Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          TOApv/tjgxCqeZmIG4J0RdaFpWaiXy9buEa/Y9+KSNg=
Subject key identifier:   DC:9A:B9:B3:DD:DA:11:E1:B2:BD:6A:52:2C:B8:12:2A:F8:98:57:CE
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       0198D4E07F2CCEFED0131B8666EFDEFA46FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          09F0
Signing time:             Sat 23 Aug 2025 03:02:18 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:18 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:18 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: ctWG/LKalsuvNOrlyp4+rKOcTFtEiH1epjFtIOPBbfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:7f:2c:ce:fe:d0:13:1b:86:66:ef:de:fa:46:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Aug 23 03:02:18 2025 GMT
            Not After : Aug 24 03:02:18 2025 GMT
        Subject: CN=dc9ab9b3ddda11e1b2bd6a522cb8122af89857ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:23:42:30:38:2d:47:0e:54:6e:32:cc:ef:d9:
                    35:8b:79:28:ca:62:d1:1d:94:10:cb:cd:f3:6d:10:
                    0a:27:2c:4a:39:49:be:78:f1:bd:1a:a8:32:85:be:
                    c7:60:4c:a3:1a:15:f5:b1:38:2a:1e:1a:37:80:86:
                    9e:bf:2c:1e:73:99:8f:13:1e:c0:ea:49:52:06:11:
                    55:77:63:31:75:3e:2e:1b:07:a0:33:54:f2:49:c1:
                    36:7f:3f:5c:55:33:b9:94:18:3e:63:9f:57:fa:66:
                    9a:9c:fa:6d:d4:9e:3a:b0:5c:1e:99:49:78:fa:00:
                    ab:e5:89:1e:77:3a:44:b4:e5:bb:01:db:4c:27:4f:
                    dd:63:9e:69:16:0a:58:c4:12:3f:ac:55:9d:fb:21:
                    d9:35:7e:38:c5:52:c3:a0:e0:69:de:fb:eb:36:fa:
                    6c:9f:a8:de:81:18:65:34:b4:a9:d1:02:4b:3f:cd:
                    b5:7b:a8:c4:ef:f8:8a:c1:5b:cc:41:d4:8a:8b:f5:
                    ff:56:88:c5:e3:e2:ed:29:a5:d4:dc:d3:1a:46:88:
                    ab:b4:2a:f8:7b:de:1a:f6:74:b0:9f:e1:06:ce:85:
                    47:1c:aa:cc:12:a0:a0:4f:c8:f3:07:9a:3d:3f:54:
                    52:75:a5:1b:d7:7c:e6:02:7a:49:6e:d5:45:b5:ea:
                    b8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9A:B9:B3:DD:DA:11:E1:B2:BD:6A:52:2C:B8:12:2A:F8:98:57:CE
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:c8:5a:77:62:a0:cf:bd:89:31:09:61:42:64:78:b1:7f:06:
         5c:80:2d:ee:ae:d3:8d:c6:8a:4a:d8:6b:3c:25:bd:21:ef:81:
         74:c7:09:06:0f:5b:94:55:5d:f7:f9:21:b6:72:29:f9:c8:47:
         9a:6e:0d:3b:d4:08:40:99:80:99:02:f2:ab:99:bc:75:00:4d:
         9d:c8:98:ff:ad:d9:96:13:79:85:3d:4b:d0:e3:d1:c7:72:b3:
         91:df:10:43:a6:fe:df:31:e3:01:c7:ce:56:c8:04:52:b5:8e:
         1e:8e:31:4a:53:b4:ce:eb:fb:16:f8:9b:4b:3a:e0:13:28:8f:
         8b:29:91:1f:8f:dc:03:7d:20:4f:c9:cd:c5:09:1d:b6:c2:67:
         c0:5a:9b:97:5b:de:9d:9f:5d:6e:41:fa:20:be:bc:3d:b5:ed:
         d8:d3:3f:90:71:cc:9e:2a:7f:70:1d:12:61:16:65:27:e7:30:
         15:f5:36:c3:53:3d:20:99:14:30:42:70:fa:5b:c7:d3:a4:a3:
         93:d2:93:35:66:af:b2:73:1c:e1:71:a1:d6:d3:8e:b7:1f:bd:
         5b:e3:2d:c5:dd:a0:4f:d8:23:7b:bc:bd:50:2a:49:31:9a:96:
         b0:13:60:08:9c:cf:f2:51:e1:ef:b8:07:3f:95:9b:b2:04:a5:
         05:c8:0c:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4H8szv7QExuGZu/e+kb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwODIzMDMwMjE4WhcNMjUwODI0MDMwMjE4WjAzMTEwLwYDVQQD
EyhkYzlhYjliM2RkZGExMWUxYjJiZDZhNTIyY2I4MTIyYWY4OTg1N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SNCMDgtRw5UbjLM79k1i3koymLR
HZQQy83zbRAKJyxKOUm+ePG9Gqgyhb7HYEyjGhX1sTgqHho3gIaevywec5mPEx7A
6klSBhFVd2MxdT4uGwegM1TyScE2fz9cVTO5lBg+Y59X+maanPpt1J46sFwemUl4
+gCr5YkedzpEtOW7AdtMJ0/dY55pFgpYxBI/rFWd+yHZNX44xVLDoOBp3vvrNvps
n6jegRhlNLSp0QJLP821e6jE7/iKwVvMQdSKi/X/VojF4+LtKaXU3NMaRoirtCr4
e94a9nSwn+EGzoVHHKrMEqCgT8jzB5o9P1RSdaUb13zmAnpJbtVFteq4LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyaubPd2hHhsr1qUiy4Eir4mFfOMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALchad2Kg
z72JMQlhQmR4sX8GXIAt7q7TjcaKSthrPCW9Ie+BdMcJBg9blFVd9/khtnIp+chH
mm4NO9QIQJmAmQLyq5m8dQBNnciY/63ZlhN5hT1L0OPRx3Kzkd8QQ6b+3zHjAcfO
VsgEUrWOHo4xSlO0zuv7FvibSzrgEyiPiymRH4/cA30gT8nNxQkdtsJnwFqbl1ve
nZ9dbkH6IL68PbXt2NM/kHHMnip/cB0SYRZlJ+cwFfU2w1M9IJkUMEJw+lvH06Sj
k9KTNWavsnMc4XGh1tOOtx+9W+Mtxd2gT9gje7y9UCpJMZqWsBNgCJzP8lHh77gH
P5WbsgSlBcgMkQ==
-----END CERTIFICATE-----