Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
File:                     hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft (raw, json)
Hash identifier:          olW1Ly/LYS9ZqmSVyeFfwtC0i9maspL4AJc15mGqI4w=
Subject key identifier:   8B:FC:97:1B:98:D2:B8:42:88:F6:E7:C0:00:D3:B8:08:74:25:E8:4A
Authority key identifier: 84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
Certificate issuer:       /CN=84f590ca62c246440583818c31f2573a0f50ffd0
Certificate serial:       0196BE252D17B2D630CF9C24F9B9412EFA88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
Manifest number:          0948
Signing time:             Sun 11 May 2025 07:00:29 +0000
Manifest this update:     Sun 11 May 2025 07:00:29 +0000
Manifest next update:     Mon 12 May 2025 07:00:29 +0000
Files and hashes:         1: hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl (hash: ubL0M6Pago5gAArec95IaeTvTp6UKqmwq+51ZFTcdso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:25:2d:17:b2:d6:30:cf:9c:24:f9:b9:41:2e:fa:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f590ca62c246440583818c31f2573a0f50ffd0
        Validity
            Not Before: May 11 07:00:29 2025 GMT
            Not After : May 12 07:00:29 2025 GMT
        Subject: CN=8bfc971b98d2b84288f6e7c000d3b8087425e84a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:86:d3:2c:d8:70:75:55:1e:ae:ad:cc:93:54:
                    ad:a9:80:f9:5e:85:a3:94:16:81:57:4d:27:e2:98:
                    fc:11:10:a3:df:28:d3:61:31:41:f1:33:4a:3e:b6:
                    40:57:81:d7:f8:1f:d9:e0:81:54:7c:53:8c:5e:63:
                    a0:fb:5c:be:32:33:ca:c1:84:38:7b:27:45:d4:8f:
                    8c:4c:5f:28:5e:17:3e:a9:07:b2:48:42:ed:75:c4:
                    f2:8d:36:68:7c:6a:1a:77:fc:b9:eb:0f:ab:6b:2e:
                    b3:fc:60:9d:6a:62:87:28:10:59:01:44:27:5b:db:
                    45:97:44:3f:30:01:f3:8e:5d:67:65:d3:1c:86:31:
                    23:2d:d6:36:fd:38:79:40:71:4d:82:fb:2f:1b:a3:
                    fd:be:cd:e0:ee:cf:34:72:27:61:5a:52:f3:82:ad:
                    d9:47:ec:c5:e7:81:59:da:31:f6:85:4b:19:d8:a9:
                    3b:81:b0:ea:fa:be:9b:e9:c5:78:0e:ff:a0:92:6a:
                    05:57:8b:9d:ec:dd:6e:e9:3c:93:97:05:c6:0a:1d:
                    be:20:db:c6:6c:eb:70:39:de:9e:a8:c9:32:ab:69:
                    11:8a:17:ff:f0:40:bc:ae:a2:13:8d:2a:da:de:9c:
                    8d:50:87:e6:d0:76:4f:8e:ba:62:bc:bc:dc:46:52:
                    c7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:FC:97:1B:98:D2:B8:42:88:F6:E7:C0:00:D3:B8:08:74:25:E8:4A
            X509v3 Authority Key Identifier:
                keyid:84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:fa:3a:8c:ef:1c:cc:ee:74:c4:bf:f9:10:f1:03:e2:e7:7a:
         26:f2:61:49:d2:c4:59:fb:a9:5f:ba:bb:f8:12:ce:fe:a6:3c:
         d4:bc:66:e2:e2:7a:85:42:9b:59:38:31:ed:91:e5:e6:2a:fa:
         52:00:13:57:87:d4:22:a7:0d:4d:d3:5a:a6:0e:85:86:b3:ad:
         7e:1d:2e:f7:3a:31:87:07:fd:0f:bd:15:91:6b:e3:14:d9:9d:
         1c:08:70:49:15:79:48:db:ad:4d:45:b4:1e:d2:c8:14:d7:56:
         cc:af:c8:45:8d:d9:86:c1:fe:4d:ad:fb:be:9c:03:cf:8b:1a:
         5e:d1:f4:c3:c6:9a:5d:44:07:20:05:61:84:5f:25:f1:be:87:
         a7:1c:05:9c:bd:ba:ba:f6:4c:80:5b:71:a0:5f:9f:53:89:59:
         79:3f:67:7c:87:ea:ea:19:fd:33:ac:2e:4d:87:20:2d:73:4f:
         23:62:70:4f:1d:79:e1:2f:d8:c0:5c:12:c8:87:c4:09:b2:55:
         48:de:a7:ab:ed:da:20:26:56:9b:91:92:51:f1:ad:78:f1:2f:
         ad:a6:35:d8:e8:cf:6e:7b:5e:e9:ac:c1:b1:26:00:46:f3:22:
         09:35:6d:97:23:fa:a6:59:3c:3c:de:af:21:a8:a4:90:d7:26:
         61:2f:e9:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JS0XstYwz5wk+blBLvqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjU5MGNhNjJjMjQ2NDQwNTgzODE4YzMxZjI1NzNhMGY1
MGZmZDAwHhcNMjUwNTExMDcwMDI5WhcNMjUwNTEyMDcwMDI5WjAzMTEwLwYDVQQD
Eyg4YmZjOTcxYjk4ZDJiODQyODhmNmU3YzAwMGQzYjgwODc0MjVlODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4bTLNhwdVUerq3Mk1StqYD5XoWj
lBaBV00n4pj8ERCj3yjTYTFB8TNKPrZAV4HX+B/Z4IFUfFOMXmOg+1y+MjPKwYQ4
eydF1I+MTF8oXhc+qQeySELtdcTyjTZofGoad/y56w+ray6z/GCdamKHKBBZAUQn
W9tFl0Q/MAHzjl1nZdMchjEjLdY2/Th5QHFNgvsvG6P9vs3g7s80cidhWlLzgq3Z
R+zF54FZ2jH2hUsZ2Kk7gbDq+r6b6cV4Dv+gkmoFV4ud7N1u6TyTlwXGCh2+INvG
bOtwOd6eqMkyq2kRihf/8EC8rqITjSra3pyNUIfm0HZPjrpivLzcRlLHmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIv8lxuY0rhCiPbnwADTuAh0JehKMB8GA1UdIwQY
MBaAFIT1kMpiwkZEBYOBjDHyVzoPUP/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEt
OGQ1NmE3YjA5OTUzLzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEtOGQ1NmE3YjA5OTUz
LzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV/o6jO8c
zO50xL/5EPED4ud6JvJhSdLEWfupX7q7+BLO/qY81Lxm4uJ6hUKbWTgx7ZHl5ir6
UgATV4fUIqcNTdNapg6FhrOtfh0u9zoxhwf9D70VkWvjFNmdHAhwSRV5SNutTUW0
HtLIFNdWzK/IRY3ZhsH+Ta37vpwDz4saXtH0w8aaXUQHIAVhhF8l8b6HpxwFnL26
uvZMgFtxoF+fU4lZeT9nfIfq6hn9M6wuTYcgLXNPI2JwTx154S/YwFwSyIfECbJV
SN6nq+3aICZWm5GSUfGtePEvraY12OjPbnte6azBsSYARvMiCTVtlyP6plk8PN6v
IaikkNcmYS/pfg==
-----END CERTIFICATE-----