Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          3WM+UDYzH/nF4aEVqE2LVzUJ/mO+k8kGXWwutQ0IiU4=
Subject key identifier:   3B:45:7E:52:7B:47:1D:5B:1C:AF:63:5F:D8:F8:A8:EE:F2:A6:66:F8
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       0196CB0527224CFEC23560343AB1B07F4067
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A18
Signing time:             Tue 13 May 2025 19:00:34 +0000
Manifest this update:     Tue 13 May 2025 19:00:34 +0000
Manifest next update:     Wed 14 May 2025 19:00:34 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: ATr6xml1Y/p0GPiOdm8zptz51C4ivcjLbg6YzTSo6WI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 19:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:05:27:22:4c:fe:c2:35:60:34:3a:b1:b0:7f:40:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: May 13 19:00:34 2025 GMT
            Not After : May 14 19:00:34 2025 GMT
        Subject: CN=3b457e527b471d5b1caf635fd8f8a8eef2a666f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f4:eb:95:a0:ca:0f:1e:17:bb:fa:62:f4:bb:
                    2f:4a:9e:3b:43:fc:a9:5b:67:3f:73:92:a5:46:51:
                    a0:1e:96:64:b3:0c:ab:73:08:41:82:9d:ad:49:4c:
                    c6:f6:b5:3a:21:39:81:6d:26:24:e7:7d:6b:96:1b:
                    64:85:1e:99:ee:8b:b7:7a:c1:e4:41:1c:6b:83:c5:
                    1c:a1:c0:8f:0d:3f:d4:0f:df:f6:20:2c:fb:45:e9:
                    fc:87:ef:c0:d6:f9:d6:d7:3f:7d:50:06:cc:7c:c5:
                    8e:7d:d0:cd:79:59:5c:e8:9d:5d:f8:e6:17:3a:8b:
                    98:c1:ec:38:01:13:90:51:9c:c8:4d:e9:5b:ed:16:
                    c9:ad:b0:48:b6:dc:90:49:f3:5d:45:0f:71:80:cd:
                    45:a6:1c:2a:cc:c1:38:68:ca:8c:28:4b:e7:cb:a5:
                    d3:ea:db:09:2b:89:d2:77:b5:4a:6f:5a:1a:4b:a1:
                    5e:5e:b3:4d:71:76:90:92:01:83:1b:39:65:53:3b:
                    b0:f2:bb:39:77:9a:7f:e0:98:02:a3:5c:61:bd:e1:
                    40:9d:53:f5:5d:5c:0b:51:2e:6c:ed:6a:a6:2c:76:
                    1b:12:f1:4b:12:13:35:3b:fb:0d:15:fc:1e:53:cf:
                    27:fa:f5:9c:38:f7:c8:ec:6f:3e:e9:62:c5:bf:02:
                    85:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:45:7E:52:7B:47:1D:5B:1C:AF:63:5F:D8:F8:A8:EE:F2:A6:66:F8
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:38:e7:84:b5:ee:d5:1b:85:14:37:71:eb:4d:b1:e4:9f:45:
         36:c2:9b:9e:43:fc:c4:cf:c8:5f:c6:5a:d6:2a:c6:53:71:19:
         43:2e:23:b1:92:9f:05:03:f6:c1:ce:d9:10:09:99:0a:59:6d:
         29:49:de:ad:52:f3:4f:71:f7:f0:c1:7c:2a:87:92:14:3a:fd:
         6d:19:43:9b:ba:35:83:f8:f5:9a:c6:4c:6e:a1:26:f5:60:d9:
         07:9a:a9:3d:ec:ff:ed:25:ba:af:07:84:c6:bd:f8:14:7e:a9:
         c9:a4:c1:7a:27:e2:5c:20:ed:a0:b0:08:13:3c:88:a4:82:26:
         e1:db:8e:21:26:80:2f:fb:33:80:0a:d4:bd:45:a7:8f:44:31:
         70:71:26:9c:ad:db:d6:6b:59:3c:b4:c3:c5:60:ca:13:a8:9d:
         81:76:2d:fe:e2:97:07:7e:af:96:2a:39:6d:e8:64:04:92:68:
         44:de:bc:c0:18:bf:5a:8b:62:6e:99:d9:bb:35:66:59:61:6e:
         19:54:e4:72:d8:43:d6:25:07:77:52:ca:7b:65:91:0b:2d:e8:
         b4:f3:05:79:9c:cd:0b:11:1c:ca:6b:19:7d:df:90:0f:c0:0e:
         52:50:90:c0:58:ee:07:1a:e8:1c:9c:6e:93:16:d2:d3:0f:6a:
         8a:e5:ef:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLBSciTP7CNWA0OrGwf0BnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNTEzMTkwMDM0WhcNMjUwNTE0MTkwMDM0WjAzMTEwLwYDVQQD
EygzYjQ1N2U1MjdiNDcxZDViMWNhZjYzNWZkOGY4YThlZWYyYTY2NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPTrlaDKDx4Xu/pi9LsvSp47Q/yp
W2c/c5KlRlGgHpZkswyrcwhBgp2tSUzG9rU6ITmBbSYk531rlhtkhR6Z7ou3esHk
QRxrg8UcocCPDT/UD9/2ICz7Ren8h+/A1vnW1z99UAbMfMWOfdDNeVlc6J1d+OYX
OouYwew4AROQUZzITelb7RbJrbBIttyQSfNdRQ9xgM1FphwqzME4aMqMKEvny6XT
6tsJK4nSd7VKb1oaS6FeXrNNcXaQkgGDGzllUzuw8rs5d5p/4JgCo1xhveFAnVP1
XVwLUS5s7WqmLHYbEvFLEhM1O/sNFfweU88n+vWcOPfI7G8+6WLFvwKFqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtFflJ7Rx1bHK9jX9j4qO7ypmb4MB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzjnhLXu
1RuFFDdx602x5J9FNsKbnkP8xM/IX8Za1irGU3EZQy4jsZKfBQP2wc7ZEAmZCllt
KUnerVLzT3H38MF8KoeSFDr9bRlDm7o1g/j1msZMbqEm9WDZB5qpPez/7SW6rweE
xr34FH6pyaTBeifiXCDtoLAIEzyIpIIm4duOISaAL/szgArUvUWnj0QxcHEmnK3b
1mtZPLTDxWDKE6idgXYt/uKXB36vlio5behkBJJoRN68wBi/WotibpnZuzVmWWFu
GVTkcthD1iUHd1LKe2WRCy3otPMFeZzNCxEcymsZfd+QD8AOUlCQwFjuBxroHJxu
kxbS0w9qiuXv7Q==
-----END CERTIFICATE-----