Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
File:                     hgLiX_EiDtSqju94wzpyKrWIP40.mft (raw, json)
Hash identifier:          Fvsql6IbdHZmtBfCnV+H6mt7WYcuBMgXK285MxYm4HY=
Subject key identifier:   84:3D:BA:DA:28:E0:21:14:50:9E:EF:F6:98:4B:45:C7:57:AC:74:DA
Authority key identifier: 86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D
Certificate issuer:       /CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
Certificate serial:       0197B6A1CE02AA0591663DA98BFE0F7C6332
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:02:26 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:26 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:26 +0000
Files and hashes:         1: hgLiX_EiDtSqju94wzpyKrWIP40.crl (hash: w0Og/3EjfEN8y9V/j2XVM0EZXu0FPMiU6r/CtP+z/Bw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:ce:02:aa:05:91:66:3d:a9:8b:fe:0f:7c:63:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
        Validity
            Not Before: Jun 28 13:02:26 2025 GMT
            Not After : Jun 29 13:02:26 2025 GMT
        Subject: CN=843dbada28e02114509eeff6984b45c757ac74da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:18:1c:9c:05:ac:17:1e:20:86:4e:79:2e:38:
                    a4:e1:b8:ae:b3:9c:9a:a4:28:e7:a6:58:e5:5a:8b:
                    2a:26:14:c2:ba:ef:dc:f0:a2:c4:26:f4:db:25:34:
                    3c:6e:88:9f:34:ed:89:67:6e:5b:0c:fc:0a:c0:15:
                    3f:9f:82:2b:5b:9f:9e:11:57:d8:44:6d:58:54:33:
                    57:fc:96:19:fc:e0:e6:1b:f9:9b:87:53:68:d6:e0:
                    8a:77:28:68:21:fd:47:b4:93:86:07:b7:9b:ca:4a:
                    a6:65:cd:be:e1:fe:54:bd:08:d6:08:0d:a1:60:f8:
                    87:81:6c:99:4f:ad:e2:9a:f9:99:75:cc:03:e5:2a:
                    14:2e:1b:a2:17:dc:2b:7b:95:50:d2:e3:20:1f:a3:
                    04:67:36:e0:e5:58:96:55:4f:82:93:8b:d1:11:10:
                    2d:42:81:29:16:0e:65:53:b1:3a:10:02:71:f3:19:
                    ea:55:bd:42:61:7b:81:70:eb:9a:c5:5f:2d:75:19:
                    33:40:cf:78:2e:dd:27:da:29:10:62:6a:e1:7a:64:
                    51:85:27:68:b6:6a:a1:bb:f6:ea:9a:e1:8f:ab:84:
                    c6:0e:38:b3:46:a8:6a:c1:b7:1d:a5:d4:57:69:8d:
                    5c:22:d9:1a:1f:4e:84:9d:89:59:5c:f6:74:c5:f3:
                    78:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:3D:BA:DA:28:E0:21:14:50:9E:EF:F6:98:4B:45:C7:57:AC:74:DA
            X509v3 Authority Key Identifier:
                keyid:86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:23:6f:22:f3:e5:38:85:ff:f5:51:5a:7d:f7:6f:20:6d:98:
         3a:05:e1:03:36:c8:56:69:c5:a4:57:71:85:72:5c:7b:e5:c2:
         9a:c6:6a:20:c3:67:82:8a:3a:7e:c5:37:9b:69:e8:41:01:58:
         31:72:40:13:4e:d7:b0:2b:5a:ef:5d:0e:43:b3:94:b0:c5:88:
         2c:70:d6:39:53:a6:f6:83:e2:17:88:b6:6a:6a:44:a7:f1:db:
         5e:3e:c5:f8:58:c8:49:74:bd:4a:3e:46:bb:df:da:db:3a:84:
         c9:f1:0f:ed:6e:d2:c9:55:6b:59:27:42:dd:1c:5e:3c:32:6e:
         cd:fc:17:d7:ae:38:d6:63:bd:93:7c:3d:9f:34:c2:eb:06:db:
         a4:a0:0e:3c:ce:f0:f2:0f:f2:56:e1:01:14:74:69:bc:11:a3:
         20:56:51:d7:a2:1f:12:7c:6c:92:6c:09:70:8b:e6:1a:aa:41:
         c4:7a:3b:7c:b3:54:ab:83:01:54:6a:40:66:61:f9:b2:f7:61:
         a1:1e:5f:20:09:26:8d:65:2e:6e:83:aa:e0:0f:76:da:f8:c4:
         b2:25:78:7a:e0:f7:8d:1c:d2:de:ad:3b:86:1f:1f:16:67:9b:
         05:dc:2d:2e:80:5b:e2:ae:c1:ee:73:47:cd:13:5f:45:55:8b:
         92:34:50:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oc4CqgWRZj2pi/4PfGMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDJlMjVmZjEyMjBlZDRhYThlZWY3OGMzM2E3MjJhYjU4
ODNmOGQwHhcNMjUwNjI4MTMwMjI2WhcNMjUwNjI5MTMwMjI2WjAzMTEwLwYDVQQD
Eyg4NDNkYmFkYTI4ZTAyMTE0NTA5ZWVmZjY5ODRiNDVjNzU3YWM3NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixgcnAWsFx4ghk55Ljik4bius5ya
pCjnpljlWosqJhTCuu/c8KLEJvTbJTQ8boifNO2JZ25bDPwKwBU/n4IrW5+eEVfY
RG1YVDNX/JYZ/ODmG/mbh1No1uCKdyhoIf1HtJOGB7ebykqmZc2+4f5UvQjWCA2h
YPiHgWyZT63imvmZdcwD5SoULhuiF9wre5VQ0uMgH6MEZzbg5ViWVU+Ck4vRERAt
QoEpFg5lU7E6EAJx8xnqVb1CYXuBcOuaxV8tdRkzQM94Lt0n2ikQYmrhemRRhSdo
tmqhu/bqmuGPq4TGDjizRqhqwbcdpdRXaY1cItkaH06EnYlZXPZ0xfN4NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ9utoo4CEUUJ7v9phLRcdXrHTaMB8GA1UdIwQY
MBaAFIYC4l/xIg7Uqo7veMM6ciq1iD+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgt
NDgxZjQ1N2UxYjg5LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgtNDgxZjQ1N2UxYjg5
LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOCNvIvPl
OIX/9VFaffdvIG2YOgXhAzbIVmnFpFdxhXJce+XCmsZqIMNngoo6fsU3m2noQQFY
MXJAE07XsCta710OQ7OUsMWILHDWOVOm9oPiF4i2ampEp/HbXj7F+FjISXS9Sj5G
u9/a2zqEyfEP7W7SyVVrWSdC3RxePDJuzfwX16441mO9k3w9nzTC6wbbpKAOPM7w
8g/yVuEBFHRpvBGjIFZR16IfEnxskmwJcIvmGqpBxHo7fLNUq4MBVGpAZmH5svdh
oR5fIAkmjWUuboOq4A922vjEsiV4euD3jRzS3q07hh8fFmebBdwtLoBb4q7B7nNH
zRNfRVWLkjRQ+A==
-----END CERTIFICATE-----