Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
File:                     HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json)
Hash identifier:          1eSU+K8DvTXsDD4rTmKXvZi5zNnVSsvv2H19TVNUheE=
Subject key identifier:   3A:38:CF:B8:58:8B:08:5E:67:27:FA:AE:0D:27:F8:52:D8:2D:19:31
Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D
Certificate issuer:       /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
Certificate serial:       0198D5BBC44586A2E8B88794BE50B1B80FFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
Manifest number:          1202
Signing time:             Sat 23 Aug 2025 07:01:49 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:49 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:49 +0000
Files and hashes:         1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: TgLjtFYiWTKtafq08KXW3a4UNItI/S9ib87WvSxP67M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:c4:45:86:a2:e8:b8:87:94:be:50:b1:b8:0f:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d
        Validity
            Not Before: Aug 23 07:01:49 2025 GMT
            Not After : Aug 24 07:01:49 2025 GMT
        Subject: CN=3a38cfb8588b085e6727faae0d27f852d82d1931
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e6:84:6a:2a:47:ef:be:11:24:b3:3d:61:1b:
                    88:2f:c4:f8:9f:f1:e3:fc:91:5f:b3:24:e8:50:67:
                    73:e6:8f:a5:d3:14:47:db:7d:77:84:18:0d:52:0f:
                    73:e8:8b:be:d1:75:75:d8:26:31:7b:6e:06:1d:eb:
                    06:9d:42:30:ab:35:25:80:6b:96:4e:48:97:10:b2:
                    8d:e7:49:f9:d5:ab:c6:15:77:78:bb:20:4f:6f:e4:
                    bf:c9:34:7b:0f:27:9d:58:79:2c:fb:36:df:59:33:
                    91:79:ae:fd:bf:ad:be:35:05:a1:9e:cb:48:80:a1:
                    71:9f:01:45:0d:d5:7b:74:19:29:43:63:a7:b5:35:
                    e1:56:95:10:e9:f9:ff:d0:65:19:9c:8e:32:1a:d8:
                    b0:89:80:3d:c1:99:07:8b:da:8d:55:57:aa:1b:ea:
                    38:9b:9d:87:ac:b6:58:a1:1d:c1:61:10:1b:85:6f:
                    d3:63:c6:06:a1:85:cf:bc:2c:26:41:d4:b3:fe:a1:
                    72:19:84:7a:15:e1:e3:01:e1:e4:1a:ac:21:7c:d5:
                    5a:fb:49:8f:6c:ff:ad:fa:73:38:1d:3b:6f:44:b8:
                    80:24:b1:09:3e:52:04:66:dc:a7:e2:7a:d7:cb:a9:
                    06:1f:4c:62:d7:c0:f3:dc:6e:a6:f1:ee:c9:99:3d:
                    4c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:38:CF:B8:58:8B:08:5E:67:27:FA:AE:0D:27:F8:52:D8:2D:19:31
            X509v3 Authority Key Identifier:
                keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:ec:0c:6a:4c:93:94:86:2a:2c:60:70:8b:64:c7:a3:98:f9:
         6d:8d:6c:22:bd:4a:4d:7d:83:cc:d1:d2:a2:6e:c9:a2:ff:13:
         3e:57:5d:3c:d6:cf:65:1a:af:cf:a4:f1:74:24:7d:f1:00:d9:
         28:eb:aa:6a:f6:a2:5a:b7:20:20:ac:f6:9e:98:14:fa:3f:7d:
         e1:e7:87:fb:e5:3e:11:09:75:5e:50:a0:a0:65:ca:0a:7f:11:
         b1:b3:97:1c:fa:e6:ea:01:c7:ea:f9:c1:10:25:73:7d:79:5d:
         09:e5:1d:e1:43:cd:92:4f:07:45:d6:b2:f4:5b:29:a5:5a:db:
         2e:fe:5a:ff:76:36:8e:11:9b:96:c8:7e:3f:a0:18:46:00:5b:
         bf:8c:0e:43:99:40:05:fc:56:d6:88:ce:f4:9a:9c:fc:ac:13:
         88:4d:24:4f:75:4f:62:8e:e8:71:cb:bb:c3:d0:41:2e:ee:ac:
         47:89:57:13:5e:20:c2:03:b8:0c:8b:61:83:19:a2:bd:73:8f:
         52:88:c7:8b:0e:65:d9:c0:53:13:f1:7d:69:49:72:21:42:9a:
         0b:ce:51:82:72:1c:12:bc:31:37:09:d7:76:dc:ba:1a:3d:fa:
         45:31:ef:68:7a:c1:bc:58:db:0b:58:3d:d8:b9:52:cf:22:12:
         96:64:2d:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu8RFhqLouIeUvlCxuA/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5
MmM2OGQwHhcNMjUwODIzMDcwMTQ5WhcNMjUwODI0MDcwMTQ5WjAzMTEwLwYDVQQD
EygzYTM4Y2ZiODU4OGIwODVlNjcyN2ZhYWUwZDI3Zjg1MmQ4MmQxOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuaEaipH774RJLM9YRuIL8T4n/Hj
/JFfsyToUGdz5o+l0xRH2313hBgNUg9z6Iu+0XV12CYxe24GHesGnUIwqzUlgGuW
TkiXELKN50n51avGFXd4uyBPb+S/yTR7DyedWHks+zbfWTORea79v62+NQWhnstI
gKFxnwFFDdV7dBkpQ2OntTXhVpUQ6fn/0GUZnI4yGtiwiYA9wZkHi9qNVVeqG+o4
m52HrLZYoR3BYRAbhW/TY8YGoYXPvCwmQdSz/qFyGYR6FeHjAeHkGqwhfNVa+0mP
bP+t+nM4HTtvRLiAJLEJPlIEZtyn4nrXy6kGH0xi18Dz3G6m8e7JmT1M9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo4z7hYiwheZyf6rg0n+FLYLRkxMB8GA1UdIwQY
MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt
Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1
LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKOwMakyT
lIYqLGBwi2THo5j5bY1sIr1KTX2DzNHSom7Jov8TPlddPNbPZRqvz6TxdCR98QDZ
KOuqavaiWrcgIKz2npgU+j994eeH++U+EQl1XlCgoGXKCn8RsbOXHPrm6gHH6vnB
ECVzfXldCeUd4UPNkk8HRday9FsppVrbLv5a/3Y2jhGblsh+P6AYRgBbv4wOQ5lA
BfxW1ojO9Jqc/KwTiE0kT3VPYo7occu7w9BBLu6sR4lXE14gwgO4DIthgxmivXOP
UojHiw5l2cBTE/F9aUlyIUKaC85RgnIcErwxNwnXdty6Gj36RTHvaHrBvFjbC1g9
2LlSzyISlmQt1A==
-----END CERTIFICATE-----