
Manifest this update:     Wed 14 May 2025 19:00:49 +0000
Manifest next update:     Thu 15 May 2025 19:00:49 +0000
Files and hashes:         1: hheg4tbmBy6I03dN18z78HochjI.crl (hash: 3TYUkBL2+cbfbrZUMgS+CtKEVUY18G7zq/7EZEaTAWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 14:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d0:2b:bd:10:f0:62:94:ad:1b:39:12:9a:a1:b1:cc:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
        Validity
            Not Before: May 14 19:00:49 2025 GMT
            Not After : May 15 19:00:49 2025 GMT
        Subject: CN=9ae3e768e6d8b56f182e43bfa33f4f918d447dcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:61:09:51:bb:50:2f:ad:77:cd:e2:be:23:
                    92:d7:3e:07:3b:bd:4a:d2:3e:b4:17:c8:69:27:5b:
                    d0:a4:fb:35:72:61:a9:6a:fc:dc:3e:30:3f:48:fd:
                    18:92:5d:a6:a0:f0:1f:5b:81:b4:03:d6:47:e6:3c:
                    14:55:bc:c5:d9:f6:05:70:ca:6d:20:47:c5:9d:0f:
                    c3:52:58:a5:5a:a4:ac:76:1f:02:79:34:cf:28:e7:
                    e8:7a:30:25:2f:86:36:8f:7f:2f:cf:15:07:6b:87:
                    54:86:85:00:a8:4a:8e:cb:4a:e1:7b:b0:7e:ae:6d:
                    09:72:25:4f:4d:3f:e2:86:20:f6:5f:4d:69:01:36:
                    3a:39:d8:f5:75:98:d4:f0:7f:7b:7b:73:50:a4:29:
                    5e:35:8d:ac:6b:3d:f5:10:35:19:88:ef:22:45:cc:
                    0f:32:51:a4:75:28:92:87:c4:47:a9:7c:09:2e:63:
                    ba:6a:2a:93:cb:63:b7:35:16:d0:e1:f8:5a:58:78:
                    2e:06:0d:0a:6d:24:59:f8:2c:b1:ee:99:e8:e2:19:
                    25:19:5c:89:09:1d:53:92:34:b2:b0:f9:c2:4a:0e:
                    a1:e6:ea:64:34:80:50:1e:d4:a8:d4:df:83:1a:09:
                    d5:f2:aa:c3:c7:7c:5b:4a:4a:e6:f1:2f:c0:95:78:
                    63:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:E3:E7:68:E6:D8:B5:6F:18:2E:43:BF:A3:3F:4F:91:8D:44:7D:CF
            X509v3 Authority Key Identifier:
                keyid:86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:38:06:d6:13:b8:dc:30:a4:f9:9d:a7:05:c4:21:0b:b0:ee:
         e1:53:6a:de:ca:e6:87:b9:4f:07:82:a2:a6:55:2a:55:51:bc:
         6f:8a:cc:11:26:0e:e7:b6:7d:52:30:1f:e4:96:85:cf:6e:8f:
         c7:ea:c2:0f:9d:21:3c:f0:72:3d:28:bb:7a:36:24:8a:a1:0f:
         ef:ed:0a:29:9b:c1:29:b6:d1:54:23:81:79:ae:78:37:8d:0a:
         3a:b1:f8:e5:c5:94:42:f8:f0:a5:b8:d5:bf:2d:63:d3:c6:04:
         3c:f6:24:75:66:42:02:ed:48:da:07:6f:63:8f:dc:8a:25:42:
         85:54:5b:98:f6:78:63:84:01:53:74:d5:9c:7d:0a:06:a3:2d:
         c0:f1:e6:70:ec:6b:00:ed:1e:65:74:11:a6:4b:6f:b0:3b:fe:
         63:3a:e8:6c:28:19:6c:b2:62:0a:8b:e7:91:37:29:af:d9:76:
         d6:a2:69:da:55:d8:25:5e:c6:a6:28:8d:85:5b:86:25:2a:c0:
         3a:0e:8d:48:d4:fa:f3:89:c6:f4:c1:ae:80:4e:2e:72:2f:7f:
         37:8f:40:fd:0a:87:d9:9b:7c:1c:05:d8:70:70:da:41:71:9b:
         58:0a:c1:e8:be:42:05:e5:51:78:d9:9e:e3:17:0e:7a:24:94:
         df:eb:c7:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbQK70Q8GKUrRs5EpqhsczsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTdhMGUyZDZlNjA3MmU4OGQzNzc0ZGQ3Y2NmYmYwN2Ex
Yzg2MzIwHhcNMjUwNTE0MTkwMDQ5WhcNMjUwNTE1MTkwMDQ5WjAzMTEwLwYDVQQD
Eyg5YWUzZTc2OGU2ZDhiNTZmMTgyZTQzYmZhMzNmNGY5MThkNDQ3ZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGthCVG7UC+td83iviOS1z4HO71K
0j60F8hpJ1vQpPs1cmGpavzcPjA/SP0Ykl2moPAfW4G0A9ZH5jwUVbzF2fYFcMpt
IEfFnQ/DUlilWqSsdh8CeTTPKOfoejAlL4Y2j38vzxUHa4dUhoUAqEqOy0rhe7B+
rm0JciVPTT/ihiD2X01pATY6Odj1dZjU8H97e3NQpCleNY2saz31EDUZiO8iRcwP
MlGkdSiSh8RHqXwJLmO6aiqTy2O3NRbQ4fhaWHguBg0KbSRZ+Cyx7pno4hklGVyJ
CR1TkjSysPnCSg6h5upkNIBQHtSo1N+DGgnV8qrDx3xbSkrm8S/AlXhjUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrj52jm2LVvGC5Dv6M/T5GNRH3PMB8GA1UdIwQY
MBaAFIYXoOLW5gcuiNN3TdfM+/B6HIYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5Njgt
ZWJkYzMyYTZhYjI3LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5NjgtZWJkYzMyYTZhYjI3
LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTgG1hO4
3DCk+Z2nBcQhC7Du4VNq3srmh7lPB4KiplUqVVG8b4rMESYO57Z9UjAf5JaFz26P
x+rCD50hPPByPSi7ejYkiqEP7+0KKZvBKbbRVCOBea54N40KOrH45cWUQvjwpbjV
vy1j08YEPPYkdWZCAu1I2gdvY4/ciiVChVRbmPZ4Y4QBU3TVnH0KBqMtwPHmcOxr
AO0eZXQRpktvsDv+YzrobCgZbLJiCovnkTcpr9l21qJp2lXYJV7GpiiNhVuGJSrA
Og6NSNT684nG9MGugE4uci9/N49A/QqH2Zt8HAXYcHDaQXGbWArB6L5CBeVReNme
4xcOeiSU3+vHOg==
-----END CERTIFICATE-----