Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          oUZNbeIPbXBYm1T04Ymh/W0BGVr89sK8OwD8JSplFZM=
Subject key identifier:   E5:16:3A:E7:B4:A1:4E:9D:1E:33:93:95:C7:4F:94:65:25:28:64:8C
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       01969D1970DDC24848D4FDDE52353086D973
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          113A
Signing time:             Sun 04 May 2025 21:00:12 +0000
Manifest this update:     Sun 04 May 2025 21:00:12 +0000
Manifest next update:     Mon 05 May 2025 21:00:12 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: 8GvjK+IneFeHwSkrhRzi4f/4qV5gFmxxAiPCbzbum8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 05 May 2025 21:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9d:19:70:dd:c2:48:48:d4:fd:de:52:35:30:86:d9:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: May  4 21:00:12 2025 GMT
            Not After : May  5 21:00:12 2025 GMT
        Subject: CN=e5163ae7b4a14e9d1e339395c74f94652528648c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2c:62:89:f5:df:b0:8e:0f:92:3c:70:96:de:
                    a4:dc:b5:e7:dc:28:c6:57:ca:70:fc:c2:7d:de:d5:
                    f1:2b:6b:ab:d7:ca:11:be:ea:98:02:34:b3:ba:23:
                    62:38:dc:f7:cb:79:f5:b4:2b:d5:4c:d9:76:8a:5e:
                    08:08:6b:0a:80:05:4b:4d:d2:32:3f:95:41:45:00:
                    10:94:ff:61:11:b5:30:15:ac:46:0c:a5:27:fd:61:
                    6a:61:65:0b:f6:47:d9:05:30:a9:f1:96:22:51:9e:
                    c6:bd:d2:53:9e:6c:72:57:f6:31:db:f1:8d:c8:56:
                    8f:a4:9a:f0:df:1e:a9:4b:8f:b4:fa:d9:9f:e8:ab:
                    eb:7b:6c:07:fe:50:89:d5:a5:3a:f2:29:7e:47:f5:
                    19:1b:43:b1:a6:67:2c:7a:24:a5:5f:cb:81:e7:8b:
                    9e:e7:61:b8:24:51:e9:18:91:b9:2e:9f:7b:ef:cc:
                    9a:0a:a3:2f:21:67:b9:6e:89:ce:3e:74:f7:05:30:
                    0f:8d:61:d3:07:ce:88:5f:33:48:5d:65:08:7b:77:
                    be:0b:be:3d:44:f7:76:ce:b5:09:a5:0a:76:83:d9:
                    c7:c6:6f:43:c2:eb:66:57:fe:f7:c8:66:25:12:91:
                    2e:7e:d2:37:97:58:c2:e5:37:0a:63:bb:91:40:17:
                    1c:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:16:3A:E7:B4:A1:4E:9D:1E:33:93:95:C7:4F:94:65:25:28:64:8C
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:7b:73:c1:82:65:6d:74:34:b1:80:1a:5e:89:6b:ad:a8:66:
         e4:47:64:89:18:f9:b2:ba:e3:b8:86:38:f2:e8:db:bd:11:02:
         78:19:7e:3f:b6:36:64:9c:05:ba:3e:b6:1d:55:33:0f:01:f8:
         06:59:3e:a0:df:cf:19:07:be:7d:e8:72:bc:e0:61:22:9a:0e:
         d3:0e:6d:a4:79:7d:42:bd:f9:90:d9:d5:b9:66:57:0d:9e:80:
         cf:a8:c5:88:5b:88:c1:7b:e4:3a:c5:1f:c2:a4:9f:02:7f:06:
         6d:77:3a:04:f4:5f:ce:35:5d:8f:f3:d8:83:71:31:9c:a3:7a:
         08:4a:9b:da:84:9b:60:c8:04:59:78:60:10:27:c3:e7:ba:3a:
         b7:2f:8c:fe:54:ec:12:65:73:63:a0:1b:ab:48:1e:bf:f4:c8:
         19:c6:0b:d5:11:5e:07:e3:ed:d0:28:0b:98:c4:5f:c7:11:a0:
         3d:02:5a:53:ed:9f:80:ab:58:ac:b9:c0:80:35:70:86:5e:e9:
         e1:04:a9:01:c1:be:e0:be:83:5b:12:65:5c:6c:fe:9a:de:bf:
         a9:b3:e7:b5:a8:6d:ad:f8:ff:08:92:38:ff:d3:fc:85:9e:c0:
         0a:25:52:42:08:6a:18:28:3c:5e:18:33:e3:8c:47:03:63:eb:
         48:f8:af:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZadGXDdwkhI1P3eUjUwhtlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUwNTA0MjEwMDEyWhcNMjUwNTA1MjEwMDEyWjAzMTEwLwYDVQQD
EyhlNTE2M2FlN2I0YTE0ZTlkMWUzMzkzOTVjNzRmOTQ2NTI1Mjg2NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyxiifXfsI4Pkjxwlt6k3LXn3CjG
V8pw/MJ93tXxK2ur18oRvuqYAjSzuiNiONz3y3n1tCvVTNl2il4ICGsKgAVLTdIy
P5VBRQAQlP9hEbUwFaxGDKUn/WFqYWUL9kfZBTCp8ZYiUZ7GvdJTnmxyV/Yx2/GN
yFaPpJrw3x6pS4+0+tmf6Kvre2wH/lCJ1aU68il+R/UZG0OxpmcseiSlX8uB54ue
52G4JFHpGJG5Lp9778yaCqMvIWe5bonOPnT3BTAPjWHTB86IXzNIXWUIe3e+C749
RPd2zrUJpQp2g9nHxm9DwutmV/73yGYlEpEuftI3l1jC5TcKY7uRQBccdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUWOue0oU6dHjOTlcdPlGUlKGSMMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOntzwYJl
bXQ0sYAaXolrrahm5EdkiRj5srrjuIY48ujbvRECeBl+P7Y2ZJwFuj62HVUzDwH4
Blk+oN/PGQe+fehyvOBhIpoO0w5tpHl9Qr35kNnVuWZXDZ6Az6jFiFuIwXvkOsUf
wqSfAn8GbXc6BPRfzjVdj/PYg3ExnKN6CEqb2oSbYMgEWXhgECfD57o6ty+M/lTs
EmVzY6Abq0gev/TIGcYL1RFeB+Pt0CgLmMRfxxGgPQJaU+2fgKtYrLnAgDVwhl7p
4QSpAcG+4L6DWxJlXGz+mt6/qbPntahtrfj/CJI4/9P8hZ7ACiVSQghqGCg8Xhgz
44xHA2PrSPivmg==
-----END CERTIFICATE-----