Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          4jm9F5fyPc/neXEge2XNlxADp7ANCyu0O3zVYZJj9lc=
Subject key identifier:   AB:DC:A7:BE:03:38:B9:33:8B:82:FC:C1:89:85:19:F5:2D:E5:2D:04
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       0197B6A17510479794644244156DE0043196
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0925
Signing time:             Sat 28 Jun 2025 13:02:03 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:03 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:03 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: DAGgKpgFk3owPL8MQlO49xpQXbzTls9e0I7U9HIXqIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:75:10:47:97:94:64:42:44:15:6d:e0:04:31:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Jun 28 13:02:03 2025 GMT
            Not After : Jun 29 13:02:03 2025 GMT
        Subject: CN=abdca7be0338b9338b82fcc1898519f52de52d04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:48:fa:d3:db:42:90:70:00:ea:66:e6:5d:5f:
                    a1:b4:30:e9:96:91:a4:30:7d:c2:bb:b2:49:2d:8a:
                    df:7a:26:43:e2:70:d3:41:bc:13:0d:0b:63:38:f6:
                    28:ca:f6:7f:5f:94:c6:8c:dc:42:33:81:91:37:25:
                    e7:0c:a7:5e:65:cc:25:ae:0a:c9:03:c8:e9:c2:94:
                    8e:0a:47:d5:3c:a3:db:e9:90:73:64:16:2e:81:18:
                    ab:41:ae:91:a8:67:f3:f4:5c:ab:29:45:f7:b2:8a:
                    cb:ef:8c:31:a6:fa:94:f8:22:3d:85:ef:4a:ed:0e:
                    a7:68:3f:fd:bb:52:2e:be:fa:24:13:8f:79:14:5e:
                    7e:04:d5:37:b4:0e:e6:56:97:bb:5f:92:8a:cb:b3:
                    04:3a:37:cb:fa:e5:f6:bf:80:03:de:f0:2e:f0:86:
                    48:55:87:ba:13:c3:8b:f0:a8:76:8b:23:e9:ab:d8:
                    01:dd:99:ae:7c:7c:38:8d:b9:a5:94:82:e3:0c:f8:
                    e6:d5:f2:6b:60:59:69:aa:75:76:b6:07:af:1b:50:
                    6d:7d:d3:13:26:fb:5b:01:8b:c2:b5:c6:41:d3:18:
                    ad:de:32:12:5b:08:fc:0d:33:2c:f0:06:03:8a:42:
                    c0:6c:d3:28:c1:a4:75:0e:fc:9f:b5:a0:d5:7d:67:
                    0d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:DC:A7:BE:03:38:B9:33:8B:82:FC:C1:89:85:19:F5:2D:E5:2D:04
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:75:91:97:55:e5:ba:18:fd:2c:4c:b8:70:42:89:c5:0e:d2:
         b0:da:09:c0:0a:32:79:5f:2b:ef:4c:91:24:a1:c3:2d:9c:8d:
         61:2b:4a:ce:bb:44:88:b4:1a:ba:d8:ce:0d:d2:70:87:11:7d:
         9e:55:29:6f:5a:ca:46:80:4a:19:77:50:12:7e:6f:e5:44:3e:
         a8:8c:71:b9:85:cf:b5:81:10:46:45:c1:dd:80:1d:86:bb:e1:
         7a:00:a0:27:13:ab:48:11:7b:21:2f:e6:9a:34:ad:9e:75:ea:
         6c:bd:d9:f6:d7:dc:76:b4:ba:15:2c:81:e6:51:13:2c:44:92:
         fa:ef:2b:01:d8:46:74:df:94:c7:d7:ea:d7:a4:b6:4d:6f:3d:
         bd:77:cf:bf:51:91:6d:27:7c:e0:ae:b1:ee:32:74:b3:5b:49:
         2b:84:8d:9e:54:42:fa:3b:95:3c:b3:1c:71:d3:9e:76:83:c6:
         ca:7a:7f:cf:ee:01:64:2a:f5:47:21:38:ff:ce:4c:53:7a:61:
         68:48:62:20:44:c1:3b:62:6f:51:45:4c:52:42:9e:c1:48:ff:
         70:cf:49:26:0a:4c:39:8e:80:9e:a8:ac:82:22:64:89:0f:bc:
         7e:2a:b2:6f:19:47:c3:ee:39:dd:3b:38:18:7d:81:78:ca:6b:
         a3:6e:25:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oXUQR5eUZEJEFW3gBDGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwNjI4MTMwMjAzWhcNMjUwNjI5MTMwMjAzWjAzMTEwLwYDVQQD
EyhhYmRjYTdiZTAzMzhiOTMzOGI4MmZjYzE4OTg1MTlmNTJkZTUyZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEj609tCkHAA6mbmXV+htDDplpGk
MH3Cu7JJLYrfeiZD4nDTQbwTDQtjOPYoyvZ/X5TGjNxCM4GRNyXnDKdeZcwlrgrJ
A8jpwpSOCkfVPKPb6ZBzZBYugRirQa6RqGfz9FyrKUX3sorL74wxpvqU+CI9he9K
7Q6naD/9u1IuvvokE495FF5+BNU3tA7mVpe7X5KKy7MEOjfL+uX2v4AD3vAu8IZI
VYe6E8OL8Kh2iyPpq9gB3ZmufHw4jbmllILjDPjm1fJrYFlpqnV2tgevG1BtfdMT
JvtbAYvCtcZB0xit3jISWwj8DTMs8AYDikLAbNMowaR1DvyftaDVfWcNawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvcp74DOLkzi4L8wYmFGfUt5S0EMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj3WRl1Xl
uhj9LEy4cEKJxQ7SsNoJwAoyeV8r70yRJKHDLZyNYStKzrtEiLQautjODdJwhxF9
nlUpb1rKRoBKGXdQEn5v5UQ+qIxxuYXPtYEQRkXB3YAdhrvhegCgJxOrSBF7IS/m
mjStnnXqbL3Z9tfcdrS6FSyB5lETLESS+u8rAdhGdN+Ux9fq16S2TW89vXfPv1GR
bSd84K6x7jJ0s1tJK4SNnlRC+juVPLMccdOedoPGynp/z+4BZCr1RyE4/85MU3ph
aEhiIETBO2JvUUVMUkKewUj/cM9JJgpMOY6AnqisgiJkiQ+8fiqybxlHw+453Ts4
GH2BeMpro24lXg==
-----END CERTIFICATE-----