Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
File:                     hgLiX_EiDtSqju94wzpyKrWIP40.mft (raw, json)
Hash identifier:          qZdB9+IK+0ilh86eNmymNlcEirAl6sIXz48XoGwzbnI=
Subject key identifier:   D9:74:47:3A:36:60:FF:9E:FC:9B:A1:9A:C1:64:3B:19:42:A1:1A:B8
Authority key identifier: 86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D
Certificate issuer:       /CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
Certificate serial:       0198D65F3D933A2BD52B983EA32BD53B1FDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
Manifest number:          FE
Signing time:             Sat 23 Aug 2025 10:00:22 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:22 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:22 +0000
Files and hashes:         1: hgLiX_EiDtSqju94wzpyKrWIP40.crl (hash: vnj0rR389bL1VFoR+kzk+OTb4nC4W4QP079rzWuWZJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:3d:93:3a:2b:d5:2b:98:3e:a3:2b:d5:3b:1f:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d
        Validity
            Not Before: Aug 23 10:00:22 2025 GMT
            Not After : Aug 24 10:00:22 2025 GMT
        Subject: CN=d974473a3660ff9efc9ba19ac1643b1942a11ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1b:67:40:71:0f:4a:1c:f2:8f:06:0c:3a:95:
                    de:7d:77:e0:35:93:f3:1e:b9:9e:0d:c9:90:80:d8:
                    dd:5d:a6:d7:be:f2:39:b6:38:9d:58:69:29:0e:27:
                    b4:93:b3:b2:fd:22:8f:57:eb:14:40:52:fb:9c:80:
                    3f:8b:3c:4f:26:c8:22:5e:45:74:87:39:05:bf:35:
                    5f:d4:b7:6e:1d:2f:34:2f:0a:73:e2:80:bd:ab:13:
                    2d:c3:fb:75:44:f1:7c:da:e2:92:f8:73:22:ac:c4:
                    6b:63:92:b2:7d:b5:d2:8f:8a:79:cd:49:27:e9:d9:
                    9c:f7:ff:f1:dd:8b:bf:12:23:54:bf:0e:e4:fd:1c:
                    c8:d5:4f:c5:c3:c4:d9:53:93:87:f9:97:af:00:91:
                    c7:55:75:3c:53:8e:5a:77:81:53:62:47:3e:6b:9c:
                    da:d4:b2:f8:dc:bf:1d:35:99:97:1c:00:5d:10:45:
                    61:5c:10:9e:a0:4f:5d:0b:7c:dc:af:2c:f3:51:a1:
                    7a:b8:d4:04:44:37:47:d3:e2:4c:05:c8:10:5f:f2:
                    72:96:bf:07:cc:a8:f6:79:22:9a:85:53:bc:89:21:
                    54:73:b7:44:78:27:b5:f3:f9:9c:0a:99:c0:9d:fb:
                    8d:29:51:8a:ee:ea:87:7e:55:be:96:25:bb:cf:58:
                    df:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:74:47:3A:36:60:FF:9E:FC:9B:A1:9A:C1:64:3B:19:42:A1:1A:B8
            X509v3 Authority Key Identifier:
                keyid:86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:5d:cc:a2:93:b5:b9:1d:49:00:89:ca:cd:0f:2e:4c:2e:d5:
         17:2d:27:a8:27:02:cc:92:8e:eb:a4:a2:5e:d4:ef:3c:34:43:
         a5:d8:07:79:89:48:24:8f:db:db:f3:0c:50:57:b7:43:f5:d8:
         5f:07:0d:3b:4a:05:b7:a2:6f:ea:02:8b:0e:e6:f0:09:df:5e:
         50:b8:80:52:de:25:5d:d6:02:70:04:89:de:21:28:3f:8d:37:
         c8:ef:60:fb:3f:8f:1a:d7:9d:1c:32:ab:4d:a2:92:e6:a2:1c:
         49:97:c2:b7:27:62:a9:50:05:60:a5:05:23:f1:09:60:1c:90:
         04:e0:15:0a:13:a3:55:af:12:b7:03:24:29:fd:71:77:3d:99:
         3d:fc:37:f7:3a:d3:53:c3:b2:18:e1:18:89:59:56:a8:73:7f:
         d4:ed:f0:35:bf:58:d3:e6:2d:0f:f2:5e:be:f4:5e:27:ca:4f:
         e7:db:c2:7a:63:15:53:dd:69:52:58:7b:ed:c3:61:63:ed:dd:
         f4:01:23:e0:e2:e5:ff:59:bf:1d:b6:65:2a:46:10:59:9d:09:
         bc:b3:27:1c:5a:fb:63:e9:c0:1a:2f:b7:e6:c1:04:56:7c:f5:
         ea:8d:ce:58:b7:8c:11:be:b1:10:98:7e:61:c2:92:eb:e2:c9:
         5c:29:3d:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXz2TOivVK5g+oyvVOx/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDJlMjVmZjEyMjBlZDRhYThlZWY3OGMzM2E3MjJhYjU4
ODNmOGQwHhcNMjUwODIzMTAwMDIyWhcNMjUwODI0MTAwMDIyWjAzMTEwLwYDVQQD
EyhkOTc0NDczYTM2NjBmZjllZmM5YmExOWFjMTY0M2IxOTQyYTExYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhtnQHEPShzyjwYMOpXefXfgNZPz
HrmeDcmQgNjdXabXvvI5tjidWGkpDie0k7Oy/SKPV+sUQFL7nIA/izxPJsgiXkV0
hzkFvzVf1LduHS80Lwpz4oC9qxMtw/t1RPF82uKS+HMirMRrY5KyfbXSj4p5zUkn
6dmc9//x3Yu/EiNUvw7k/RzI1U/Fw8TZU5OH+ZevAJHHVXU8U45ad4FTYkc+a5za
1LL43L8dNZmXHABdEEVhXBCeoE9dC3zcryzzUaF6uNQERDdH0+JMBcgQX/Jylr8H
zKj2eSKahVO8iSFUc7dEeCe18/mcCpnAnfuNKVGK7uqHflW+liW7z1jfAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNl0Rzo2YP+e/JuhmsFkOxlCoRq4MB8GA1UdIwQY
MBaAFIYC4l/xIg7Uqo7veMM6ciq1iD+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgt
NDgxZjQ1N2UxYjg5LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgtNDgxZjQ1N2UxYjg5
LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ13MopO1
uR1JAInKzQ8uTC7VFy0nqCcCzJKO66SiXtTvPDRDpdgHeYlIJI/b2/MMUFe3Q/XY
XwcNO0oFt6Jv6gKLDubwCd9eULiAUt4lXdYCcASJ3iEoP403yO9g+z+PGtedHDKr
TaKS5qIcSZfCtydiqVAFYKUFI/EJYByQBOAVChOjVa8StwMkKf1xdz2ZPfw39zrT
U8OyGOEYiVlWqHN/1O3wNb9Y0+YtD/JevvReJ8pP59vCemMVU91pUlh77cNhY+3d
9AEj4OLl/1m/HbZlKkYQWZ0JvLMnHFr7Y+nAGi+35sEEVnz16o3OWLeMEb6xEJh+
YcKS6+LJXCk9XA==
-----END CERTIFICATE-----