Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          kmS1ppSAiFRPzFVgAx2iWbIw+Yxeb/i0iwmQMU/u5AM=
Subject key identifier:   13:99:47:A5:FF:7A:D2:0F:B6:F6:9E:C8:55:01:ED:79:55:F4:37:ED
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       0196BF6E8E2EE61791D4FC4B81681762F9EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          1117
Signing time:             Sun 11 May 2025 13:00:15 +0000
Manifest this update:     Sun 11 May 2025 13:00:15 +0000
Manifest next update:     Mon 12 May 2025 13:00:15 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: SZl+J+76ipjEOm+M+prWqzFWyVrtnG/5jC8NyrhHL9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:6e:8e:2e:e6:17:91:d4:fc:4b:81:68:17:62:f9:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: May 11 13:00:15 2025 GMT
            Not After : May 12 13:00:15 2025 GMT
        Subject: CN=139947a5ff7ad20fb6f69ec85501ed7955f437ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7f:8f:e5:e0:b6:a0:2d:ff:44:09:5d:2e:e3:
                    22:f0:7f:79:1a:ef:37:37:9c:e6:1d:0f:29:db:5c:
                    11:b0:4f:8c:7d:bd:4d:64:86:cb:f0:e6:d3:94:a5:
                    9e:89:65:66:39:34:b6:00:d9:2d:bd:e5:e3:d4:82:
                    77:9c:7d:21:99:ee:ab:23:e7:b3:3d:8c:01:a3:f5:
                    5d:b2:f4:e3:2f:40:58:78:0c:81:7a:38:fc:61:cf:
                    64:7a:4c:a9:61:99:23:af:1d:af:bb:a1:8e:ed:66:
                    43:4d:ff:14:37:d2:6e:7a:fd:1a:6c:0b:b7:13:aa:
                    c6:52:19:ca:56:36:6a:b0:98:2e:54:9c:60:8a:d8:
                    db:b8:f8:de:44:c7:08:59:05:85:52:02:11:d4:53:
                    10:fd:97:9d:09:41:bd:9c:24:aa:c8:52:b1:f5:e0:
                    5d:9c:e2:2e:1b:d1:84:68:6b:8f:c0:b8:73:6d:ef:
                    5c:f2:b8:4c:b8:6a:39:b0:56:68:49:4a:9d:5e:d7:
                    f3:89:17:79:f4:5d:1e:4a:c4:1f:ec:f7:77:9b:5a:
                    27:6e:fd:db:c4:23:a7:e8:6d:ee:88:9b:64:c2:3a:
                    0d:22:83:2c:99:17:0d:54:94:a7:52:14:6f:9d:cc:
                    35:0f:5f:9b:a5:6f:28:7b:16:17:ce:a2:d1:3e:da:
                    10:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:99:47:A5:FF:7A:D2:0F:B6:F6:9E:C8:55:01:ED:79:55:F4:37:ED
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:61:99:d7:01:11:bf:32:80:34:bd:fd:91:bb:87:32:da:43:
         07:47:7f:4e:2b:9f:a2:b0:60:89:c3:4c:6e:a9:d6:8a:14:c4:
         ce:20:40:d1:17:29:ea:12:1e:56:ed:36:3c:db:9f:26:57:c3:
         82:13:0f:b9:db:a1:f4:1e:7e:70:21:48:22:75:0e:04:b8:76:
         65:5d:f4:64:d6:ab:10:3f:af:24:52:30:7e:ca:24:a3:a1:d6:
         4f:68:71:6c:42:47:ab:47:1b:f7:3c:4c:4c:a3:98:2f:c2:f1:
         e2:c9:dc:d2:ff:af:f2:59:c4:6c:91:52:71:8d:34:4d:1e:2d:
         58:40:cc:d1:ea:6b:00:a3:34:0f:30:db:b7:4c:df:7f:b9:32:
         d3:38:a8:d4:f2:67:18:7b:13:dc:6a:c1:6d:64:88:5a:9e:1a:
         f5:5f:d2:82:bc:95:a5:00:8a:7e:9f:85:fc:ab:b0:d4:5e:94:
         21:b1:6c:78:88:37:2e:b3:ad:ad:1c:8d:36:45:79:c6:f4:c2:
         50:d9:76:18:41:a6:f0:53:17:b9:9d:ae:45:9f:ce:f0:14:2c:
         81:86:cc:54:79:dc:e3:e2:8c:ff:bf:6d:75:bd:2b:46:49:4a:
         ed:e9:70:e8:14:1b:6d:87:2a:08:3b:de:1a:68:18:4c:8f:e3:
         7e:85:1f:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/bo4u5heR1PxLgWgXYvnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjUwNTExMTMwMDE1WhcNMjUwNTEyMTMwMDE1WjAzMTEwLwYDVQQD
EygxMzk5NDdhNWZmN2FkMjBmYjZmNjllYzg1NTAxZWQ3OTU1ZjQzN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn+P5eC2oC3/RAldLuMi8H95Gu83
N5zmHQ8p21wRsE+Mfb1NZIbL8ObTlKWeiWVmOTS2ANktveXj1IJ3nH0hme6rI+ez
PYwBo/VdsvTjL0BYeAyBejj8Yc9kekypYZkjrx2vu6GO7WZDTf8UN9Juev0abAu3
E6rGUhnKVjZqsJguVJxgitjbuPjeRMcIWQWFUgIR1FMQ/ZedCUG9nCSqyFKx9eBd
nOIuG9GEaGuPwLhzbe9c8rhMuGo5sFZoSUqdXtfziRd59F0eSsQf7Pd3m1onbv3b
xCOn6G3uiJtkwjoNIoMsmRcNVJSnUhRvncw1D1+bpW8oexYXzqLRPtoQzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOZR6X/etIPtvaeyFUB7XlV9DftMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMGGZ1wER
vzKANL39kbuHMtpDB0d/TiuforBgicNMbqnWihTEziBA0Rcp6hIeVu02PNufJlfD
ghMPuduh9B5+cCFIInUOBLh2ZV30ZNarED+vJFIwfsoko6HWT2hxbEJHq0cb9zxM
TKOYL8Lx4snc0v+v8lnEbJFScY00TR4tWEDM0eprAKM0DzDbt0zff7ky0zio1PJn
GHsT3GrBbWSIWp4a9V/SgryVpQCKfp+F/Kuw1F6UIbFseIg3LrOtrRyNNkV5xvTC
UNl2GEGm8FMXuZ2uRZ/O8BQsgYbMVHnc4+KM/79tdb0rRklK7elw6BQbbYcqCDve
GmgYTI/jfoUfhw==
-----END CERTIFICATE-----