Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
File:                     GHRUZrThRoMLlit0kG2xxtCB_HA.mft (raw, json)
Hash identifier:          MaMzFCily9ICqXTnZnfOz7r4CpyapemZxTswj6yF4cY=
Subject key identifier:   E8:E6:2F:BD:C9:E5:28:7E:45:92:DD:F6:D5:81:39:28:2B:21:29:FD
Authority key identifier: 18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70
Certificate issuer:       /CN=18745466b4e146830b962b74906db1c6d081fc70
Certificate serial:       0196C1CB9EC4CE6BC4F154BDBFC98D74E65B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
Manifest number:          14FC
Signing time:             Mon 12 May 2025 00:01:08 +0000
Manifest this update:     Mon 12 May 2025 00:01:08 +0000
Manifest next update:     Tue 13 May 2025 00:01:08 +0000
Files and hashes:         1: GHRUZrThRoMLlit0kG2xxtCB_HA.crl (hash: xq9U+Sp5xvnJEvYUioRllvNe+i0c6LnyzTznmZH2Lzs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 00:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:cb:9e:c4:ce:6b:c4:f1:54:bd:bf:c9:8d:74:e6:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18745466b4e146830b962b74906db1c6d081fc70
        Validity
            Not Before: May 12 00:01:08 2025 GMT
            Not After : May 13 00:01:08 2025 GMT
        Subject: CN=e8e62fbdc9e5287e4592ddf6d58139282b2129fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:3d:6e:f7:73:89:b6:89:3c:f9:e8:c4:4f:0e:
                    22:49:c8:34:46:04:09:e6:85:59:9f:48:07:b6:bf:
                    d6:ab:9e:01:1e:0f:6c:80:b7:5c:73:2e:32:d6:46:
                    f4:25:94:55:80:e9:e0:a6:6d:c0:f2:be:8d:db:a2:
                    68:6e:cc:6b:38:10:27:68:53:6a:c7:fb:89:e7:9b:
                    af:d1:9e:08:17:2e:1d:dc:1d:0a:a1:cf:1a:02:2c:
                    99:ea:73:8f:dc:b0:a0:ef:49:e5:e2:bf:ab:d6:f9:
                    e3:29:be:b1:9b:70:af:28:29:85:94:98:ea:c0:53:
                    5d:aa:c9:8c:80:7d:12:61:9d:08:2d:0a:ae:a2:c9:
                    c3:d6:9e:26:61:bc:3a:ba:6d:69:7d:a8:94:68:96:
                    6d:b2:28:df:69:93:d5:09:2d:37:31:cd:04:74:ee:
                    5b:8a:7e:a2:1e:f8:4d:8f:17:74:8f:f9:6b:1e:ad:
                    35:1a:5d:01:4d:29:72:11:b9:ba:20:09:e4:9e:7d:
                    19:96:90:70:ce:0c:9f:86:4e:d3:00:f3:a1:df:b2:
                    67:fb:09:14:1a:39:8d:05:79:c0:71:f1:4c:bb:90:
                    85:85:db:b8:c9:88:32:3e:ac:9a:7c:df:50:61:5c:
                    b9:32:2d:9f:76:58:e6:a8:53:85:73:2b:24:13:6a:
                    0c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E6:2F:BD:C9:E5:28:7E:45:92:DD:F6:D5:81:39:28:2B:21:29:FD
            X509v3 Authority Key Identifier:
