Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          o4br387ny1Y410hZHhi9qIA+WvrNlwL1nD/VAmScdSg=
Subject key identifier:   FD:4A:83:21:48:5F:F6:2F:ED:09:41:AC:EA:70:D7:E5:FC:0B:24:BC
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       0198D473B04C2D002414E876955C914FD004
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          09B9
Signing time:             Sat 23 Aug 2025 01:03:28 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:28 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:28 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: 3SbHv1nN3VSvvRJlTnt6SCxLs1kocy8diwfpbCTEo9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:b0:4c:2d:00:24:14:e8:76:95:5c:91:4f:d0:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Aug 23 01:03:28 2025 GMT
            Not After : Aug 24 01:03:28 2025 GMT
        Subject: CN=fd4a8321485ff62fed0941acea70d7e5fc0b24bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:04:c5:d4:45:78:e1:6f:a0:24:3f:b8:7b:5f:
                    b3:d7:bc:53:72:c4:f2:fb:9a:23:c7:67:e4:86:f8:
                    ff:53:58:78:f2:ec:bc:79:8b:d9:9c:2b:b2:79:3f:
                    15:90:bf:a8:8f:c7:88:16:ab:ac:dc:17:c9:41:f0:
                    d4:e1:03:3a:e5:e3:d8:75:00:a3:17:dd:c4:31:13:
                    f0:05:ad:d6:fe:62:f4:a5:21:79:49:35:c1:ff:9c:
                    ba:98:3d:92:d9:fe:0b:ff:0f:94:41:26:43:23:3a:
                    e6:cc:1b:e5:0d:13:ea:07:54:00:84:13:41:3a:c1:
                    e2:fe:15:dd:8e:27:c4:3a:82:1e:54:90:68:f4:be:
                    72:ec:87:03:fc:b5:5f:0c:75:18:03:b0:81:d8:df:
                    77:4d:d5:dd:1c:59:cd:69:0c:d7:bc:41:d2:08:4c:
                    8a:31:da:ed:77:dd:ab:14:41:34:19:06:b4:63:5e:
                    d3:6f:3a:11:74:1e:4b:d7:c0:4c:27:2b:6b:35:52:
                    2c:84:7c:d7:4e:d9:51:d0:13:47:5d:6f:51:06:3c:
                    72:99:17:10:4b:12:d3:4b:ef:12:7c:56:1e:86:39:
                    55:d9:be:81:77:d5:8a:b8:6e:9f:1a:fe:62:6f:32:
                    70:0f:ca:e1:e9:86:04:24:5f:7a:0f:76:e4:04:c8:
                    88:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:4A:83:21:48:5F:F6:2F:ED:09:41:AC:EA:70:D7:E5:FC:0B:24:BC
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:cb:a1:bd:c4:1f:d6:2e:2d:07:f6:64:93:ad:24:09:4f:21:
         e5:06:4b:2c:39:ef:4c:16:f3:97:4d:27:69:53:fb:fe:ab:f4:
         f3:f2:d3:2a:c9:49:29:9b:d0:01:84:71:c2:5e:10:d9:86:f2:
         e8:c1:55:be:2f:40:73:d4:36:5a:60:18:f7:0b:15:8a:38:69:
         ea:29:11:28:ba:7c:20:d6:fb:f3:4e:bb:0b:f3:71:7f:05:bd:
         bc:19:ef:0d:7a:e0:80:60:b0:92:61:df:db:5b:97:9e:74:28:
         4d:7d:c9:a1:46:28:37:27:ac:87:65:ea:a7:f3:ad:a9:c2:ef:
         5f:55:cb:e3:25:7b:49:61:2f:c9:a0:9b:be:99:aa:c3:c5:0f:
         30:44:2e:c9:b5:92:e9:e4:22:76:6d:55:75:48:fd:2a:d0:68:
         06:f7:1e:e7:cb:f1:10:49:2e:9a:c6:64:b0:e4:65:b6:52:e7:
         2b:b6:dc:0b:bc:35:b0:27:f3:68:c8:a1:6f:81:bf:7f:52:ec:
         17:2b:c9:d9:b1:12:c7:c2:61:7e:6d:35:24:21:9e:f5:d8:80:
         56:1f:37:d0:1c:15:d8:84:59:9e:ea:66:8c:cf:b1:51:e1:85:
         74:b3:b3:3f:fc:ee:ec:91:6e:1d:ed:fd:e3:fe:8f:a6:78:0c:
         ff:11:74:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc7BMLQAkFOh2lVyRT9AEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwODIzMDEwMzI4WhcNMjUwODI0MDEwMzI4WjAzMTEwLwYDVQQD
EyhmZDRhODMyMTQ4NWZmNjJmZWQwOTQxYWNlYTcwZDdlNWZjMGIyNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QTF1EV44W+gJD+4e1+z17xTcsTy
+5ojx2fkhvj/U1h48uy8eYvZnCuyeT8VkL+oj8eIFqus3BfJQfDU4QM65ePYdQCj
F93EMRPwBa3W/mL0pSF5STXB/5y6mD2S2f4L/w+UQSZDIzrmzBvlDRPqB1QAhBNB
OsHi/hXdjifEOoIeVJBo9L5y7IcD/LVfDHUYA7CB2N93TdXdHFnNaQzXvEHSCEyK
Mdrtd92rFEE0GQa0Y17TbzoRdB5L18BMJytrNVIshHzXTtlR0BNHXW9RBjxymRcQ
SxLTS+8SfFYehjlV2b6Bd9WKuG6fGv5ibzJwD8rh6YYEJF96D3bkBMiIzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1KgyFIX/Yv7QlBrOpw1+X8CyS8MB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8uhvcQf
1i4tB/Zkk60kCU8h5QZLLDnvTBbzl00naVP7/qv08/LTKslJKZvQAYRxwl4Q2Yby
6MFVvi9Ac9Q2WmAY9wsVijhp6ikRKLp8INb78067C/NxfwW9vBnvDXrggGCwkmHf
21uXnnQoTX3JoUYoNyesh2Xqp/OtqcLvX1XL4yV7SWEvyaCbvpmqw8UPMEQuybWS
6eQidm1VdUj9KtBoBvce58vxEEkumsZksORltlLnK7bcC7w1sCfzaMihb4G/f1Ls
FyvJ2bESx8Jhfm01JCGe9diAVh830BwV2IRZnupmjM+xUeGFdLOzP/zu7JFuHe39
4/6PpngM/xF0Vg==
-----END CERTIFICATE-----