Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
File:                     hUYhlvWiZe4_S4kOKGZyQCCNO68.mft (raw, json)
Hash identifier:          Ha0+y+bx40odTPSibW4EwX2y7lD2ngP6ZwZyiclhHuE=
Subject key identifier:   5B:DF:D6:14:49:8D:43:AC:9A:04:10:4C:0C:EE:61:0B:DF:B8:84:76
Authority key identifier: 85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF
Certificate issuer:       /CN=85462196f5a265ee3f4b890e28667240208d3baf
Certificate serial:       0197BD10DBBAE4A5DBC9E96C5DCC207958AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
Manifest number:          03F7
Signing time:             Sun 29 Jun 2025 19:01:28 +0000
Manifest this update:     Sun 29 Jun 2025 19:01:28 +0000
Manifest next update:     Mon 30 Jun 2025 19:01:28 +0000
Files and hashes:         1: hUYhlvWiZe4_S4kOKGZyQCCNO68.crl (hash: Li/03m0PxChUJ0P8Fhu5Z/pQUKc1xiNbKTPSfPMo4ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bd:10:db:ba:e4:a5:db:c9:e9:6c:5d:cc:20:79:58:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85462196f5a265ee3f4b890e28667240208d3baf
        Validity
            Not Before: Jun 29 19:01:28 2025 GMT
            Not After : Jun 30 19:01:28 2025 GMT
        Subject: CN=5bdfd614498d43ac9a04104c0cee610bdfb88476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:3d:d8:46:0d:4c:11:9b:63:d3:5a:e6:5f:a5:
                    24:02:ee:06:27:c0:8f:85:ac:d4:3f:00:29:21:6e:
                    e9:0d:b3:d4:d1:af:1f:68:8c:71:83:10:9f:02:4d:
                    d0:ce:b8:03:4f:11:bb:0e:8f:ae:41:b6:a7:c5:a9:
                    1a:76:be:17:7d:e4:9e:8e:b4:08:7a:a4:33:c3:97:
                    14:7b:97:8d:d4:36:7f:00:bc:47:0c:23:70:10:94:
                    17:63:88:d0:42:ba:32:1a:e3:fe:36:f6:4d:53:ef:
                    06:3d:66:11:d7:83:a5:4e:9a:0a:ea:2a:51:40:e4:
                    53:81:2f:20:63:ec:02:d7:90:ff:5d:63:f1:4c:d5:
                    98:1c:44:77:5a:36:16:6b:b1:fc:85:0a:e8:93:47:
                    bb:4f:8f:7e:cf:63:1c:92:61:2f:65:d3:7a:fc:cc:
                    b2:73:27:16:1f:6b:5e:95:32:46:8f:ac:60:f6:79:
                    bc:4c:7f:0a:6a:70:e8:54:56:69:c5:9a:2d:82:04:
                    8f:cc:06:09:38:0a:87:54:a6:2f:3a:5d:57:01:c6:
                    d0:cd:59:b0:16:24:b6:79:3e:ff:df:5f:f1:47:a3:
                    28:e6:13:8c:b4:3c:3e:b0:64:1f:e3:a8:1b:f4:f1:
                    94:3d:1d:e4:b1:3b:7d:06:86:01:4b:df:8f:2f:ad:
                    2f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DF:D6:14:49:8D:43:AC:9A:04:10:4C:0C:EE:61:0B:DF:B8:84:76
            X509v3 Authority Key Identifier:
                keyid:85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:f6:62:a1:58:9a:6c:5b:e7:b7:83:ef:3b:14:59:6d:62:c0:
         ee:c9:bb:42:d6:e5:88:60:81:0c:0f:55:75:c5:c3:1d:44:50:
         1c:28:21:7c:98:93:02:5f:7a:4e:41:9c:3a:27:ba:3f:94:74:
         23:41:f7:57:59:2f:a5:5a:49:1f:cd:ee:85:39:35:f2:7c:e7:
         3f:27:71:0b:5c:57:d7:13:7d:04:da:7b:30:06:87:37:5c:7b:
         2e:74:d1:27:3b:23:e5:69:26:fa:e7:19:2a:f0:ae:b6:da:17:
         be:33:a0:f6:93:cd:ac:e2:b7:a3:c2:58:d0:d4:d9:23:01:16:
         01:b0:f2:d6:42:c9:f3:62:1b:80:d6:bf:ca:25:07:6a:03:e6:
         8b:ec:81:a8:a6:fa:0a:5c:0e:fb:3e:72:64:0c:12:75:e7:c1:
         fe:0f:4f:d1:0e:1f:48:d2:57:b0:85:ed:93:c1:ec:0b:19:14:
         de:73:57:59:60:20:b6:22:dd:9a:6a:9a:6a:dc:37:83:8b:30:
         d4:76:69:f9:72:74:5d:9c:a2:25:c2:42:ea:5e:1c:af:63:83:
         bb:75:dd:f0:cc:e1:76:37:20:95:b1:e8:c4:18:8f:0c:2f:7e:
         b5:57:ea:e1:38:09:9a:33:d8:e3:87:10:41:86:97:71:59:aa:
         34:5f:6a:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe9ENu65KXbyelsXcwgeViuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYyMTk2ZjVhMjY1ZWUzZjRiODkwZTI4NjY3MjQwMjA4
ZDNiYWYwHhcNMjUwNjI5MTkwMTI4WhcNMjUwNjMwMTkwMTI4WjAzMTEwLwYDVQQD
Eyg1YmRmZDYxNDQ5OGQ0M2FjOWEwNDEwNGMwY2VlNjEwYmRmYjg4NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij3YRg1MEZtj01rmX6UkAu4GJ8CP
hazUPwApIW7pDbPU0a8faIxxgxCfAk3QzrgDTxG7Do+uQbanxakadr4XfeSejrQI
eqQzw5cUe5eN1DZ/ALxHDCNwEJQXY4jQQroyGuP+NvZNU+8GPWYR14OlTpoK6ipR
QORTgS8gY+wC15D/XWPxTNWYHER3WjYWa7H8hQrok0e7T49+z2MckmEvZdN6/Myy
cycWH2telTJGj6xg9nm8TH8KanDoVFZpxZotggSPzAYJOAqHVKYvOl1XAcbQzVmw
FiS2eT7/31/xR6Mo5hOMtDw+sGQf46gb9PGUPR3ksTt9BoYBS9+PL60vaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvf1hRJjUOsmgQQTAzuYQvfuIR2MB8GA1UdIwQY
MBaAFIVGIZb1omXuP0uJDihmckAgjTuvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQt
YWE2NDM0ZTU0ZjM5LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQtYWE2NDM0ZTU0ZjM5
LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACPZioVia
bFvnt4PvOxRZbWLA7sm7QtbliGCBDA9VdcXDHURQHCghfJiTAl96TkGcOie6P5R0
I0H3V1kvpVpJH83uhTk18nznPydxC1xX1xN9BNp7MAaHN1x7LnTRJzsj5Wkm+ucZ
KvCuttoXvjOg9pPNrOK3o8JY0NTZIwEWAbDy1kLJ82IbgNa/yiUHagPmi+yBqKb6
ClwO+z5yZAwSdefB/g9P0Q4fSNJXsIXtk8HsCxkU3nNXWWAgtiLdmmqaatw3g4sw
1HZp+XJ0XZyiJcJC6l4cr2ODu3Xd8MzhdjcglbHoxBiPDC9+tVfq4TgJmjPY44cQ
QYaXcVmqNF9q0w==
-----END CERTIFICATE-----