Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
File:                     hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft (raw, json)
Hash identifier:          4lXKQArZ9dIX9Fz5P+CD//TDYplKeuNk1gWRRYCFtbQ=
Subject key identifier:   C8:1C:A4:DB:8C:22:F8:2B:A4:E2:55:CF:AC:F7:80:89:FE:7C:F5:E5
Authority key identifier: 85:02:8F:90:14:28:3B:34:9D:16:CA:FD:C9:4B:7F:5E:F1:53:0E:4D
Certificate issuer:       /CN=85028f9014283b349d16cafdc94b7f5ef1530e4d
Certificate serial:       0196A5AF457D0817910B03BC8D26CBAA02D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
Manifest number:          02BE
Signing time:             Tue 06 May 2025 13:00:49 +0000
Manifest this update:     Tue 06 May 2025 13:00:49 +0000
Manifest next update:     Wed 07 May 2025 13:00:49 +0000
Files and hashes:         1: hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl (hash: QNtyQ2bXHCUJXKsjg2rnDZj1FEH0cHxapToaoewaXHs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a5:af:45:7d:08:17:91:0b:03:bc:8d:26:cb:aa:02:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85028f9014283b349d16cafdc94b7f5ef1530e4d
        Validity
            Not Before: May  6 13:00:49 2025 GMT
            Not After : May  7 13:00:49 2025 GMT
        Subject: CN=c81ca4db8c22f82ba4e255cfacf78089fe7cf5e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fe:07:35:d5:2f:e2:f3:81:4a:7f:0c:dc:27:
                    f4:42:00:82:80:a7:b8:8f:53:97:87:0d:a3:9f:a1:
                    24:32:ff:2f:41:e2:c2:b5:b0:f9:e6:e8:24:24:29:
                    55:ca:92:d7:3f:86:ee:6e:76:8b:f1:6a:44:94:55:
                    04:c8:7e:75:ff:bc:c6:1e:cb:f4:53:3c:58:bc:e7:
                    38:d4:2e:9d:90:05:9a:b4:be:b6:b6:c4:56:b6:25:
                    34:04:ff:2b:2c:15:be:a5:7d:e5:6f:13:a1:ab:f2:
                    29:ae:c0:95:12:70:46:c9:7d:a0:69:99:b7:a2:cc:
                    e5:3c:b1:7c:1b:b7:74:b4:0c:2c:8e:75:4a:60:a1:
                    3d:02:bb:59:fa:48:9b:5f:6a:fd:da:fa:54:36:31:
                    71:97:98:48:e7:99:66:20:46:49:4d:cb:33:d5:9b:
                    f5:fd:b6:2c:85:8d:69:73:70:93:87:9f:51:c7:b4:
                    d9:71:e5:ee:5b:22:8e:5b:82:73:51:7b:73:69:a5:
                    c2:a3:08:74:d2:60:d4:b8:67:e6:4d:99:07:2b:aa:
                    25:48:ec:a9:00:fc:5c:c5:06:3e:9d:c3:85:5b:bd:
                    f3:cc:35:41:85:e4:84:e8:48:20:f5:7e:f8:d4:b7:
                    7c:67:1f:f8:7f:dd:a6:06:d3:5d:47:80:6b:d6:42:
                    63:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:1C:A4:DB:8C:22:F8:2B:A4:E2:55:CF:AC:F7:80:89:FE:7C:F5:E5
