Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          poIHsWI5iF4gqeQVJgfmMTgnF961KDgwxBozi8lzv5o=
Subject key identifier:   4F:B3:6A:B6:5C:CD:58:F2:AC:30:A0:34:A1:7B:5A:D3:1E:6A:84:55
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       0196A0F70E70696982210FE147C1B17142B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          0F1D
Signing time:             Mon 05 May 2025 15:01:07 +0000
Manifest this update:     Mon 05 May 2025 15:01:07 +0000
Manifest next update:     Tue 06 May 2025 15:01:07 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: CdUme5xwraBW+1K8nyOJdnxGZZIHYpHctEPClmVNMC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 15:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a0:f7:0e:70:69:69:82:21:0f:e1:47:c1:b1:71:42:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: May  5 15:01:07 2025 GMT
            Not After : May  6 15:01:07 2025 GMT
        Subject: CN=4fb36ab65ccd58f2ac30a034a17b5ad31e6a8455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:23:ff:7e:74:33:f6:38:c0:68:56:3f:7c:45:
                    19:51:10:d0:e5:2d:a1:69:0f:1b:35:3a:01:11:85:
                    b6:f0:0d:7d:f2:c3:ea:6a:87:b2:e0:b0:8b:43:cd:
                    be:ab:e6:98:17:b0:39:fa:53:4f:0d:ee:49:3a:9f:
                    b9:3d:85:6d:f7:d8:12:ad:93:99:bd:43:29:be:6d:
                    c5:bb:f0:d9:16:35:8f:b0:54:ee:9c:9c:f2:89:ad:
                    01:4e:9d:67:4b:f9:df:b4:88:83:a6:4c:fe:2f:5d:
                    36:5a:16:3c:c9:7e:09:7b:af:91:6c:db:23:a4:7d:
                    08:ca:86:b5:79:15:6d:f5:7d:3f:4a:29:01:c8:a3:
                    3b:9a:17:ba:c1:7a:2c:d5:b9:cd:75:50:a6:45:95:
                    a7:a2:91:56:4f:18:af:81:d5:33:9a:57:dd:74:ae:
                    af:ef:2b:ad:34:96:df:81:a3:59:d3:72:a0:24:6c:
                    2a:72:15:3a:f6:22:be:4e:ad:53:ea:b1:e3:7d:ba:
                    d6:f9:65:50:26:9d:d1:bb:33:eb:a3:40:a8:2e:d1:
                    1b:da:04:69:87:ca:ac:94:96:14:50:af:b2:29:67:
                    55:6f:9f:7d:fe:ee:e6:9c:a6:85:d4:be:9b:37:91:
                    d6:0e:ce:b1:69:4e:be:41:85:53:82:ed:89:74:c6:
                    5e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:B3:6A:B6:5C:CD:58:F2:AC:30:A0:34:A1:7B:5A:D3:1E:6A:84:55
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:2b:e9:5c:d7:e0:54:22:3e:08:ff:16:95:73:e9:45:25:5f:
         2c:38:65:29:7f:7c:fe:67:0f:79:91:48:e2:b6:bf:8f:0f:3d:
         54:8c:f6:a3:41:a1:f7:b2:fa:13:77:c4:d9:2c:ca:20:b6:6d:
         ef:3b:64:45:67:89:b7:93:91:95:80:d8:c0:59:9a:c2:15:91:
         14:25:46:3f:75:47:5c:cd:a9:35:30:bb:ea:b3:f4:65:8d:4b:
         9a:23:c5:3e:9b:83:48:e9:98:3f:f7:d3:3f:68:78:77:33:e8:
         a7:bc:4a:3d:ac:b3:b1:73:b4:9d:b3:a3:84:1a:6b:b7:4b:32:
         e8:28:68:22:ef:ea:19:da:42:86:ed:a8:f5:4d:b8:4d:ca:49:
         a7:8f:81:a4:0e:c4:2f:1e:f2:35:5b:5c:5e:a5:e2:fc:72:02:
         d1:fd:dd:5f:8b:7d:e8:52:d4:76:94:64:76:78:ce:73:c3:9b:
         1a:b9:25:a3:89:3a:8a:11:52:a8:f1:14:55:f0:51:a2:a3:7b:
         3d:e6:02:53:1c:13:36:77:c2:ff:f9:fe:e2:d4:05:f7:04:ba:
         da:59:da:bb:e5:cc:aa:4d:8d:36:61:9e:e4:c1:fd:00:15:b2:
         0a:80:19:bb:49:13:8d:dd:0c:b9:77:d5:b6:f9:ba:5b:9f:aa:
         7d:01:c7:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZag9w5waWmCIQ/hR8GxcUKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwNTA1MTUwMTA3WhcNMjUwNTA2MTUwMTA3WjAzMTEwLwYDVQQD
Eyg0ZmIzNmFiNjVjY2Q1OGYyYWMzMGEwMzRhMTdiNWFkMzFlNmE4NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCP/fnQz9jjAaFY/fEUZURDQ5S2h
aQ8bNToBEYW28A198sPqaoey4LCLQ82+q+aYF7A5+lNPDe5JOp+5PYVt99gSrZOZ
vUMpvm3Fu/DZFjWPsFTunJzyia0BTp1nS/nftIiDpkz+L102WhY8yX4Je6+RbNsj
pH0Iyoa1eRVt9X0/SikByKM7mhe6wXos1bnNdVCmRZWnopFWTxivgdUzmlfddK6v
7yutNJbfgaNZ03KgJGwqchU69iK+Tq1T6rHjfbrW+WVQJp3RuzPro0CoLtEb2gRp
h8qslJYUUK+yKWdVb599/u7mnKaF1L6bN5HWDs6xaU6+QYVTgu2JdMZe1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+zarZczVjyrDCgNKF7WtMeaoRVMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPyvpXNfg
VCI+CP8WlXPpRSVfLDhlKX98/mcPeZFI4ra/jw89VIz2o0Gh97L6E3fE2SzKILZt
7ztkRWeJt5ORlYDYwFmawhWRFCVGP3VHXM2pNTC76rP0ZY1LmiPFPpuDSOmYP/fT
P2h4dzPop7xKPayzsXO0nbOjhBprt0sy6ChoIu/qGdpChu2o9U24TcpJp4+BpA7E
Lx7yNVtcXqXi/HIC0f3dX4t96FLUdpRkdnjOc8ObGrklo4k6ihFSqPEUVfBRoqN7
PeYCUxwTNnfC//n+4tQF9wS62lnau+XMqk2NNmGe5MH9ABWyCoAZu0kTjd0MuXfV
tvm6W5+qfQHH4Q==
-----END CERTIFICATE-----