Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          OC0lwgF3Feubz1wClcuYj2ecLICdLClTJJqxzceTixw=
Subject key identifier:   95:D4:14:F8:25:09:49:20:60:7B:71:F9:4E:2D:B0:9B:6C:81:B1:9C
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       0197B89077A48B0CC95D4E75D84905A42AA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:02:44 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:44 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:44 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: /9G6W9e+b+9qaylNt91uMobfsuI+AfxAHPCoPS/4Lec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:77:a4:8b:0c:c9:5d:4e:75:d8:49:05:a4:2a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Jun 28 22:02:44 2025 GMT
            Not After : Jun 29 22:02:44 2025 GMT
        Subject: CN=95d414f825094920607b71f94e2db09b6c81b19c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9e:85:c9:a1:fb:30:46:a9:29:d5:f1:0f:f5:
                    27:9f:67:2f:77:b2:44:e8:80:83:2d:76:50:8a:15:
                    e6:e4:80:68:7c:d6:1a:f3:eb:1c:8c:2a:ec:14:9b:
                    c4:a6:80:84:ee:0f:2d:07:98:e7:91:46:53:46:54:
                    29:3f:d4:12:31:1c:ce:1d:34:87:a2:f7:fb:d2:4e:
                    db:5d:0a:b1:8b:a8:78:9e:f2:c3:93:f5:84:17:e4:
                    21:f6:c1:23:58:ab:33:66:23:f2:26:f1:2b:b2:3c:
                    6b:2a:49:a4:3b:45:26:b6:ba:d4:2b:16:e8:25:61:
                    35:58:b7:8a:67:79:73:02:f0:29:b4:86:dd:ef:71:
                    ba:ac:a3:fd:a6:fa:e8:eb:3d:00:9b:ee:c2:61:6c:
                    ca:c6:6c:e2:a2:2a:e5:f0:b3:e1:f9:e9:9f:d8:b7:
                    95:6e:9d:a8:7e:2a:a9:7f:a6:d7:51:32:9e:e1:f0:
                    a3:14:df:a3:6e:e0:4d:18:66:39:43:69:30:d3:55:
                    b1:b4:34:cc:11:a7:33:2d:97:2c:a4:fd:8d:36:de:
                    34:d3:08:d2:27:d3:fd:58:f4:fe:11:7b:24:2b:9e:
                    b5:c9:3f:c8:bf:eb:0f:fb:47:18:8e:4a:d4:1a:54:
                    14:b4:0c:cf:28:97:6e:bc:8f:45:1e:eb:79:c1:39:
                    a9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D4:14:F8:25:09:49:20:60:7B:71:F9:4E:2D:B0:9B:6C:81:B1:9C
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:ba:29:c2:6d:8f:12:d5:6a:71:49:07:b3:ad:d1:a4:79:1e:
         31:e0:b6:d5:f2:49:f6:95:0a:49:ca:75:18:77:ef:e7:ef:da:
         9f:f5:b4:da:a0:98:b9:5a:21:b7:4b:1a:16:e5:4a:26:e8:8a:
         f9:80:3b:f0:94:9e:f6:c5:f0:57:82:31:dd:c3:89:66:b4:2c:
         f3:b7:c2:ca:17:13:50:c7:69:2e:d2:c7:e5:e1:4a:6c:fc:8a:
         fc:49:2f:0d:04:f9:f2:23:11:04:65:d9:dd:05:9c:6c:80:d4:
         8b:85:39:12:a4:69:77:93:ea:73:59:6c:ee:f9:14:9e:99:40:
         f5:1b:6d:96:7d:c5:61:c8:c8:ae:81:52:11:0f:fb:17:34:d3:
         14:9a:45:10:6d:dd:ec:27:68:04:00:43:77:34:90:61:c3:74:
         50:5f:2b:b5:3a:24:32:7c:ae:d6:95:60:8e:49:2b:61:1e:61:
         dc:02:09:25:f4:07:87:74:8a:3f:73:37:9f:32:65:1c:a7:54:
         ca:e4:f9:4f:1d:95:0b:49:08:a7:dd:ee:e8:1a:00:1e:97:24:
         b3:56:75:26:ca:e1:1c:01:31:48:60:fe:b4:75:d2:07:57:f3:
         d2:4e:ac:7e:25:23:8f:c7:df:7b:b8:ab:7c:b2:54:b3:db:83:
         9b:53:6e:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kHekiwzJXU512EkFpCqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjUwNjI4MjIwMjQ0WhcNMjUwNjI5MjIwMjQ0WjAzMTEwLwYDVQQD
Eyg5NWQ0MTRmODI1MDk0OTIwNjA3YjcxZjk0ZTJkYjA5YjZjODFiMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ6FyaH7MEapKdXxD/Unn2cvd7JE
6ICDLXZQihXm5IBofNYa8+scjCrsFJvEpoCE7g8tB5jnkUZTRlQpP9QSMRzOHTSH
ovf70k7bXQqxi6h4nvLDk/WEF+Qh9sEjWKszZiPyJvErsjxrKkmkO0UmtrrUKxbo
JWE1WLeKZ3lzAvAptIbd73G6rKP9pvro6z0Am+7CYWzKxmzioirl8LPh+emf2LeV
bp2ofiqpf6bXUTKe4fCjFN+jbuBNGGY5Q2kw01WxtDTMEaczLZcspP2NNt400wjS
J9P9WPT+EXskK561yT/Iv+sP+0cYjkrUGlQUtAzPKJduvI9FHut5wTmp7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXUFPglCUkgYHtx+U4tsJtsgbGcMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLopwm2P
EtVqcUkHs63RpHkeMeC21fJJ9pUKScp1GHfv5+/an/W02qCYuVoht0saFuVKJuiK
+YA78JSe9sXwV4Ix3cOJZrQs87fCyhcTUMdpLtLH5eFKbPyK/EkvDQT58iMRBGXZ
3QWcbIDUi4U5EqRpd5Pqc1ls7vkUnplA9Rttln3FYcjIroFSEQ/7FzTTFJpFEG3d
7CdoBABDdzSQYcN0UF8rtTokMnyu1pVgjkkrYR5h3AIJJfQHh3SKP3M3nzJlHKdU
yuT5Tx2VC0kIp93u6BoAHpcks1Z1JsrhHAExSGD+tHXSB1fz0k6sfiUjj8ffe7ir
fLJUs9uDm1Nu3w==
-----END CERTIFICATE-----