Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          ZVnL4bRyGKXeGsQZF6qtW88wGkcj3N+Te93rC8v8iGk=
Subject key identifier:   64:8C:64:6C:27:74:55:7A:5E:1F:5C:2D:2E:50:C2:AF:6D:CB:A6:CA
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       0197B88F086942492713A7EA908EE80C1A31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          08E8
Signing time:             Sat 28 Jun 2025 22:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:10 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: rr4TZEsLCUTL5OLnKOgnBe+Fa/l117z7V0WaT9+wA3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:08:69:42:49:27:13:a7:ea:90:8e:e8:0c:1a:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Jun 28 22:01:10 2025 GMT
            Not After : Jun 29 22:01:10 2025 GMT
        Subject: CN=648c646c2774557a5e1f5c2d2e50c2af6dcba6ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:68:be:0b:79:54:8b:f3:30:72:d6:e4:a1:3c:
                    0b:1f:8f:c8:10:5e:4a:2e:c7:bf:82:7c:2a:a7:6c:
                    9a:00:92:ab:6a:5e:72:fb:99:b1:16:6d:68:80:3b:
                    48:aa:9b:fa:0c:df:b0:5b:1b:7f:7d:2b:e3:ff:0b:
                    b1:7f:51:0a:b4:f1:ba:fa:f0:bd:29:c8:7f:76:5a:
                    e5:88:ed:a4:de:73:8a:72:26:ab:33:d1:5c:0c:81:
                    da:0b:4e:4d:fb:ec:b5:12:d4:1f:e5:56:51:f4:35:
                    fd:99:06:a5:e8:61:cb:a0:1d:e9:16:cc:35:70:9a:
                    0f:ba:92:12:8b:89:5f:9e:e8:d7:29:a8:db:f9:8d:
                    cb:39:eb:0c:3c:9d:f2:31:a7:cc:43:69:d4:43:51:
                    d1:5e:fe:cc:bd:76:81:13:2b:74:57:7b:cc:56:be:
                    bc:8f:9f:fa:6f:87:c7:2d:e4:49:4a:60:28:f7:24:
                    2f:10:c3:62:a3:97:bd:48:4e:fb:a8:78:29:14:9c:
                    5a:77:a8:82:df:d9:59:09:e8:51:00:86:21:eb:2b:
                    b6:2c:ed:26:01:d7:ab:e3:ed:72:51:29:6d:8b:28:
                    7f:64:5c:52:57:84:5c:65:66:88:0e:81:de:05:66:
                    ab:6d:1c:6b:28:f6:94:62:15:58:2a:8e:0b:a0:4c:
                    c0:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8C:64:6C:27:74:55:7A:5E:1F:5C:2D:2E:50:C2:AF:6D:CB:A6:CA
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:85:60:91:cf:d8:96:7c:05:6c:fa:b2:c5:6a:f6:fd:10:ba:
         53:3e:10:db:e7:f1:c8:73:74:5f:5c:f0:64:2f:49:b1:96:27:
         a7:23:57:f4:94:e6:2d:81:6c:8e:05:e4:3b:6d:4a:4f:f1:51:
         10:1d:99:69:22:36:79:4b:ad:db:7b:10:7f:a5:0f:11:7e:12:
         50:28:d9:ce:a6:15:e4:d4:54:4c:24:9b:08:e5:47:7b:ba:26:
         ca:9e:1b:34:79:61:d6:c9:eb:52:82:59:4a:89:5d:d3:8c:93:
         de:c4:70:16:47:92:33:16:60:03:88:cc:0b:aa:e8:ba:e2:df:
         70:cb:cc:0b:19:1b:c7:ce:56:db:47:82:8f:bb:6d:da:5f:f0:
         0b:0f:ae:bd:40:68:a3:28:e5:df:2a:93:5f:57:34:40:76:fd:
         d5:f4:ac:a9:9d:95:06:e4:33:a9:11:7a:ff:48:f9:c6:54:2b:
         18:ca:fb:b2:b7:62:30:e0:05:6c:6b:88:91:49:5a:49:d3:da:
         fa:10:de:f1:ab:54:8c:48:4f:36:fe:da:c8:54:16:0b:67:88:
         a5:78:aa:67:c1:53:9c:dc:3d:0e:ef:39:41:db:e4:81:6f:db:
         e1:c4:2d:eb:a9:e8:1b:89:d2:49:57:b7:e2:57:eb:c1:4c:e6:
         86:05:3f:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jwhpQkknE6fqkI7oDBoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjUwNjI4MjIwMTEwWhcNMjUwNjI5MjIwMTEwWjAzMTEwLwYDVQQD
Eyg2NDhjNjQ2YzI3NzQ1NTdhNWUxZjVjMmQyZTUwYzJhZjZkY2JhNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumi+C3lUi/MwctbkoTwLH4/IEF5K
Lse/gnwqp2yaAJKral5y+5mxFm1ogDtIqpv6DN+wWxt/fSvj/wuxf1EKtPG6+vC9
Kch/dlrliO2k3nOKciarM9FcDIHaC05N++y1EtQf5VZR9DX9mQal6GHLoB3pFsw1
cJoPupISi4lfnujXKajb+Y3LOesMPJ3yMafMQ2nUQ1HRXv7MvXaBEyt0V3vMVr68
j5/6b4fHLeRJSmAo9yQvEMNio5e9SE77qHgpFJxad6iC39lZCehRAIYh6yu2LO0m
Ader4+1yUSltiyh/ZFxSV4RcZWaIDoHeBWarbRxrKPaUYhVYKo4LoEzAiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSMZGwndFV6Xh9cLS5Qwq9ty6bKMB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYVgkc/Y
lnwFbPqyxWr2/RC6Uz4Q2+fxyHN0X1zwZC9JsZYnpyNX9JTmLYFsjgXkO21KT/FR
EB2ZaSI2eUut23sQf6UPEX4SUCjZzqYV5NRUTCSbCOVHe7omyp4bNHlh1snrUoJZ
Sold04yT3sRwFkeSMxZgA4jMC6rouuLfcMvMCxkbx85W20eCj7tt2l/wCw+uvUBo
oyjl3yqTX1c0QHb91fSsqZ2VBuQzqRF6/0j5xlQrGMr7srdiMOAFbGuIkUlaSdPa
+hDe8atUjEhPNv7ayFQWC2eIpXiqZ8FTnNw9Du85QdvkgW/b4cQt66noG4nSSVe3
4lfrwUzmhgU/3w==
-----END CERTIFICATE-----