                keyid:18:74:54:66:B4:E1:46:83:0B:96:2B:74:90:6D:B1:C6:D0:81:FC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHRUZrThRoMLlit0kG2xxtCB_HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/7b981c-01e3-4895-bf1f-f1fc0541c649/1/GHRUZrThRoMLlit0kG2xxtCB_HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:95:cc:82:9d:72:f7:a0:fe:dc:2c:d1:df:7c:03:5d:8d:d7:
         97:fa:46:f2:3c:fa:18:a6:52:b5:1b:9f:14:dd:98:19:01:7f:
         15:ec:e3:c3:f9:4f:a2:d2:a7:5f:de:de:9a:56:06:89:ac:71:
         08:1a:71:52:8e:20:6c:6a:2a:50:5a:6d:0f:11:f5:a8:70:2a:
         71:e6:cc:44:92:34:71:d2:79:bb:72:2c:77:97:c0:b7:43:e5:
         16:c3:8a:05:df:0b:5e:a6:a6:b7:8e:e8:f6:9d:35:48:7e:40:
         c4:ab:c8:16:b4:55:db:cd:05:e4:02:6d:b2:11:64:0a:1e:ef:
         ea:eb:7e:cb:c2:2f:37:bf:5e:e3:bc:80:ef:8f:66:aa:20:67:
         d7:1d:7a:e2:75:c4:44:39:fb:5c:b4:f6:0b:ee:98:47:b9:59:
         6b:84:e6:e5:7b:ef:16:d0:da:d8:b4:7c:42:13:35:24:3f:69:
         20:fc:6a:0a:26:66:b9:e7:23:5b:c3:88:fd:e8:c6:fe:0e:f0:
         23:0c:b3:a3:1f:50:3c:9d:98:54:70:47:63:3c:e8:c0:73:27:
         bc:fb:cd:90:52:8d:2b:6c:2a:9f:67:85:04:dc:b3:98:c6:3d:
         be:37:72:11:fd:66:2b:0b:10:ea:ad:02:79:f7:e8:c8:da:b9:
         9f:8e:b4:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBy57EzmvE8VS9v8mNdOZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzQ1NDY2YjRlMTQ2ODMwYjk2MmI3NDkwNmRiMWM2ZDA4
MWZjNzAwHhcNMjUwNTEyMDAwMTA4WhcNMjUwNTEzMDAwMTA4WjAzMTEwLwYDVQQD
EyhlOGU2MmZiZGM5ZTUyODdlNDU5MmRkZjZkNTgxMzkyODJiMjEyOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6D1u93OJtok8+ejETw4iScg0RgQJ
5oVZn0gHtr/Wq54BHg9sgLdccy4y1kb0JZRVgOngpm3A8r6N26JobsxrOBAnaFNq
x/uJ55uv0Z4IFy4d3B0Koc8aAiyZ6nOP3LCg70nl4r+r1vnjKb6xm3CvKCmFlJjq
wFNdqsmMgH0SYZ0ILQquosnD1p4mYbw6um1pfaiUaJZtsijfaZPVCS03Mc0EdO5b
in6iHvhNjxd0j/lrHq01Gl0BTSlyEbm6IAnknn0ZlpBwzgyfhk7TAPOh37Jn+wkU
GjmNBXnAcfFMu5CFhdu4yYgyPqyafN9QYVy5Mi2fdljmqFOFcyskE2oMDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjmL73J5Sh+RZLd9tWBOSgrISn9MB8GA1UdIwQY
MBaAFBh0VGa04UaDC5YrdJBtscbQgfxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYt
ZjFmYzA1NDFjNjQ5LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83Yjk4MWMtMDFlMy00ODk1LWJmMWYtZjFmYzA1NDFjNjQ5
LzEvR0hSVVpyVGhSb01MbGl0MGtHMnh4dENCX0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpXMgp1y
96D+3CzR33wDXY3Xl/pG8jz6GKZStRufFN2YGQF/Fezjw/lPotKnX97emlYGiaxx
CBpxUo4gbGoqUFptDxH1qHAqcebMRJI0cdJ5u3Isd5fAt0PlFsOKBd8LXqamt47o
9p01SH5AxKvIFrRV280F5AJtshFkCh7v6ut+y8IvN79e47yA749mqiBn1x164nXE
RDn7XLT2C+6YR7lZa4Tm5XvvFtDa2LR8QhM1JD9pIPxqCiZmuecjW8OI/ejG/g7w
Iwyzox9QPJ2YVHBHYzzowHMnvPvNkFKNK2wqn2eFBNyzmMY9vjdyEf1mKwsQ6q0C
effoyNq5n460mQ==
-----END CERTIFICATE-----