            X509v3 Authority Key Identifier:
                keyid:85:02:8F:90:14:28:3B:34:9D:16:CA:FD:C9:4B:7F:5E:F1:53:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:6a:61:b9:c9:f6:df:6e:58:77:e9:2e:0d:df:01:ed:24:57:
         33:8d:d2:34:7d:07:c6:04:3f:fa:2b:3a:3d:29:13:e4:e0:2b:
         b8:b8:99:72:7e:91:19:9f:a5:ef:42:d7:cf:05:9e:86:10:2a:
         29:58:08:0b:ff:93:b2:d0:66:7d:36:bc:77:01:97:7f:d2:94:
         99:af:13:e8:74:de:5c:e3:88:04:6d:3a:08:cb:bc:d4:a0:3b:
         62:be:8a:6c:74:b9:ff:14:23:cc:fe:17:a5:03:ec:75:e4:1c:
         d3:79:cf:e8:a9:54:e0:aa:07:bf:90:8f:7d:57:b7:da:3f:aa:
         a9:bb:fa:7b:e6:92:1d:ca:13:d0:55:c2:45:30:c2:76:24:4b:
         d4:2d:b5:95:69:1e:e8:d7:84:b0:3d:b1:e7:97:8c:1b:f2:3d:
         89:05:35:97:30:22:ee:08:5a:3d:e8:ae:d9:f2:f4:11:65:eb:
         3f:b5:1f:ce:b1:ef:eb:d4:20:3f:26:36:1b:db:d8:52:a9:9a:
         78:57:a5:37:b8:8b:e4:49:08:29:de:81:9e:4d:0d:c6:c0:b7:
         74:8b:b8:b2:b9:05:13:27:07:10:ba:70:79:df:b1:6e:d2:26:
         d3:1a:b7:46:b3:2e:84:ab:df:5d:d1:ba:d7:ef:c8:13:0d:5a:
         87:38:3d:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZalr0V9CBeRCwO8jSbLqgLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDI4ZjkwMTQyODNiMzQ5ZDE2Y2FmZGM5NGI3ZjVlZjE1
MzBlNGQwHhcNMjUwNTA2MTMwMDQ5WhcNMjUwNTA3MTMwMDQ5WjAzMTEwLwYDVQQD
EyhjODFjYTRkYjhjMjJmODJiYTRlMjU1Y2ZhY2Y3ODA4OWZlN2NmNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf4HNdUv4vOBSn8M3Cf0QgCCgKe4
j1OXhw2jn6EkMv8vQeLCtbD55ugkJClVypLXP4bubnaL8WpElFUEyH51/7zGHsv0
UzxYvOc41C6dkAWatL62tsRWtiU0BP8rLBW+pX3lbxOhq/IprsCVEnBGyX2gaZm3
oszlPLF8G7d0tAwsjnVKYKE9ArtZ+kibX2r92vpUNjFxl5hI55lmIEZJTcsz1Zv1
/bYshY1pc3CTh59Rx7TZceXuWyKOW4JzUXtzaaXCowh00mDUuGfmTZkHK6olSOyp
APxcxQY+ncOFW73zzDVBheSE6Egg9X741Ld8Zx/4f92mBtNdR4Br1kJjswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgcpNuMIvgrpOJVz6z3gIn+fPXlMB8GA1UdIwQY
MBaAFIUCj5AUKDs0nRbK/clLf17xUw5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lNzBmY2UtOTYxMi00MDQ3LTkyZTEt
ODYzOWU1ZGE5N2U3LzEvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lNzBmY2UtOTYxMi00MDQ3LTkyZTEtODYzOWU1ZGE5N2U3
LzEvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2phucn2
325Yd+kuDd8B7SRXM43SNH0HxgQ/+is6PSkT5OAruLiZcn6RGZ+l70LXzwWehhAq
KVgIC/+TstBmfTa8dwGXf9KUma8T6HTeXOOIBG06CMu81KA7Yr6KbHS5/xQjzP4X
pQPsdeQc03nP6KlU4KoHv5CPfVe32j+qqbv6e+aSHcoT0FXCRTDCdiRL1C21lWke
6NeEsD2x55eMG/I9iQU1lzAi7ghaPeiu2fL0EWXrP7UfzrHv69QgPyY2G9vYUqma
eFelN7iL5EkIKd6Bnk0NxsC3dIu4srkFEycHELpwed+xbtIm0xq3RrMuhKvfXdG6
1+/IEw1ahzg9Ew==
-----END CERTIFICATE-----