Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          FIDJMCrbnBrWMNMdBkaLi/0zkJ8rlAzj/LcDva3RWr0=
Subject key identifier:   74:AE:66:CE:93:6A:D9:E4:76:D2:6D:58:AF:0A:A7:E3:C2:0E:27:13
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       0197C2374E80B90B0BBE9CC63C8BE5A77F66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          15B7
Signing time:             Mon 30 Jun 2025 19:01:33 +0000
Manifest this update:     Mon 30 Jun 2025 19:01:33 +0000
Manifest next update:     Tue 01 Jul 2025 19:01:33 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: ob5WqVT4CfM3HXyO7x9/CZ5kUZ+Hu0nmyArHThqwto8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 19:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c2:37:4e:80:b9:0b:0b:be:9c:c6:3c:8b:e5:a7:7f:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Jun 30 19:01:33 2025 GMT
            Not After : Jul  1 19:01:33 2025 GMT
        Subject: CN=74ae66ce936ad9e476d26d58af0aa7e3c20e2713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5e:0d:c9:96:40:bc:61:bc:aa:c3:f7:a1:6b:
                    4d:96:27:3a:5e:69:81:a9:b3:aa:1c:4f:b9:63:79:
                    25:0b:71:76:02:64:3f:32:27:31:69:79:8f:0b:43:
                    78:db:c9:ab:5a:00:51:d2:06:7c:4b:1d:53:10:51:
                    65:f1:c0:32:f4:a7:6e:8d:62:74:25:ee:6d:6b:2a:
                    ee:e3:e6:18:c5:d8:65:b6:fb:52:03:67:5c:05:09:
                    21:bc:d9:be:7e:52:b0:ad:5f:fb:f7:3c:58:47:cd:
                    c6:31:f5:e1:be:26:9a:27:8b:de:08:09:cf:77:60:
                    e9:5b:ff:5b:56:d6:d8:18:b0:84:7e:e6:41:96:c2:
                    1a:5e:ee:19:25:61:0d:82:ee:58:37:30:4c:14:4f:
                    1b:f0:b3:35:29:da:66:88:c7:48:80:f2:66:bd:51:
                    ce:c6:05:d4:63:d0:f3:34:8c:7b:c6:0c:b0:1c:de:
                    48:56:57:9f:3e:dc:0c:8c:0e:b7:2f:b8:88:2e:27:
                    a4:ec:87:70:e6:a4:44:ac:7a:3a:5a:bb:61:69:63:
                    c7:d0:5e:33:c8:56:c2:0b:0f:d8:79:99:4f:d0:ca:
                    7f:a7:30:f6:b5:66:15:14:3b:e0:04:47:e6:31:61:
                    59:b2:bd:64:2d:82:52:40:80:65:1c:c5:13:92:fe:
                    1f:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:AE:66:CE:93:6A:D9:E4:76:D2:6D:58:AF:0A:A7:E3:C2:0E:27:13
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:7f:7f:ab:67:3c:75:59:72:b3:ca:60:46:a4:d5:56:d3:95:
         af:78:f7:4f:05:10:2c:1f:bb:c6:72:06:4a:84:db:6f:e6:16:
         06:97:83:ea:fa:ec:c6:57:8e:5b:09:43:a0:69:c4:3c:3c:f5:
         9d:1a:c2:8b:92:e6:3a:cf:ad:98:2e:47:16:42:8a:3c:5e:5b:
         5b:a3:e9:76:6e:5a:86:c9:ad:27:95:e4:00:ef:3a:09:e4:16:
         d2:51:77:be:60:d9:0f:d2:f2:43:32:55:19:b7:3f:1e:57:86:
         3b:1d:35:f8:f3:e3:f3:09:8a:cd:00:99:59:c7:63:70:02:fe:
         ae:01:32:a8:c5:06:8a:89:ec:77:a7:b9:ab:c0:d9:3d:39:97:
         82:2d:b9:ac:66:8f:f7:55:41:a5:56:2a:c6:1e:df:79:cd:a6:
         31:55:9c:b2:a3:75:cc:93:20:c8:c4:e2:19:e9:d3:3d:e7:f0:
         24:95:4c:60:44:59:24:d8:3a:a5:e7:d4:ec:86:35:8b:cb:4c:
         6c:7b:e5:79:d1:84:44:13:95:af:5d:91:6d:48:26:f3:3d:90:
         cc:04:f4:a8:58:f1:7f:dc:46:80:6b:74:01:85:0c:95:e6:a1:
         82:78:0c:fb:71:e8:a3:47:cf:64:4c:c4:33:b8:92:00:ec:e6:
         f7:18:0a:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfCN06AuQsLvpzGPIvlp39mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUwNjMwMTkwMTMzWhcNMjUwNzAxMTkwMTMzWjAzMTEwLwYDVQQD
Eyg3NGFlNjZjZTkzNmFkOWU0NzZkMjZkNThhZjBhYTdlM2MyMGUyNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V4NyZZAvGG8qsP3oWtNlic6XmmB
qbOqHE+5Y3klC3F2AmQ/MicxaXmPC0N428mrWgBR0gZ8Sx1TEFFl8cAy9KdujWJ0
Je5tayru4+YYxdhltvtSA2dcBQkhvNm+flKwrV/79zxYR83GMfXhviaaJ4veCAnP
d2DpW/9bVtbYGLCEfuZBlsIaXu4ZJWENgu5YNzBMFE8b8LM1KdpmiMdIgPJmvVHO
xgXUY9DzNIx7xgywHN5IVlefPtwMjA63L7iILiek7Idw5qRErHo6WrthaWPH0F4z
yFbCCw/YeZlP0Mp/pzD2tWYVFDvgBEfmMWFZsr1kLYJSQIBlHMUTkv4fBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSuZs6TatnkdtJtWK8Kp+PCDicTMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe39/q2c8
dVlys8pgRqTVVtOVr3j3TwUQLB+7xnIGSoTbb+YWBpeD6vrsxleOWwlDoGnEPDz1
nRrCi5LmOs+tmC5HFkKKPF5bW6Ppdm5ahsmtJ5XkAO86CeQW0lF3vmDZD9LyQzJV
Gbc/HleGOx01+PPj8wmKzQCZWcdjcAL+rgEyqMUGionsd6e5q8DZPTmXgi25rGaP
91VBpVYqxh7fec2mMVWcsqN1zJMgyMTiGenTPefwJJVMYERZJNg6pefU7IY1i8tM
bHvledGERBOVr12RbUgm8z2QzAT0qFjxf9xGgGt0AYUMleahgngM+3Hoo0fPZEzE
M7iSAOzm9xgKCg==
-----END CERTIFICATE-----