Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          No8xy/O4HxfkbcBex/Vskd5tSKUdZ6cFbrv6PxrEUTc=
Subject key identifier:   56:DC:65:34:34:AA:7D:9A:76:3A:6C:17:6A:A0:5D:62:74:4C:CB:79
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       0197B6A129E50CC58F688EE7D5DDC1B013A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          0456
Signing time:             Sat 28 Jun 2025 13:01:44 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:44 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:44 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: 1ozcTdGnz7Uu7CK5zizZubbuiJgLW4cIcjPOpUmIgrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:29:e5:0c:c5:8f:68:8e:e7:d5:dd:c1:b0:13:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Jun 28 13:01:44 2025 GMT
            Not After : Jun 29 13:01:44 2025 GMT
        Subject: CN=56dc653434aa7d9a763a6c176aa05d62744ccb79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:35:e8:a3:f3:81:eb:73:77:a2:14:f7:50:5a:
                    39:22:be:b7:ff:a3:89:49:d5:0b:93:a2:2d:f1:aa:
                    f3:32:49:13:ee:26:c8:7a:5c:57:71:aa:ed:5a:cd:
                    41:a2:fd:24:f3:60:36:2d:f4:a3:7a:7f:df:cc:40:
                    ad:ab:8b:2c:1a:a2:8b:b7:00:56:f7:85:ed:fd:ed:
                    d3:76:ec:33:d6:c6:0c:c1:07:e4:3a:94:35:93:98:
                    c6:8c:aa:87:9f:1e:3f:11:8d:38:7c:b1:e6:a7:88:
                    4e:5f:92:eb:e1:41:75:fe:9b:97:02:c9:53:5b:6a:
                    62:bc:5d:2c:5a:0f:50:a8:50:d6:5c:ef:29:f8:4d:
                    cd:59:87:f2:be:92:c4:a1:30:2d:70:18:45:f2:81:
                    62:ab:8c:a8:d3:02:c2:88:94:ed:6d:1d:8d:8d:2d:
                    2f:76:15:d7:9c:80:94:5c:1d:a6:fc:63:d3:54:f8:
                    ed:5a:7d:2c:33:c0:d0:e0:8e:ff:bb:aa:86:e1:b1:
                    de:d4:14:af:b0:2d:9d:cb:da:c8:b6:df:ed:36:1a:
                    bd:03:bf:3c:cb:d6:2c:c5:4b:a2:91:10:3d:94:75:
                    bd:42:e9:2f:2c:d6:c3:35:fb:cc:b8:ad:05:24:c6:
                    29:d7:14:c3:52:bb:ec:15:90:04:30:7c:88:18:59:
                    13:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:DC:65:34:34:AA:7D:9A:76:3A:6C:17:6A:A0:5D:62:74:4C:CB:79
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:bb:d8:ea:13:55:81:24:92:39:fc:a9:a8:bf:5f:33:23:a1:
         2e:1a:70:08:07:9b:f7:cc:da:dd:ab:1b:ee:0f:b2:cb:4f:a4:
         e9:bb:63:95:19:f4:24:95:93:44:b7:6d:e5:cc:00:60:11:41:
         25:48:7a:66:4b:92:f1:40:d5:97:d4:94:1c:1b:0c:cb:b1:0f:
         e9:b5:86:f9:59:f4:18:bb:f5:61:a3:10:71:a1:de:bc:d0:04:
         d9:9c:5c:23:8f:b4:23:be:51:ee:ba:f4:68:d1:05:91:b9:98:
         82:c9:96:9c:2c:95:15:48:69:64:b5:74:b2:67:22:5f:4d:ce:
         b2:96:03:33:53:d4:71:6d:1a:29:d6:c3:0b:1e:00:dd:7c:af:
         dd:28:2c:95:a4:0c:3c:b3:50:da:ca:dc:6a:72:fe:ce:cc:14:
         fa:51:ba:fd:fe:8f:ea:f5:a3:70:94:e6:ba:fc:d0:c5:cf:3c:
         2b:3f:11:a6:06:42:f5:b7:98:89:ae:03:0b:38:e0:a9:55:89:
         c6:d0:fb:43:25:4b:c4:f1:c6:b5:9a:4d:8b:78:87:fb:24:5a:
         46:54:59:21:64:da:b6:79:ca:7a:d8:7f:4e:04:ad:3f:89:a0:
         62:c5:79:b2:3c:d8:c0:f3:89:81:47:51:ea:c9:9e:27:49:b7:
         04:1c:d0:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oSnlDMWPaI7n1d3BsBOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUwNjI4MTMwMTQ0WhcNMjUwNjI5MTMwMTQ0WjAzMTEwLwYDVQQD
Eyg1NmRjNjUzNDM0YWE3ZDlhNzYzYTZjMTc2YWEwNWQ2Mjc0NGNjYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojXoo/OB63N3ohT3UFo5Ir63/6OJ
SdULk6It8arzMkkT7ibIelxXcartWs1Bov0k82A2LfSjen/fzECtq4ssGqKLtwBW
94Xt/e3Tduwz1sYMwQfkOpQ1k5jGjKqHnx4/EY04fLHmp4hOX5Lr4UF1/puXAslT
W2pivF0sWg9QqFDWXO8p+E3NWYfyvpLEoTAtcBhF8oFiq4yo0wLCiJTtbR2NjS0v
dhXXnICUXB2m/GPTVPjtWn0sM8DQ4I7/u6qG4bHe1BSvsC2dy9rItt/tNhq9A788
y9YsxUuikRA9lHW9QukvLNbDNfvMuK0FJMYp1xTDUrvsFZAEMHyIGFkTNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbcZTQ0qn2adjpsF2qgXWJ0TMt5MB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkLvY6hNV
gSSSOfypqL9fMyOhLhpwCAeb98za3asb7g+yy0+k6btjlRn0JJWTRLdt5cwAYBFB
JUh6ZkuS8UDVl9SUHBsMy7EP6bWG+Vn0GLv1YaMQcaHevNAE2ZxcI4+0I75R7rr0
aNEFkbmYgsmWnCyVFUhpZLV0smciX03OspYDM1PUcW0aKdbDCx4A3Xyv3SgslaQM
PLNQ2srcanL+zswU+lG6/f6P6vWjcJTmuvzQxc88Kz8RpgZC9beYia4DCzjgqVWJ
xtD7QyVLxPHGtZpNi3iH+yRaRlRZIWTatnnKeth/TgStP4mgYsV5sjzYwPOJgUdR
6smeJ0m3BBzQow==
-----END CERTIFICATE-----