Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          suu2cVirJlHbt0LdKuy21JsZOxCneHWS3Gx0dAED314=
Subject key identifier:   73:17:70:A2:9E:00:AF:24:82:A2:2E:98:3F:7E:F6:05:99:11:81:E9
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       0197B7B37C00C7C04CFCD7C257780D56F190
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          06E4
Signing time:             Sat 28 Jun 2025 18:01:22 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:22 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:22 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: 0vQ8DjGvagPKICRoKEouA2XVJkt5LoPDlfMOTj5TLJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:7c:00:c7:c0:4c:fc:d7:c2:57:78:0d:56:f1:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Jun 28 18:01:22 2025 GMT
            Not After : Jun 29 18:01:22 2025 GMT
        Subject: CN=731770a29e00af2482a22e983f7ef605991181e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:d3:97:1d:b8:5b:18:42:f7:3f:9d:c1:c6:ee:
                    e7:97:c9:54:fa:b6:ed:15:f3:2c:f8:7f:e9:71:07:
                    f1:73:e4:1b:0b:1d:1b:a5:48:d8:e6:2e:e4:9f:da:
                    25:00:44:8d:b1:ec:70:83:b2:5e:44:2c:86:ff:dd:
                    b4:8d:2c:e4:4a:28:0f:c0:16:92:51:36:3d:44:8a:
                    f1:ae:07:4a:76:f5:42:89:7e:9c:1e:1b:ed:db:6e:
                    4b:34:b9:54:aa:51:5a:43:7c:2e:4a:81:4b:5b:2d:
                    52:e4:12:32:c0:cc:3f:51:22:53:c6:75:94:af:db:
                    9e:6a:85:5b:3c:fe:58:61:fb:41:10:ce:c6:9c:c8:
                    3b:18:84:0f:a7:55:52:20:42:2e:fa:be:21:a6:e7:
                    f3:45:c6:a5:8d:79:7e:52:30:90:f1:5f:42:49:56:
                    b0:36:88:8e:de:b7:50:10:7c:9e:da:cb:60:e0:44:
                    26:65:33:fc:9c:8f:fb:60:54:44:d7:cb:96:75:6a:
                    79:ee:b2:89:66:02:54:f6:41:ec:f1:98:6b:e9:b6:
                    28:28:8c:a0:bb:7a:f0:ba:72:c0:91:c4:29:87:e7:
                    24:f0:ce:94:ab:ff:db:2f:c0:75:2c:3c:cd:78:0f:
                    3f:a5:db:08:ae:45:02:94:9f:83:dc:6f:a2:78:8e:
                    3f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:17:70:A2:9E:00:AF:24:82:A2:2E:98:3F:7E:F6:05:99:11:81:E9
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:90:02:0e:0f:45:51:90:48:ba:13:78:12:a6:00:1e:85:d3:
         28:56:63:f6:50:f9:d6:98:d6:b2:62:0c:d8:e1:07:6d:06:aa:
         c2:2b:5c:a2:b2:6d:db:5c:71:76:4c:67:ce:a0:83:6d:a4:32:
         8b:85:35:54:b6:75:c3:93:65:4c:f8:fc:8e:2a:77:ea:55:5e:
         bd:3b:c6:8a:d8:c3:eb:50:db:cc:fd:89:c1:85:56:47:fa:d3:
         7d:fe:23:58:44:a6:b7:50:e3:5f:d0:c7:2b:83:ce:bc:75:b8:
         3b:04:cd:2f:5b:d0:8a:46:75:5d:34:07:c9:b2:41:ed:af:7e:
         15:03:d9:df:52:9f:56:09:df:63:47:20:8a:c8:29:be:61:16:
         8a:a8:08:9a:12:43:c6:ee:fe:ef:0e:65:17:58:a7:18:a1:30:
         3d:78:0a:c0:0c:e1:07:0b:81:56:50:5f:70:5f:ef:4a:2d:a8:
         18:36:d3:38:92:75:2f:24:28:77:dd:2a:a0:87:c6:e5:12:28:
         cb:30:5a:bb:f8:fe:d9:37:32:1d:c5:17:42:57:58:c1:61:18:
         0e:5f:93:63:03:85:aa:89:57:fd:e4:f5:2f:2a:bc:34:33:f3:
         c9:f4:1b:bc:37:47:c2:7a:a6:7e:cf:13:3d:5d:7a:a7:3f:ee:
         3c:7d:3f:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s3wAx8BM/NfCV3gNVvGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUwNjI4MTgwMTIyWhcNMjUwNjI5MTgwMTIyWjAzMTEwLwYDVQQD
Eyg3MzE3NzBhMjllMDBhZjI0ODJhMjJlOTgzZjdlZjYwNTk5MTE4MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdOXHbhbGEL3P53Bxu7nl8lU+rbt
FfMs+H/pcQfxc+QbCx0bpUjY5i7kn9olAESNsexwg7JeRCyG/920jSzkSigPwBaS
UTY9RIrxrgdKdvVCiX6cHhvt225LNLlUqlFaQ3wuSoFLWy1S5BIywMw/USJTxnWU
r9ueaoVbPP5YYftBEM7GnMg7GIQPp1VSIEIu+r4hpufzRcaljXl+UjCQ8V9CSVaw
NoiO3rdQEHye2stg4EQmZTP8nI/7YFRE18uWdWp57rKJZgJU9kHs8Zhr6bYoKIyg
u3rwunLAkcQph+ck8M6Uq//bL8B1LDzNeA8/pdsIrkUClJ+D3G+ieI4//wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMXcKKeAK8kgqIumD9+9gWZEYHpMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABJACDg9F
UZBIuhN4EqYAHoXTKFZj9lD51pjWsmIM2OEHbQaqwitcorJt21xxdkxnzqCDbaQy
i4U1VLZ1w5NlTPj8jip36lVevTvGitjD61DbzP2JwYVWR/rTff4jWESmt1DjX9DH
K4POvHW4OwTNL1vQikZ1XTQHybJB7a9+FQPZ31KfVgnfY0cgisgpvmEWiqgImhJD
xu7+7w5lF1inGKEwPXgKwAzhBwuBVlBfcF/vSi2oGDbTOJJ1LyQod90qoIfG5RIo
yzBau/j+2TcyHcUXQldYwWEYDl+TYwOFqolX/eT1Lyq8NDPzyfQbvDdHwnqmfs8T
PV16pz/uPH0/MA==
-----END CERTIFICATE-----