Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          3JfyDVwD3k6EWB5+RXjqjzivgjGvx3DYgPFS+sIO+1E=
Subject key identifier:   D8:91:A9:11:CF:B6:64:28:EE:B7:8F:1F:B6:0F:24:B2:7C:F2:F2:6F
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       0196CB3C0CBDCD5FC731F0D71EAC5999F2FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          04B1
Signing time:             Tue 13 May 2025 20:00:32 +0000
Manifest this update:     Tue 13 May 2025 20:00:32 +0000
Manifest next update:     Wed 14 May 2025 20:00:32 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: jcXF4SezPdtLBqdQgxlB5rSrNRuIYEtxChBeChl5rlM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 20:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cb:3c:0c:bd:cd:5f:c7:31:f0:d7:1e:ac:59:99:f2:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: May 13 20:00:32 2025 GMT
            Not After : May 14 20:00:32 2025 GMT
        Subject: CN=d891a911cfb66428eeb78f1fb60f24b27cf2f26f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8a:d6:77:19:da:bd:19:12:07:77:24:a9:bb:
                    d8:02:a2:00:ab:f9:56:06:2e:90:72:c9:bb:07:ed:
                    7e:55:76:20:cd:d2:c4:4d:30:e1:f7:d4:bc:e9:b3:
                    96:c9:e2:ef:fa:32:43:68:77:2a:ee:a7:53:27:e8:
                    c9:51:e0:8c:97:48:be:5a:87:f7:79:3b:d0:5b:24:
                    c7:49:72:39:42:a3:4e:3f:79:62:56:9c:69:d3:13:
                    cf:1d:cc:de:08:89:06:43:f9:df:67:cf:a1:2a:96:
                    54:3f:d0:24:14:55:fd:b1:e2:09:88:7f:55:d2:18:
                    53:58:ce:a1:ef:1a:ba:30:94:05:aa:9d:d1:59:6e:
                    51:17:34:5f:b4:5d:c6:5e:42:a2:00:39:45:bb:0b:
                    03:18:07:28:7a:76:b0:1c:03:83:bd:d7:1b:87:b6:
                    5d:5a:67:c2:e9:e3:b9:59:19:23:3e:73:0c:ca:5f:
                    b8:19:74:d2:52:5c:95:a9:aa:67:2b:16:e4:f3:ac:
                    0b:1a:bb:43:92:1b:32:d4:d4:ed:67:ca:2d:1f:f8:
                    52:4c:98:d0:3b:59:60:83:41:0e:70:55:2a:9f:30:
                    1b:1a:6e:33:f1:98:d9:2f:2a:63:f5:ce:cd:1a:f5:
                    78:22:73:d1:73:32:95:25:a3:0c:f8:f3:76:4d:4d:
                    e5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:91:A9:11:CF:B6:64:28:EE:B7:8F:1F:B6:0F:24:B2:7C:F2:F2:6F
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:65:38:2c:3f:80:0d:e8:9c:20:9d:0c:eb:8d:1c:ed:e9:94:
         02:25:31:46:e5:33:a3:7a:67:79:e0:84:a9:40:48:67:ec:37:
         4c:d1:64:75:67:5e:8f:64:42:27:43:b7:78:39:4b:ad:a5:b9:
         44:65:b7:50:7b:c3:9d:3f:6f:ab:8c:77:da:56:07:e9:c3:df:
         77:a2:29:e6:6b:f0:1b:c2:4f:1b:38:48:67:c8:03:9a:23:78:
         1a:cd:3e:72:f8:e7:86:dd:e5:e7:48:1f:04:31:aa:c7:12:91:
         d1:86:f2:22:a6:87:92:49:c3:6e:f9:95:97:f4:7b:3a:05:c4:
         b1:e0:85:d9:e3:ac:f3:b4:13:fe:14:e3:16:b6:94:c6:e1:93:
         2f:61:1b:98:cd:f7:0e:1b:07:89:7f:2b:c7:8d:e5:a4:93:71:
         ae:c3:f9:23:0c:fe:86:d8:90:f5:e0:40:ef:d5:00:32:e2:07:
         00:27:ec:e8:c3:46:a5:82:29:89:99:61:47:8b:10:09:09:09:
         66:62:d4:bb:ea:5d:b6:10:81:79:e5:cd:01:d4:b0:07:94:e2:
         0a:98:d4:a5:c4:f5:4d:78:a4:5c:33:1f:21:84:0c:de:ef:23:
         53:b2:e7:cf:7a:96:92:f9:d8:30:44:78:1b:1e:42:26:10:16:
         74:4b:09:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbLPAy9zV/HMfDXHqxZmfL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNTEzMjAwMDMyWhcNMjUwNTE0MjAwMDMyWjAzMTEwLwYDVQQD
EyhkODkxYTkxMWNmYjY2NDI4ZWViNzhmMWZiNjBmMjRiMjdjZjJmMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYrWdxnavRkSB3ckqbvYAqIAq/lW
Bi6Qcsm7B+1+VXYgzdLETTDh99S86bOWyeLv+jJDaHcq7qdTJ+jJUeCMl0i+Wof3
eTvQWyTHSXI5QqNOP3liVpxp0xPPHczeCIkGQ/nfZ8+hKpZUP9AkFFX9seIJiH9V
0hhTWM6h7xq6MJQFqp3RWW5RFzRftF3GXkKiADlFuwsDGAcoenawHAODvdcbh7Zd
WmfC6eO5WRkjPnMMyl+4GXTSUlyVqapnKxbk86wLGrtDkhsy1NTtZ8otH/hSTJjQ
O1lgg0EOcFUqnzAbGm4z8ZjZLypj9c7NGvV4InPRczKVJaMM+PN2TU3lIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiRqRHPtmQo7rePH7YPJLJ88vJvMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWU4LD+A
DeicIJ0M640c7emUAiUxRuUzo3pneeCEqUBIZ+w3TNFkdWdej2RCJ0O3eDlLraW5
RGW3UHvDnT9vq4x32lYH6cPfd6Ip5mvwG8JPGzhIZ8gDmiN4Gs0+cvjnht3l50gf
BDGqxxKR0YbyIqaHkknDbvmVl/R7OgXEseCF2eOs87QT/hTjFraUxuGTL2EbmM33
DhsHiX8rx43lpJNxrsP5Iwz+htiQ9eBA79UAMuIHACfs6MNGpYIpiZlhR4sQCQkJ
ZmLUu+pdthCBeeXNAdSwB5TiCpjUpcT1TXikXDMfIYQM3u8jU7Lnz3qWkvnYMER4
Gx5CJhAWdEsJog==
-----END CERTIFICATE-----