Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          U45dKMOUWsdN5WxQxRrGhUjm2akrvG1PbfMA5UFGZWk=
Subject key identifier:   9F:CA:38:55:CC:6D:3C:1A:C8:EB:5D:CA:99:A1:56:16:55:B6:8E:A2
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       01969F0837CB70D72B5BB52CC98615F6EE1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          04F5
Signing time:             Mon 05 May 2025 06:00:37 +0000
Manifest this update:     Mon 05 May 2025 06:00:37 +0000
Manifest next update:     Tue 06 May 2025 06:00:37 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: Li2JzuCig/uc7H83A7UovurGHEqDHlH3+A76U+IP7+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:08:37:cb:70:d7:2b:5b:b5:2c:c9:86:15:f6:ee:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: May  5 06:00:37 2025 GMT
            Not After : May  6 06:00:37 2025 GMT
        Subject: CN=9fca3855cc6d3c1ac8eb5dca99a1561655b68ea2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:91:8a:b3:f4:69:e7:82:e7:8f:6e:30:ac:09:
                    4e:0c:f3:73:63:ce:d6:e0:92:30:83:f6:89:5e:5d:
                    3c:04:ef:ea:30:7e:72:70:a2:8f:50:71:79:aa:35:
                    71:6d:4f:e1:b5:39:fd:69:66:b6:11:a8:9d:2a:35:
                    ac:30:8e:c9:0b:3b:e8:ab:83:c0:1f:9f:21:52:3b:
                    e7:75:d9:20:b3:f4:59:8a:0e:d1:62:ab:38:cb:39:
                    b1:1a:5d:36:f6:ff:61:00:17:72:7e:d1:00:ef:60:
                    27:7b:d1:e1:8e:6c:e9:53:57:11:ba:f9:12:b4:0c:
                    26:61:78:bd:57:ac:44:a7:a1:cc:85:c7:e4:0e:77:
                    98:19:df:c3:fb:7c:46:14:10:cd:9e:3f:db:09:5e:
                    22:f8:f2:c9:1f:2d:4a:42:bb:d5:30:86:64:20:f1:
                    20:c3:0b:c6:01:af:97:b8:74:88:18:35:fe:0b:4f:
                    53:6d:d0:cd:46:bf:29:d3:8b:a0:81:40:21:03:72:
                    0c:d0:1f:db:d2:fa:1b:90:b4:4f:a7:79:ad:ea:fa:
                    7b:f6:6a:5b:f6:07:a7:9d:55:d0:06:a0:b1:2c:75:
                    a6:3c:50:3c:71:44:30:dc:c5:4a:e3:2e:4b:19:c2:
                    1f:b7:e6:fc:a1:d9:4e:7d:22:d9:e3:59:6d:b6:5e:
                    a7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:CA:38:55:CC:6D:3C:1A:C8:EB:5D:CA:99:A1:56:16:55:B6:8E:A2
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:c1:18:5e:79:bb:27:e3:64:33:3c:60:3e:cb:5f:5b:97:31:
         eb:c5:d5:1b:f8:63:44:8b:79:65:e3:8c:06:34:38:7f:19:b2:
         fa:50:bd:36:d1:3f:41:5b:91:47:0c:88:70:a9:23:27:c8:9f:
         bd:87:01:8f:37:3b:e6:d2:78:87:fc:ae:5b:df:20:ed:7b:98:
         0a:f3:65:84:3a:f1:b2:c8:11:5e:7e:00:83:28:4c:bf:2c:4a:
         77:9d:5a:c0:4d:5a:52:2a:0c:88:fa:06:14:65:8a:a1:fc:c2:
         8d:be:d5:06:c5:5d:3d:59:60:c0:7d:fa:a8:81:02:3a:58:1a:
         69:c2:2c:f9:b7:b6:85:e9:dc:7a:c7:87:b2:1f:e8:6e:4e:a5:
         21:aa:46:83:a4:1c:cc:d9:3c:45:3b:5e:b4:20:ff:91:d3:3c:
         c4:eb:28:ea:55:48:ea:a1:67:12:d9:52:eb:e0:4e:be:b6:e1:
         87:0f:14:35:26:c9:e7:e6:c1:85:c7:da:71:c7:ab:1c:7e:9e:
         bf:b3:74:59:49:8e:e2:03:17:54:b5:54:8b:85:b9:68:70:6b:
         d7:8d:c9:08:c3:8b:be:a2:47:31:59:8a:de:df:f0:ce:7c:49:
         3d:bf:9b:a9:0d:40:62:a0:1c:74:84:30:c6:88:3b:16:f2:ef:
         78:3b:1b:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafCDfLcNcrW7UsyYYV9u4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNTA1MDYwMDM3WhcNMjUwNTA2MDYwMDM3WjAzMTEwLwYDVQQD
Eyg5ZmNhMzg1NWNjNmQzYzFhYzhlYjVkY2E5OWExNTYxNjU1YjY4ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZGKs/Rp54Lnj24wrAlODPNzY87W
4JIwg/aJXl08BO/qMH5ycKKPUHF5qjVxbU/htTn9aWa2EaidKjWsMI7JCzvoq4PA
H58hUjvnddkgs/RZig7RYqs4yzmxGl029v9hABdyftEA72Ane9HhjmzpU1cRuvkS
tAwmYXi9V6xEp6HMhcfkDneYGd/D+3xGFBDNnj/bCV4i+PLJHy1KQrvVMIZkIPEg
wwvGAa+XuHSIGDX+C09TbdDNRr8p04uggUAhA3IM0B/b0vobkLRPp3mt6vp79mpb
9gennVXQBqCxLHWmPFA8cUQw3MVK4y5LGcIft+b8odlOfSLZ41lttl6neQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/KOFXMbTwayOtdypmhVhZVto6iMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAisEYXnm7
J+NkMzxgPstfW5cx68XVG/hjRIt5ZeOMBjQ4fxmy+lC9NtE/QVuRRwyIcKkjJ8if
vYcBjzc75tJ4h/yuW98g7XuYCvNlhDrxssgRXn4AgyhMvyxKd51awE1aUioMiPoG
FGWKofzCjb7VBsVdPVlgwH36qIECOlgaacIs+be2henceseHsh/obk6lIapGg6Qc
zNk8RTtetCD/kdM8xOso6lVI6qFnEtlS6+BOvrbhhw8UNSbJ5+bBhcfaccerHH6e
v7N0WUmO4gMXVLVUi4W5aHBr143JCMOLvqJHMVmK3t/wznxJPb+bqQ1AYqAcdIQw
xog7FvLveDsbWA==
-----END CERTIFICATE-----