Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
File:                     hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json)
Hash identifier:          2JasSpfv7u9Vv0cJUbY2oOnD7/2aIo8w16QiVuzrGKI=
Subject key identifier:   A2:A6:F1:38:6C:88:02:7A:DD:59:2D:5B:22:37:3B:E6:8B:C9:6A:A6
Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C
Certificate issuer:       /CN=869acd19e23a816644bad0e8a12b86e1288ad33c
Certificate serial:       0196BB9260B9D346A3A9E2C7FFA18B76BA74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
Manifest number:          0F1C
Signing time:             Sat 10 May 2025 19:00:54 +0000
Manifest this update:     Sat 10 May 2025 19:00:54 +0000
Manifest next update:     Sun 11 May 2025 19:00:54 +0000
Files and hashes:         1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: 0a4fzc6ZC2NRIl5IBoqORS/1w6SnIqbOc4sVQpkhO2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:60:b9:d3:46:a3:a9:e2:c7:ff:a1:8b:76:ba:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c
        Validity
            Not Before: May 10 19:00:54 2025 GMT
            Not After : May 11 19:00:54 2025 GMT
        Subject: CN=a2a6f1386c88027add592d5b22373be68bc96aa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:93:d9:5c:a8:49:d1:c6:98:62:09:17:3b:45:
                    69:f7:ec:03:2f:8a:ee:1d:9a:3b:8c:e6:b1:23:52:
                    8a:fc:44:cc:8e:4c:9e:17:72:98:48:de:d7:8c:6d:
                    90:7c:57:cb:d6:98:ac:d1:0b:32:82:1b:c5:d2:67:
                    c4:d3:14:22:f0:81:91:27:32:c9:4b:45:9d:43:4d:
                    79:5a:8a:b6:37:ea:3e:47:91:00:44:98:fa:39:57:
                    49:65:26:5f:cf:c1:b4:1b:5d:17:47:9c:1b:79:fa:
                    b9:b6:87:d6:e5:b9:d7:1d:8b:05:4c:43:9e:ad:0c:
                    da:61:89:b4:12:9a:21:17:4b:df:b2:2c:57:a7:b9:
                    c1:16:4e:3c:e9:db:8b:1e:41:e1:08:51:66:4a:07:
                    03:b8:51:bb:6d:3a:b1:6e:ad:37:b2:a6:51:b4:7d:
                    31:a9:4d:f7:46:f3:0e:b3:c0:48:00:7c:de:87:2f:
                    04:af:32:bd:5d:d7:95:8b:d0:85:d6:21:15:89:eb:
                    da:9c:a8:da:0b:45:23:52:9b:4b:45:a7:71:e9:63:
                    7a:26:0b:03:6b:75:2d:58:7a:f4:6f:df:7b:81:88:
                    bf:51:20:e8:d0:12:1d:99:15:5b:72:e9:2b:8a:9c:
                    24:8f:9a:ad:99:7e:90:16:c4:b6:f6:07:c8:b1:e5:
                    be:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A6:F1:38:6C:88:02:7A:DD:59:2D:5B:22:37:3B:E6:8B:C9:6A:A6
            X509v3 Authority Key Identifier:
                keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:99:6f:69:1b:1f:cb:2b:33:b8:77:7e:ee:97:86:bf:21:e3:
         12:57:cd:c6:1c:43:65:0d:dd:a4:46:60:7e:95:dc:8e:9f:48:
         73:9f:a7:fc:7f:40:2e:c0:49:89:e4:0c:12:de:55:99:31:76:
         a1:22:88:12:0f:2b:74:1e:29:40:88:66:a4:eb:2a:13:59:46:
         ca:e6:c1:99:7a:62:e8:a3:8b:b3:7f:22:63:5b:2a:aa:66:33:
         78:89:89:42:87:e1:f4:d8:70:67:72:e0:4d:9f:69:28:32:26:
         fe:ce:04:ef:4e:32:ad:b4:59:74:0a:64:95:ab:c4:97:27:08:
         11:11:36:fc:e8:ba:47:a2:52:87:97:58:34:92:ee:c8:00:f8:
         61:bf:e2:1d:cb:54:17:23:62:c8:95:14:c2:ab:da:65:87:91:
         e9:58:9a:fe:01:cc:9c:c7:4e:db:7d:c9:c7:56:ce:37:70:61:
         0e:8f:7b:13:54:53:d3:6a:ed:72:22:12:be:6a:4d:9d:4a:11:
         0e:e3:77:85:42:65:aa:ec:45:b7:48:a6:12:dd:b9:69:55:33:
         fb:0d:1b:c2:8e:8e:d9:d9:83:18:54:ee:66:0b:32:6e:5b:75:
         62:4b:42:7f:cd:98:d0:93:f8:c4:e0:e8:3d:c3:e1:b4:9a:d9:
         a2:4a:43:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kmC500ajqeLH/6GLdrp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4
YWQzM2MwHhcNMjUwNTEwMTkwMDU0WhcNMjUwNTExMTkwMDU0WjAzMTEwLwYDVQQD
EyhhMmE2ZjEzODZjODgwMjdhZGQ1OTJkNWIyMjM3M2JlNjhiYzk2YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5PZXKhJ0caYYgkXO0Vp9+wDL4ru
HZo7jOaxI1KK/ETMjkyeF3KYSN7XjG2QfFfL1pis0QsyghvF0mfE0xQi8IGRJzLJ
S0WdQ015Woq2N+o+R5EARJj6OVdJZSZfz8G0G10XR5wbefq5tofW5bnXHYsFTEOe
rQzaYYm0EpohF0vfsixXp7nBFk486duLHkHhCFFmSgcDuFG7bTqxbq03sqZRtH0x
qU33RvMOs8BIAHzehy8ErzK9XdeVi9CF1iEVievanKjaC0UjUptLRadx6WN6JgsD
a3UtWHr0b997gYi/USDo0BIdmRVbcukripwkj5qtmX6QFsS29gfIseW+pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKm8ThsiAJ63VktWyI3O+aLyWqmMB8GA1UdIwQY
MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt
N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw
LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJlvaRsf
yyszuHd+7peGvyHjElfNxhxDZQ3dpEZgfpXcjp9Ic5+n/H9ALsBJieQMEt5VmTF2
oSKIEg8rdB4pQIhmpOsqE1lGyubBmXpi6KOLs38iY1sqqmYzeImJQofh9NhwZ3Lg
TZ9pKDIm/s4E704yrbRZdApklavElycIERE2/Oi6R6JSh5dYNJLuyAD4Yb/iHctU
FyNiyJUUwqvaZYeR6Via/gHMnMdO233Jx1bON3BhDo97E1RT02rtciISvmpNnUoR
DuN3hUJlquxFt0imEt25aVUz+w0bwo6O2dmDGFTuZgsyblt1YktCf82Y0JP4xODo
PcPhtJrZokpDnQ==
-----END CERTIFICATE-----