Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          FsVpIdaExRRcDzNYt9Jr2L8jnGyg0eRjfwsK11jL488=
Subject key identifier:   6A:F1:F5:3F:88:69:0B:33:12:8D:70:3D:E3:16:C4:8E:00:40:8D:FC
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       01969E9A8EF0802C1379E1278F6DB416BFC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0894
Signing time:             Mon 05 May 2025 04:00:51 +0000
Manifest this update:     Mon 05 May 2025 04:00:51 +0000
Manifest next update:     Tue 06 May 2025 04:00:51 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: fpby6sSIfdvMt+4pNSs2Is4z/dr57aR1Bl6OFoMBFCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 04:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9e:9a:8e:f0:80:2c:13:79:e1:27:8f:6d:b4:16:bf:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: May  5 04:00:51 2025 GMT
            Not After : May  6 04:00:51 2025 GMT
        Subject: CN=6af1f53f88690b33128d703de316c48e00408dfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:67:16:22:7c:19:91:a7:10:64:06:d6:20:c9:
                    7f:2e:2d:41:4d:8f:da:29:ba:68:d1:2b:27:4e:d4:
                    0e:9a:70:15:3e:1f:1d:92:28:d6:1b:65:05:53:d1:
                    9e:62:0f:02:f3:8e:cc:06:59:42:26:7c:12:ff:e2:
                    89:89:78:2a:f0:60:96:85:50:2f:e2:6b:23:70:45:
                    12:7e:cc:5c:5b:93:6c:dd:7c:a9:ab:4d:64:ea:73:
                    2b:c3:80:18:32:66:78:21:59:0d:48:2f:75:22:88:
                    6e:a0:61:37:bc:86:94:d0:c5:c4:18:8b:65:7e:fc:
                    2c:e4:f6:ef:bd:dc:34:2a:ae:e3:f6:77:65:04:b6:
                    65:d9:e4:5f:57:ae:a5:b2:4a:68:ba:af:48:48:b9:
                    14:68:a1:9c:74:31:4f:f4:7d:74:c0:57:d8:d1:d9:
                    c7:e2:62:a4:3b:bc:87:01:6e:64:4a:bb:44:9d:99:
                    c9:57:ee:34:52:72:b5:65:f3:d2:96:d3:6e:c7:3d:
                    4a:1c:ad:ad:8a:10:74:7b:ad:74:b0:9a:81:39:4c:
                    61:24:a3:ef:b3:00:be:2d:8c:fe:1d:e8:ce:cc:40:
                    7f:1b:f9:db:1b:79:d6:2b:a3:20:1e:a8:e3:ef:20:
                    02:b3:fd:01:29:0a:17:71:88:6e:bc:df:75:c0:fc:
                    49:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F1:F5:3F:88:69:0B:33:12:8D:70:3D:E3:16:C4:8E:00:40:8D:FC
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:a8:c0:a3:79:cc:56:69:83:dc:6f:c9:2e:d1:ce:cc:cf:43:
         86:a2:e6:18:91:a4:9c:ec:90:46:88:60:19:65:7a:b6:26:90:
         1e:88:8e:ef:65:94:04:4b:1c:e3:98:fc:85:5c:03:d6:16:1f:
         c9:8a:5b:9e:69:d8:5f:ae:db:ba:63:23:b3:09:7a:06:0e:08:
         b5:75:e1:d5:bf:2c:99:66:69:a7:8f:41:f3:5e:a0:11:9e:b8:
         e1:f0:3e:d9:86:a2:89:92:2e:3f:69:24:4f:12:c6:1c:5b:8f:
         0d:f4:1f:79:de:55:ef:59:8a:21:9a:0b:07:27:4b:2b:e3:ac:
         52:0f:5b:22:a5:c9:3f:3b:68:e7:2c:a5:fe:4e:0f:d9:48:1d:
         35:1e:44:8f:92:d6:df:b6:38:d3:3f:ae:01:1b:0d:18:06:48:
         8c:26:93:3c:48:f9:0f:fb:1d:ab:c8:6d:23:4a:2b:a3:86:e9:
         1d:43:f4:2c:e4:95:02:c8:34:29:39:f3:65:2d:ba:50:dd:9a:
         8e:1b:e8:27:51:6c:e6:25:b6:ec:47:1d:48:4a:ff:6b:0e:c6:
         05:45:67:c6:37:73:b2:2d:0f:d7:67:85:6a:15:33:11:14:bc:
         39:16:00:69:d3:ca:28:e3:43:0b:8e:19:7c:bf:8c:a2:14:07:
         76:29:53:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaemo7wgCwTeeEnj220Fr/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwNTA1MDQwMDUxWhcNMjUwNTA2MDQwMDUxWjAzMTEwLwYDVQQD
Eyg2YWYxZjUzZjg4NjkwYjMzMTI4ZDcwM2RlMzE2YzQ4ZTAwNDA4ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGcWInwZkacQZAbWIMl/Li1BTY/a
Kbpo0SsnTtQOmnAVPh8dkijWG2UFU9GeYg8C847MBllCJnwS/+KJiXgq8GCWhVAv
4msjcEUSfsxcW5Ns3Xypq01k6nMrw4AYMmZ4IVkNSC91IohuoGE3vIaU0MXEGItl
fvws5Pbvvdw0Kq7j9ndlBLZl2eRfV66lskpouq9ISLkUaKGcdDFP9H10wFfY0dnH
4mKkO7yHAW5kSrtEnZnJV+40UnK1ZfPSltNuxz1KHK2tihB0e610sJqBOUxhJKPv
swC+LYz+HejOzEB/G/nbG3nWK6MgHqjj7yACs/0BKQoXcYhuvN91wPxJuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrx9T+IaQszEo1wPeMWxI4AQI38MB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6jAo3nM
VmmD3G/JLtHOzM9DhqLmGJGknOyQRohgGWV6tiaQHoiO72WUBEsc45j8hVwD1hYf
yYpbnmnYX67bumMjswl6Bg4ItXXh1b8smWZpp49B816gEZ644fA+2YaiiZIuP2kk
TxLGHFuPDfQfed5V71mKIZoLBydLK+OsUg9bIqXJPzto5yyl/k4P2UgdNR5Ej5LW
37Y40z+uARsNGAZIjCaTPEj5D/sdq8htI0oro4bpHUP0LOSVAsg0KTnzZS26UN2a
jhvoJ1Fs5iW27EcdSEr/aw7GBUVnxjdzsi0P12eFahUzERS8ORYAadPKKONDC44Z
fL+MohQHdilTBQ==
-----END CERTIFICATE-----