Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          JbYzqfIbI9chsc988KK2YDs2DCw7bHPZtFmXR0QHgwk=
Subject key identifier:   38:E6:FD:C8:D2:6C:D4:76:6F:97:96:45:25:10:9A:71:F3:86:25:FE
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       0196BE5C1B1B9FA92E7099243677045EB720
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          0340
Signing time:             Sun 11 May 2025 08:00:29 +0000
Manifest this update:     Sun 11 May 2025 08:00:29 +0000
Manifest next update:     Mon 12 May 2025 08:00:29 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: F6owV1upL7PZe6aL73/0CqTTBPbT+47Cpa/7xogyTFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:1b:1b:9f:a9:2e:70:99:24:36:77:04:5e:b7:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: May 11 08:00:29 2025 GMT
            Not After : May 12 08:00:29 2025 GMT
        Subject: CN=38e6fdc8d26cd4766f97964525109a71f38625fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:9e:a9:a2:0f:27:24:33:e4:ba:38:32:5c:b4:
                    9f:87:82:2e:9d:7c:9f:44:00:3b:08:69:9d:aa:82:
                    86:b9:d2:39:72:81:72:9b:c6:fe:5d:9d:98:15:80:
                    58:d0:4b:25:8a:5f:93:51:7a:69:7b:c6:8e:73:f8:
                    db:b8:48:82:4c:4d:5a:55:09:4f:8e:52:87:3f:67:
                    85:16:fd:5c:4b:a9:9f:2e:5b:42:18:ad:dc:86:8f:
                    08:73:37:2b:e8:6d:dd:a8:9b:a5:09:fd:7d:2b:ae:
                    f1:da:c2:37:81:6c:9d:d1:68:54:f2:e3:07:7f:a5:
                    52:68:df:2b:10:2b:4e:0f:0e:5a:af:bb:74:5e:35:
                    d4:1a:2a:2c:6c:8a:4f:f9:56:04:3f:fe:54:71:73:
                    66:90:85:a6:19:5b:70:40:fa:21:cc:46:a9:41:6e:
                    18:ed:e5:b8:c7:fb:9a:05:e5:66:2f:d3:fc:74:63:
                    0e:20:f7:3a:c6:1f:e4:88:57:ae:fd:48:d9:f0:80:
                    4f:13:5f:63:1a:22:c1:02:02:35:0a:d5:1c:fa:21:
                    40:d7:fd:19:75:b8:fc:6f:ad:55:b5:f7:1d:ea:af:
                    f8:39:f7:08:c0:cc:e2:17:4f:4a:5d:9f:ce:3f:6f:
                    bf:91:25:35:06:55:ed:0f:94:c1:c3:a6:68:51:9f:
                    dc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:E6:FD:C8:D2:6C:D4:76:6F:97:96:45:25:10:9A:71:F3:86:25:FE
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:30:08:17:29:ae:df:7b:8e:79:62:06:19:5a:b3:82:14:3a:
         5f:cf:2c:59:b3:03:55:0b:f3:7c:0d:28:f2:6b:be:4d:84:c6:
         f6:d0:0c:0f:d2:45:a1:1e:c4:ec:cf:db:7b:b6:e0:fe:1d:7e:
         a2:23:ff:da:4d:3b:83:34:0c:a8:7e:29:a0:6f:27:39:c1:8f:
         9e:4f:90:83:38:28:12:c7:a9:99:af:28:31:62:4e:c9:9c:3a:
         b6:05:93:d5:61:38:dd:a1:f8:9e:83:20:59:e4:db:2f:b5:3d:
         29:e1:15:4d:82:b4:e2:e1:5b:12:69:ab:c6:ac:eb:29:97:09:
         53:33:a0:c4:52:91:2c:b1:0e:05:f9:97:c8:17:65:a7:af:18:
         e3:f2:85:b6:73:ab:9a:9d:ee:5a:14:f1:54:90:b5:28:2b:e4:
         88:6b:bd:8b:ff:0f:19:7c:ae:5e:42:16:de:3e:05:5e:ce:6b:
         ed:bf:33:ca:69:9d:5b:cd:33:af:ae:9e:18:83:9b:4c:ce:db:
         18:49:57:13:49:ff:44:fb:d2:1b:74:12:b4:e9:b5:10:59:b1:
         36:86:f8:db:92:34:03:93:81:dc:4c:eb:49:b3:d8:e0:ab:03:
         44:12:73:3b:13:74:ae:12:35:e9:46:8f:d0:0a:ff:1a:21:cd:
         6d:d2:91:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XBsbn6kucJkkNncEXrcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwNTExMDgwMDI5WhcNMjUwNTEyMDgwMDI5WjAzMTEwLwYDVQQD
EygzOGU2ZmRjOGQyNmNkNDc2NmY5Nzk2NDUyNTEwOWE3MWYzODYyNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz56pog8nJDPkujgyXLSfh4IunXyf
RAA7CGmdqoKGudI5coFym8b+XZ2YFYBY0Eslil+TUXppe8aOc/jbuEiCTE1aVQlP
jlKHP2eFFv1cS6mfLltCGK3cho8Iczcr6G3dqJulCf19K67x2sI3gWyd0WhU8uMH
f6VSaN8rECtODw5ar7t0XjXUGiosbIpP+VYEP/5UcXNmkIWmGVtwQPohzEapQW4Y
7eW4x/uaBeVmL9P8dGMOIPc6xh/kiFeu/UjZ8IBPE19jGiLBAgI1CtUc+iFA1/0Z
dbj8b61Vtfcd6q/4OfcIwMziF09KXZ/OP2+/kSU1BlXtD5TBw6ZoUZ/cEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjm/cjSbNR2b5eWRSUQmnHzhiX+MB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjAIFymu
33uOeWIGGVqzghQ6X88sWbMDVQvzfA0o8mu+TYTG9tAMD9JFoR7E7M/be7bg/h1+
oiP/2k07gzQMqH4poG8nOcGPnk+QgzgoEsepma8oMWJOyZw6tgWT1WE43aH4noMg
WeTbL7U9KeEVTYK04uFbEmmrxqzrKZcJUzOgxFKRLLEOBfmXyBdlp68Y4/KFtnOr
mp3uWhTxVJC1KCvkiGu9i/8PGXyuXkIW3j4FXs5r7b8zymmdW80zr66eGIObTM7b
GElXE0n/RPvSG3QStOm1EFmxNob425I0A5OB3EzrSbPY4KsDRBJzOxN0rhI16UaP
0Ar/GiHNbdKR8g==
-----END CERTIFICATE-----