Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          sDvXaaGdjJs2XVur4f3MVigl/daWd+hG8V5JzQDlvds=
Subject key identifier:   63:09:8A:28:46:7E:D1:7C:97:8C:35:00:5D:57:E6:24:87:10:80:F3
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       0197B7EABA84FC6DD8D56219090D770FBB5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0A81
Signing time:             Sat 28 Jun 2025 19:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:43 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: SO9e5XX4FMXyLCMgeuhrTUev7J1x4Ru10EC38UGrLw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:ba:84:fc:6d:d8:d5:62:19:09:0d:77:0f:bb:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Jun 28 19:01:43 2025 GMT
            Not After : Jun 29 19:01:43 2025 GMT
        Subject: CN=63098a28467ed17c978c35005d57e624871080f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d2:da:20:da:b6:01:02:2f:cc:5b:29:d1:fc:
                    69:9e:c5:54:32:b0:d8:e7:fc:78:c1:a0:74:bc:07:
                    b1:38:dd:9e:d6:ff:48:da:7b:63:c1:f2:a4:a9:60:
                    91:38:df:78:6f:7b:eb:7c:7f:20:3b:aa:b6:e3:80:
                    70:b7:c2:20:70:d7:30:db:f1:ca:7d:71:fa:70:9b:
                    81:23:af:a8:a6:62:5c:6b:84:4b:5b:c4:80:7a:8f:
                    78:93:c3:66:56:62:e9:1d:42:31:09:95:77:8a:cb:
                    8b:f5:31:db:d8:e4:97:bc:83:2c:6b:33:24:c3:97:
                    fa:ed:fb:51:67:70:67:b0:d3:13:12:57:87:e7:3d:
                    f5:bf:f8:ac:18:2d:0b:d1:a7:93:b0:20:de:8c:97:
                    64:be:74:50:1f:ec:8d:e4:9d:92:ba:80:28:59:aa:
                    4a:63:b3:4a:d0:ea:49:fd:e6:3a:9e:09:e9:1b:db:
                    f5:09:d2:42:d3:e4:24:84:da:8a:81:cb:05:9d:38:
                    af:63:d6:60:20:0d:fe:bb:40:30:ba:52:a0:92:8a:
                    aa:f1:f2:d6:b2:6c:5f:74:73:76:2d:bd:be:ad:0d:
                    74:05:1f:aa:30:b8:15:33:64:75:6c:49:5c:79:f8:
                    c4:a8:be:99:36:81:47:37:97:a4:6f:90:b4:49:9c:
                    0c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:09:8A:28:46:7E:D1:7C:97:8C:35:00:5D:57:E6:24:87:10:80:F3
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:82:37:d8:95:b1:fa:da:b2:51:39:99:a4:06:88:d3:3b:ff:
         53:cd:fb:14:bc:f4:b0:87:66:dc:46:b8:a6:a1:de:ba:3e:12:
         b4:d9:41:28:ec:a7:bf:0c:6b:ad:87:2c:f4:03:94:b8:58:c7:
         81:67:31:dd:d5:aa:ac:89:d7:3f:33:4b:78:0a:ad:10:fa:84:
         be:3b:3c:80:3c:bd:de:58:e0:76:1f:c8:79:c8:74:ab:bb:90:
         0b:0f:5e:06:e8:2a:76:10:6a:77:d6:ac:f7:72:4b:73:75:64:
         34:41:03:36:65:e3:ba:76:ca:6f:cf:95:f0:d7:ac:9d:4d:33:
         96:86:57:cd:cc:5d:48:4b:ad:66:03:0a:0b:af:3a:d5:ef:56:
         75:b4:79:70:9a:63:1a:23:97:b6:22:70:e3:11:f2:b0:38:ca:
         1c:ed:26:9c:30:2b:f5:af:01:d6:87:5c:0a:fb:59:19:a9:5d:
         04:fe:20:2f:5f:2c:34:f0:ed:9d:2f:65:f1:30:19:d3:1a:77:
         a4:08:76:79:35:63:22:22:35:0d:77:ef:59:e6:bc:ef:9c:2e:
         86:bd:ba:4e:d4:05:09:05:24:87:8f:a8:38:90:9b:1b:e6:fb:
         18:28:38:01:50:55:c7:fb:c1:ab:87:f8:3c:90:e8:27:f4:d0:
         b9:ad:01:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36rqE/G3Y1WIZCQ13D7teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUwNjI4MTkwMTQzWhcNMjUwNjI5MTkwMTQzWjAzMTEwLwYDVQQD
Eyg2MzA5OGEyODQ2N2VkMTdjOTc4YzM1MDA1ZDU3ZTYyNDg3MTA4MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9LaINq2AQIvzFsp0fxpnsVUMrDY
5/x4waB0vAexON2e1v9I2ntjwfKkqWCRON94b3vrfH8gO6q244Bwt8IgcNcw2/HK
fXH6cJuBI6+opmJca4RLW8SAeo94k8NmVmLpHUIxCZV3isuL9THb2OSXvIMsazMk
w5f67ftRZ3BnsNMTEleH5z31v/isGC0L0aeTsCDejJdkvnRQH+yN5J2SuoAoWapK
Y7NK0OpJ/eY6ngnpG9v1CdJC0+QkhNqKgcsFnTivY9ZgIA3+u0AwulKgkoqq8fLW
smxfdHN2Lb2+rQ10BR+qMLgVM2R1bElcefjEqL6ZNoFHN5ekb5C0SZwMhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMJiihGftF8l4w1AF1X5iSHEIDzMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoYI32JWx
+tqyUTmZpAaI0zv/U837FLz0sIdm3Ea4pqHeuj4StNlBKOynvwxrrYcs9AOUuFjH
gWcx3dWqrInXPzNLeAqtEPqEvjs8gDy93ljgdh/Iech0q7uQCw9eBugqdhBqd9as
93JLc3VkNEEDNmXjunbKb8+V8NesnU0zloZXzcxdSEutZgMKC6861e9WdbR5cJpj
GiOXtiJw4xHysDjKHO0mnDAr9a8B1odcCvtZGaldBP4gL18sNPDtnS9l8TAZ0xp3
pAh2eTVjIiI1DXfvWea875wuhr26TtQFCQUkh4+oOJCbG+b7GCg4AVBVx/vBq4f4
PJDoJ/TQua0BDQ==
-----END CERTIFICATE-----