Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          Cax4c7trmrUA7v8M2iEIFvpXL4nrip4/WXw1WyJZF1o=
Subject key identifier:   A5:5A:9A:E0:A2:4A:6E:F5:14:89:E6:34:F5:E4:0F:8E:99:B2:2E:A3
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       0197B70EB3647052C66B4D55CECB756C6D76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          095C
Signing time:             Sat 28 Jun 2025 15:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:23 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: pM/xMWIRpLpXBXFVKFQxFe/CsG2nT3uoinEaJ3XAkE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:b3:64:70:52:c6:6b:4d:55:ce:cb:75:6c:6d:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Jun 28 15:01:23 2025 GMT
            Not After : Jun 29 15:01:23 2025 GMT
        Subject: CN=a55a9ae0a24a6ef51489e634f5e40f8e99b22ea3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:15:4c:4d:18:1f:86:84:ea:52:9e:9f:bf:93:
                    11:86:9b:91:24:49:24:d6:ec:4b:58:31:60:2e:d8:
                    ef:af:34:d5:80:41:03:ad:fa:6c:97:08:76:84:78:
                    b7:4f:30:1d:05:d3:a4:2e:69:74:b1:6e:51:99:1b:
                    e0:c2:a7:d4:aa:46:ac:0b:a6:4c:82:4f:85:1f:01:
                    96:6b:82:2f:49:6c:34:9b:fc:12:a9:b4:ac:2c:f6:
                    ee:dc:39:ca:0c:27:11:b6:d8:dd:dd:2d:34:12:c0:
                    18:e5:3a:4e:fe:82:af:fd:31:79:0c:b0:b9:e1:9a:
                    a1:79:2b:23:f1:6a:dd:94:71:ad:79:d7:7c:55:28:
                    42:91:95:67:08:75:96:54:09:84:ab:1a:88:6f:1c:
                    6b:e0:e6:a6:e7:72:33:3c:b2:67:fb:34:44:c6:7e:
                    ed:aa:8a:e8:a2:44:19:1c:9f:fd:71:8f:cf:ba:66:
                    18:fb:84:84:71:d6:a5:3d:ed:17:f6:54:2a:d2:f2:
                    db:bf:2f:8e:9a:ce:57:b1:4c:5e:6e:f8:c1:c9:62:
                    0a:f4:21:71:f7:a6:f7:b4:48:4a:04:9f:fb:85:a0:
                    b9:85:50:04:43:ed:0f:68:77:23:9b:55:91:65:0e:
                    b3:e4:91:3b:3a:f4:ed:34:fd:98:c4:c0:c9:67:ca:
                    2b:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:5A:9A:E0:A2:4A:6E:F5:14:89:E6:34:F5:E4:0F:8E:99:B2:2E:A3
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:93:0b:59:46:87:6a:ad:12:06:28:9a:a4:8f:5b:28:67:07:
         13:0b:aa:50:55:2f:dd:a1:7a:ce:de:25:be:55:e1:26:8f:b9:
         94:51:06:d5:4e:08:cc:63:64:c7:b6:a3:0d:78:67:9a:50:2b:
         cb:91:b1:6b:b6:63:7c:88:7a:e7:9a:fb:a4:98:d8:88:6c:08:
         39:1c:10:c4:4b:fa:99:2f:c8:db:8b:7e:3a:6b:57:44:39:d8:
         22:70:66:aa:7b:44:f0:13:1d:36:d7:e7:51:04:b0:38:e7:2e:
         42:ae:79:3b:8b:da:a5:00:79:43:97:ac:51:c2:bc:55:c0:d2:
         5a:cd:6b:e1:25:a7:df:99:8c:65:55:62:95:31:4f:ca:ff:75:
         9e:96:72:5d:4b:d6:05:18:14:93:7f:0d:e2:63:4a:bd:a5:db:
         10:b7:99:6c:bc:21:74:aa:aa:6e:14:9c:73:a1:f5:03:9a:9b:
         c7:85:da:49:95:9e:bd:b9:09:c4:6f:10:c3:b4:6a:2f:1e:84:
         73:41:61:c1:ae:14:35:ff:3f:ab:7c:16:26:54:66:7b:8e:f4:
         51:5f:89:e3:ee:6a:fe:01:39:d2:8f:92:87:ec:9e:c8:ea:41:
         15:73:a7:02:1b:a2:2b:93:f0:61:8d:fc:ee:65:d4:d2:6e:62:
         af:2d:be:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DrNkcFLGa01Vzst1bG12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwNjI4MTUwMTIzWhcNMjUwNjI5MTUwMTIzWjAzMTEwLwYDVQQD
EyhhNTVhOWFlMGEyNGE2ZWY1MTQ4OWU2MzRmNWU0MGY4ZTk5YjIyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxVMTRgfhoTqUp6fv5MRhpuRJEkk
1uxLWDFgLtjvrzTVgEEDrfpslwh2hHi3TzAdBdOkLml0sW5RmRvgwqfUqkasC6ZM
gk+FHwGWa4IvSWw0m/wSqbSsLPbu3DnKDCcRttjd3S00EsAY5TpO/oKv/TF5DLC5
4ZqheSsj8WrdlHGtedd8VShCkZVnCHWWVAmEqxqIbxxr4Oam53IzPLJn+zRExn7t
qorookQZHJ/9cY/PumYY+4SEcdalPe0X9lQq0vLbvy+Oms5XsUxebvjByWIK9CFx
96b3tEhKBJ/7haC5hVAEQ+0PaHcjm1WRZQ6z5JE7OvTtNP2YxMDJZ8orkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVamuCiSm71FInmNPXkD46Zsi6jMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpMLWUaH
aq0SBiiapI9bKGcHEwuqUFUv3aF6zt4lvlXhJo+5lFEG1U4IzGNkx7ajDXhnmlAr
y5Gxa7ZjfIh655r7pJjYiGwIORwQxEv6mS/I24t+OmtXRDnYInBmqntE8BMdNtfn
UQSwOOcuQq55O4vapQB5Q5esUcK8VcDSWs1r4SWn35mMZVVilTFPyv91npZyXUvW
BRgUk38N4mNKvaXbELeZbLwhdKqqbhScc6H1A5qbx4XaSZWevbkJxG8Qw7RqLx6E
c0Fhwa4UNf8/q3wWJlRme470UV+J4+5q/gE50o+Sh+yeyOpBFXOnAhuiK5PwYY38
7mXU0m5iry2+JA==
-----END CERTIFICATE-----