Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          P1TkW8/X0DeeTrCzbMCJlFToD7Qy4wkvHKUtdhoijUQ=
Subject key identifier:   1B:85:AE:1A:1C:B1:C0:01:C9:DB:D3:61:4D:53:1E:AD:F5:8B:3E:3F
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       0197B77CDC1536B326B208A8D942120BAAD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          0172
Signing time:             Sat 28 Jun 2025 17:01:42 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:42 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:42 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: /bdN5THeKtDHN2NlzmmxHxYgejzVXS8ImY1EfqxHWTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:dc:15:36:b3:26:b2:08:a8:d9:42:12:0b:aa:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Jun 28 17:01:42 2025 GMT
            Not After : Jun 29 17:01:42 2025 GMT
        Subject: CN=1b85ae1a1cb1c001c9dbd3614d531eadf58b3e3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3b:ac:70:07:39:e1:0e:4c:a8:40:e5:34:10:
                    dc:4c:36:b7:be:98:0c:83:63:62:06:88:91:b0:83:
                    ec:48:f9:0d:6e:76:73:b1:f8:e7:88:46:22:be:28:
                    f0:40:34:8b:46:18:35:fb:24:36:ae:1c:67:eb:25:
                    fe:1f:f0:42:c0:67:0c:a5:00:9c:3c:07:21:5d:75:
                    f0:83:cc:33:8e:d2:75:c6:e4:e8:4a:aa:fc:6e:4e:
                    dc:07:58:19:7d:75:3a:3e:46:49:78:e3:f1:40:db:
                    ee:6d:79:f9:12:27:e7:32:35:ae:9e:cc:9b:49:61:
                    80:5c:2c:f0:87:1c:73:2e:32:6d:7e:1a:95:9d:01:
                    8f:34:40:71:bf:b7:c6:9c:85:d5:2c:84:69:88:a0:
                    ee:8c:f8:1e:a9:0c:eb:0c:63:47:aa:ab:4b:1f:7e:
                    75:7d:1e:bb:c2:62:75:29:77:66:72:79:91:75:48:
                    8d:b9:2c:5e:92:ba:75:e8:73:2a:c5:ba:6b:23:ad:
                    71:8e:46:df:8d:c4:ef:0e:70:13:8e:93:e0:67:3a:
                    7f:3e:26:b5:53:b2:03:df:3a:93:00:ba:d6:39:84:
                    f7:41:33:51:53:cd:32:f2:7b:9a:7e:fe:85:95:c1:
                    1b:0e:57:19:88:4a:ff:1e:a7:67:27:30:09:63:1a:
                    a1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:85:AE:1A:1C:B1:C0:01:C9:DB:D3:61:4D:53:1E:AD:F5:8B:3E:3F
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:34:5e:53:e6:e5:61:26:7e:c9:95:b1:d8:23:92:29:66:5f:
         91:c5:2a:8e:bd:0e:55:6a:0c:74:94:17:4d:7b:dc:05:68:67:
         9f:a6:5e:11:ac:63:91:c3:e5:33:97:5e:32:29:7d:13:cc:d0:
         95:6f:92:59:e3:db:0d:06:fb:0f:cb:98:70:5b:d8:b1:52:b0:
         00:b1:58:48:86:94:fd:e7:b9:5d:e0:2a:89:ce:76:48:51:87:
         71:e7:2e:51:04:f3:b4:d1:3b:ca:59:45:a3:5b:e4:72:bd:21:
         b8:d2:f7:d1:6a:3c:20:dc:fd:a5:dd:70:ed:d0:d1:f4:0c:dc:
         cf:28:9e:e0:53:da:a1:dd:08:2d:20:db:14:48:94:cc:41:2a:
         de:67:42:cb:64:f8:2b:db:3c:19:0d:6e:5d:65:8b:74:17:bf:
         9d:1d:92:42:03:9c:67:09:91:a4:37:77:4e:a9:c6:4b:34:f6:
         ad:c5:09:2e:ef:b8:2d:12:fa:0c:8f:76:dc:c1:8a:42:c1:40:
         ec:e8:88:d2:8f:0c:f1:17:1b:47:f5:94:4f:83:99:c9:5b:30:
         0d:05:9b:f9:c2:d4:73:f1:38:66:74:e2:8b:b4:af:05:5b:34:
         cf:e6:99:81:e4:73:8c:c5:ef:eb:45:3b:2c:d2:72:34:44:3f:
         1c:d7:7f:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fNwVNrMmsgio2UISC6rYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwNjI4MTcwMTQyWhcNMjUwNjI5MTcwMTQyWjAzMTEwLwYDVQQD
EygxYjg1YWUxYTFjYjFjMDAxYzlkYmQzNjE0ZDUzMWVhZGY1OGIzZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTuscAc54Q5MqEDlNBDcTDa3vpgM
g2NiBoiRsIPsSPkNbnZzsfjniEYivijwQDSLRhg1+yQ2rhxn6yX+H/BCwGcMpQCc
PAchXXXwg8wzjtJ1xuToSqr8bk7cB1gZfXU6PkZJeOPxQNvubXn5EifnMjWunsyb
SWGAXCzwhxxzLjJtfhqVnQGPNEBxv7fGnIXVLIRpiKDujPgeqQzrDGNHqqtLH351
fR67wmJ1KXdmcnmRdUiNuSxekrp16HMqxbprI61xjkbfjcTvDnATjpPgZzp/Pia1
U7ID3zqTALrWOYT3QTNRU80y8nuafv6FlcEbDlcZiEr/HqdnJzAJYxqhIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuFrhocscABydvTYU1THq31iz4/MB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDReU+bl
YSZ+yZWx2COSKWZfkcUqjr0OVWoMdJQXTXvcBWhnn6ZeEaxjkcPlM5deMil9E8zQ
lW+SWePbDQb7D8uYcFvYsVKwALFYSIaU/ee5XeAqic52SFGHcecuUQTztNE7yllF
o1vkcr0huNL30Wo8INz9pd1w7dDR9Azczyie4FPaod0ILSDbFEiUzEEq3mdCy2T4
K9s8GQ1uXWWLdBe/nR2SQgOcZwmRpDd3TqnGSzT2rcUJLu+4LRL6DI923MGKQsFA
7OiI0o8M8RcbR/WUT4OZyVswDQWb+cLUc/E4ZnTii7SvBVs0z+aZgeRzjMXv60U7
LNJyNEQ/HNd/kg==
-----END CERTIFICATE-----