Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          SDSH+unwj1B90c9hUikKNP0HxHZOEvlX76kN+vIF1VE=
Subject key identifier:   C3:6A:F5:44:77:94:EA:37:44:F4:ED:A9:F7:BF:04:09:27:6D:3A:45
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       0197B88F43684C55B89ECEF4F281C5C43E86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0A2C
Signing time:             Sat 28 Jun 2025 22:01:25 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:25 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:25 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: nA91wV2254R7mf8F2YrnKiIE4rMb0PIqQHJDjyRxF28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:43:68:4c:55:b8:9e:ce:f4:f2:81:c5:c4:3e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Jun 28 22:01:25 2025 GMT
            Not After : Jun 29 22:01:25 2025 GMT
        Subject: CN=c36af5447794ea3744f4eda9f7bf0409276d3a45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:58:d6:f9:72:5e:d7:b3:68:b9:28:46:e4:ab:
                    39:46:fe:0c:c1:59:eb:23:0e:9d:72:52:c7:08:22:
                    01:2f:ac:16:cc:5c:c2:e9:ce:ba:36:8e:b9:f6:c4:
                    1e:7b:2f:d8:3b:f5:f0:9b:30:2c:12:ac:c5:6a:93:
                    d1:bf:fe:13:e6:de:6d:d5:be:ac:bd:76:3c:7d:39:
                    15:42:b4:ea:b1:3e:c5:af:6b:64:e6:b5:26:c9:58:
                    00:62:31:42:a1:e9:fe:7a:f2:c2:8f:8c:b5:89:64:
                    bc:33:26:f6:39:fd:a3:3b:8d:5f:40:d8:f4:2a:b4:
                    ae:64:ad:09:b1:e4:14:b1:b9:09:a6:4d:d7:a8:44:
                    99:ee:98:d6:0e:c3:64:63:14:69:fc:b5:6a:5f:b6:
                    37:1b:71:a3:a8:21:9a:9d:2d:15:3c:91:de:9d:ac:
                    5d:5e:d3:33:c0:64:26:4f:42:93:e1:f5:72:f4:16:
                    20:a2:d4:bf:12:65:50:42:a8:7d:3b:86:61:75:b8:
                    08:e2:55:68:a4:c8:db:f2:f3:1b:ae:aa:59:01:c3:
                    39:db:01:f6:3d:84:72:f3:10:5d:87:65:c0:e7:94:
                    04:d7:fa:67:2b:f3:7c:fb:44:4b:98:4b:e0:1e:5b:
                    0c:b6:fc:39:bf:8a:e2:cd:6d:ee:8e:c6:fe:19:e7:
                    be:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:6A:F5:44:77:94:EA:37:44:F4:ED:A9:F7:BF:04:09:27:6D:3A:45
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d0:31:cd:47:47:06:5c:b6:69:f9:a9:cd:e2:2f:42:a6:db:
         27:06:8f:a7:a9:c1:05:e7:d9:33:b8:0c:37:1f:5c:15:fe:64:
         ca:f1:b0:9d:48:fd:7f:f8:3d:9c:1a:04:35:46:ef:01:31:4e:
         69:26:e0:66:b8:f0:fe:5c:9f:17:94:06:6d:c4:8e:b9:f0:41:
         93:43:c4:c9:4b:e5:be:1c:cf:17:c4:1b:93:d8:20:01:1d:59:
         8c:24:b5:3a:b7:f2:06:8c:16:b8:ca:89:cc:b8:a4:c9:db:c3:
         fc:45:c5:40:4f:6f:d3:e8:83:99:ce:02:34:08:75:1d:56:9a:
         f9:81:e9:f1:70:66:d2:e7:02:6a:4e:ae:01:db:b9:1e:7b:0e:
         d1:76:71:13:1f:83:88:38:a6:37:ef:3f:1c:72:60:81:b2:0f:
         cf:b5:84:63:ae:f0:b3:54:c0:8b:f2:e5:62:f7:51:28:b4:45:
         db:dd:dd:fa:00:b8:a5:cf:e5:df:85:c7:83:b1:96:a2:b3:02:
         88:1f:7c:df:9c:63:96:84:90:93:0b:30:b0:aa:3b:40:c1:c8:
         55:6f:20:f3:c1:ed:ec:50:74:94:a5:51:59:54:5a:a2:8e:7b:
         e7:eb:0d:b2:e4:48:69:00:36:7a:aa:4b:24:25:af:ca:e2:0b:
         ef:9c:d9:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j0NoTFW4ns708oHFxD6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNjI4MjIwMTI1WhcNMjUwNjI5MjIwMTI1WjAzMTEwLwYDVQQD
EyhjMzZhZjU0NDc3OTRlYTM3NDRmNGVkYTlmN2JmMDQwOTI3NmQzYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApljW+XJe17NouShG5Ks5Rv4MwVnr
Iw6dclLHCCIBL6wWzFzC6c66No659sQeey/YO/XwmzAsEqzFapPRv/4T5t5t1b6s
vXY8fTkVQrTqsT7Fr2tk5rUmyVgAYjFCoen+evLCj4y1iWS8Myb2Of2jO41fQNj0
KrSuZK0JseQUsbkJpk3XqESZ7pjWDsNkYxRp/LVqX7Y3G3GjqCGanS0VPJHenaxd
XtMzwGQmT0KT4fVy9BYgotS/EmVQQqh9O4ZhdbgI4lVopMjb8vMbrqpZAcM52wH2
PYRy8xBdh2XA55QE1/pnK/N8+0RLmEvgHlsMtvw5v4rizW3ujsb+Gee+rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNq9UR3lOo3RPTtqfe/BAknbTpFMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9AxzUdH
Bly2afmpzeIvQqbbJwaPp6nBBefZM7gMNx9cFf5kyvGwnUj9f/g9nBoENUbvATFO
aSbgZrjw/lyfF5QGbcSOufBBk0PEyUvlvhzPF8Qbk9ggAR1ZjCS1OrfyBowWuMqJ
zLikydvD/EXFQE9v0+iDmc4CNAh1HVaa+YHp8XBm0ucCak6uAdu5HnsO0XZxEx+D
iDimN+8/HHJggbIPz7WEY67ws1TAi/LlYvdRKLRF293d+gC4pc/l34XHg7GWorMC
iB9835xjloSQkwswsKo7QMHIVW8g88Ht7FB0lKVRWVRaoo575+sNsuRIaQA2eqpL
JCWvyuIL75zZfA==
-----END CERTIFICATE-----