Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          p0l69w+TGVEPP8H4AJbcWJByH8MH3Fqk0ShzWLS5Oso=
Subject key identifier:   AF:F1:DB:29:84:C4:CE:C2:77:32:39:57:34:9D:AD:3C:FA:E9:85:90
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       0196BDEE0249C201AD252BDB8A0F919E783B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          018B
Signing time:             Sun 11 May 2025 06:00:14 +0000
Manifest this update:     Sun 11 May 2025 06:00:14 +0000
Manifest next update:     Mon 12 May 2025 06:00:14 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: JQIiHJkZ5ElFNtdoCaAvlmeAkHhvnJP0r5oNUBowygI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:02:49:c2:01:ad:25:2b:db:8a:0f:91:9e:78:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: May 11 06:00:14 2025 GMT
            Not After : May 12 06:00:14 2025 GMT
        Subject: CN=aff1db2984c4cec277323957349dad3cfae98590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:96:bf:cf:1f:a3:95:20:d6:b9:78:a3:ff:17:
                    88:92:9e:fd:d2:c3:78:f5:75:89:20:ed:76:dd:0e:
                    c1:a9:26:d3:36:b0:38:3c:13:db:dc:38:9b:51:0f:
                    2d:fe:c0:5c:af:6a:e6:c3:9d:5d:3b:6f:4d:91:85:
                    35:58:6b:40:36:b1:04:a6:43:90:24:43:96:a8:27:
                    36:a1:20:5a:5d:d8:3e:44:c6:ef:0c:bd:07:8f:13:
                    81:ee:f3:4a:31:3f:48:4d:67:ab:be:88:db:ba:3e:
                    05:94:cb:06:d3:f0:28:9a:b7:f3:7f:00:38:ad:3a:
                    fe:38:95:4a:0f:0e:cf:db:45:fe:80:c7:bc:48:37:
                    3b:eb:3e:c3:9e:c1:cb:47:d7:99:d3:bc:21:ed:b3:
                    b1:96:0b:88:d3:5d:ae:50:97:27:f7:ef:a7:5c:ba:
                    36:8a:64:c8:e7:a7:55:bc:32:c1:49:6c:9c:35:b1:
                    2e:40:75:ff:18:45:a6:0c:65:08:87:8f:4c:31:69:
                    8a:a6:48:05:a3:a6:a1:21:66:d1:9b:68:2e:d0:47:
                    a1:a0:8c:04:9a:99:2b:1e:e0:66:1d:2b:85:e1:d0:
                    ae:da:f2:bc:f7:61:b7:a1:06:c0:87:83:db:ea:74:
                    d6:58:8e:4b:82:57:35:f6:08:44:af:91:4c:cd:68:
                    2d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F1:DB:29:84:C4:CE:C2:77:32:39:57:34:9D:AD:3C:FA:E9:85:90
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:da:c2:21:f5:a8:02:52:35:2b:93:10:91:60:df:aa:95:c8:
         6e:78:80:a0:89:5d:c4:2f:3f:cd:83:bc:7c:f4:19:56:cf:aa:
         cb:1d:14:27:79:9e:81:41:18:4f:83:84:e6:3e:a2:3e:d0:43:
         31:02:f9:84:6e:0b:a3:8b:8b:fc:a1:d2:82:10:c7:e9:d2:c0:
         b0:0c:65:10:b8:d6:ce:3b:a5:b5:38:32:97:8e:ae:17:95:2f:
         ad:b2:b0:4b:e1:9a:52:ac:ff:10:22:57:21:15:87:11:f7:4e:
         52:0e:33:35:c0:5e:4d:1b:ec:e2:9a:5f:9f:24:33:b1:5f:96:
         91:bf:16:3e:2c:72:de:f6:85:4b:ba:84:6f:95:46:97:81:4a:
         e9:73:5f:f4:f2:84:c5:86:22:16:cd:2c:67:21:e9:d1:f1:7b:
         07:a8:67:8f:27:ee:3c:70:de:12:74:64:dd:f5:ad:53:73:e3:
         53:cd:75:ac:9b:b4:73:17:54:ee:40:fe:de:01:b6:52:51:06:
         2f:b5:d8:1e:ab:a0:ab:fa:5d:b2:a4:1b:82:64:5a:d9:55:75:
         01:6a:37:bc:c2:28:72:5a:09:a2:4d:0c:c9:c5:7c:be:98:c9:
         7c:76:8d:57:42:56:5c:2e:2d:46:10:2d:46:13:8b:ba:36:49:
         19:f5:6d:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97gJJwgGtJSvbig+Rnng7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUwNTExMDYwMDE0WhcNMjUwNTEyMDYwMDE0WjAzMTEwLwYDVQQD
EyhhZmYxZGIyOTg0YzRjZWMyNzczMjM5NTczNDlkYWQzY2ZhZTk4NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipa/zx+jlSDWuXij/xeIkp790sN4
9XWJIO123Q7BqSbTNrA4PBPb3DibUQ8t/sBcr2rmw51dO29NkYU1WGtANrEEpkOQ
JEOWqCc2oSBaXdg+RMbvDL0HjxOB7vNKMT9ITWervojbuj4FlMsG0/AomrfzfwA4
rTr+OJVKDw7P20X+gMe8SDc76z7DnsHLR9eZ07wh7bOxlguI012uUJcn9++nXLo2
imTI56dVvDLBSWycNbEuQHX/GEWmDGUIh49MMWmKpkgFo6ahIWbRm2gu0EehoIwE
mpkrHuBmHSuF4dCu2vK892G3oQbAh4Pb6nTWWI5Lglc19ghEr5FMzWgt4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/x2ymExM7CdzI5VzSdrTz66YWQMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0drCIfWo
AlI1K5MQkWDfqpXIbniAoIldxC8/zYO8fPQZVs+qyx0UJ3megUEYT4OE5j6iPtBD
MQL5hG4Lo4uL/KHSghDH6dLAsAxlELjWzjultTgyl46uF5UvrbKwS+GaUqz/ECJX
IRWHEfdOUg4zNcBeTRvs4ppfnyQzsV+Wkb8WPixy3vaFS7qEb5VGl4FK6XNf9PKE
xYYiFs0sZyHp0fF7B6hnjyfuPHDeEnRk3fWtU3PjU811rJu0cxdU7kD+3gG2UlEG
L7XYHqugq/pdsqQbgmRa2VV1AWo3vMIocloJok0MycV8vpjJfHaNV0JWXC4tRhAt
RhOLujZJGfVtKg==
-----END CERTIFICATE-----