Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
File:                     hqSVrmh0HnnVjjiGviqoeMSME7Y.mft (raw, json)
Hash identifier:          on4pdI2tH7SMJCK0/gqWG5+7cEwXCf7D7PVTICWHmcM=
Subject key identifier:   7C:44:EF:BE:45:0A:3E:EA:12:C0:6F:30:0F:A2:B5:A2:4D:7E:87:59
Authority key identifier: 86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6
Certificate issuer:       /CN=86a495ae68741e79d58e3886be2aa878c48c13b6
Certificate serial:       0197B77CCED89FC1E5A8111C2BC3FDBAC033
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 17:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:39 +0000
Files and hashes:         1: hqSVrmh0HnnVjjiGviqoeMSME7Y.crl (hash: 5Zdx+MKZRoF61jsJuImU1dcAnxkp/pVCKg1e8rdojhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:ce:d8:9f:c1:e5:a8:11:1c:2b:c3:fd:ba:c0:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a495ae68741e79d58e3886be2aa878c48c13b6
        Validity
            Not Before: Jun 28 17:01:39 2025 GMT
            Not After : Jun 29 17:01:39 2025 GMT
        Subject: CN=7c44efbe450a3eea12c06f300fa2b5a24d7e8759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:81:b3:c9:88:10:23:b4:57:0d:57:e4:a2:b2:
                    54:17:18:91:1a:bb:a3:cc:69:83:27:29:ce:94:7c:
                    4f:c3:e2:fa:31:5d:66:37:79:75:18:79:4f:aa:1d:
                    f5:99:67:1f:50:a9:92:46:f2:5b:8c:ee:9c:6a:94:
                    23:58:cc:98:03:e4:69:53:9a:d6:65:ab:fc:e3:a7:
                    e6:83:a2:81:5a:75:9e:47:1f:40:68:84:47:84:23:
                    32:ba:d5:1e:de:f1:99:18:27:5f:fe:a8:ab:86:e3:
                    bc:2c:1b:19:1f:d1:b5:90:74:43:45:8f:2b:db:2a:
                    77:83:fb:4c:a2:9c:1a:8d:7b:4c:0c:21:32:6f:4e:
                    4e:8c:49:2a:85:04:2d:ee:db:f4:21:70:fb:ef:3e:
                    f2:c1:c2:bc:c5:38:1f:c2:e6:be:4c:74:91:60:7a:
                    80:63:50:fd:5f:b9:40:a4:44:76:b1:17:63:6e:ad:
                    23:16:bd:d8:97:44:f9:c6:13:aa:10:52:3f:30:3f:
                    71:9f:58:03:af:f8:05:11:0e:bd:87:6e:f1:3d:3e:
                    03:e3:57:2d:0f:75:68:84:d7:86:7f:f1:d1:09:16:
                    47:fd:87:19:97:a0:a5:14:41:04:ff:11:bd:67:8d:
                    34:63:51:7d:4b:01:e0:90:79:0f:a3:91:0e:97:38:
                    08:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:44:EF:BE:45:0A:3E:EA:12:C0:6F:30:0F:A2:B5:A2:4D:7E:87:59
            X509v3 Authority Key Identifier:
                keyid:86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:80:01:4d:54:2d:b1:4b:79:e3:32:d9:c3:0c:e8:50:71:
         fe:02:bd:eb:b1:78:5f:4f:eb:28:55:d7:f6:c3:e3:2f:d5:64:
         e0:00:8b:15:69:60:33:72:63:1b:7a:e2:df:c4:45:79:ac:cc:
         e1:80:b6:57:26:74:69:c2:9a:c8:47:3b:15:2c:3b:08:1b:b0:
         a3:ae:bd:c6:ea:36:5c:57:41:aa:25:b7:4d:62:b0:68:e5:09:
         ba:cd:2f:07:bf:ee:22:da:f7:4c:c4:fc:7a:40:3e:99:df:71:
         b2:17:6e:ce:ce:a2:7e:4d:bc:c8:c8:54:82:a0:25:83:3d:da:
         0c:ed:e1:10:c4:60:10:ea:70:da:e5:64:9e:4f:dc:66:48:c7:
         d2:01:1b:14:56:c6:69:8b:5d:45:89:3e:9a:ac:39:0e:b2:c3:
         22:c5:e3:e2:7c:42:1f:2c:66:df:55:20:2d:06:69:d3:55:6b:
         53:9c:a2:c3:b5:e8:d0:ad:ea:ee:78:00:8c:a0:1e:9c:02:34:
         45:a5:62:9c:45:ae:63:9c:24:b9:74:37:40:4f:35:57:29:c2:
         32:0d:f2:70:ba:c1:91:06:9b:b6:00:e4:bd:64:32:8d:b8:7a:
         66:0f:74:e6:86:0e:fa:74:a1:9c:c9:2d:76:6b:b4:45:f3:08:
         a7:0e:50:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fM7Yn8HlqBEcK8P9usAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTQ5NWFlNjg3NDFlNzlkNThlMzg4NmJlMmFhODc4YzQ4
YzEzYjYwHhcNMjUwNjI4MTcwMTM5WhcNMjUwNjI5MTcwMTM5WjAzMTEwLwYDVQQD
Eyg3YzQ0ZWZiZTQ1MGEzZWVhMTJjMDZmMzAwZmEyYjVhMjRkN2U4NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4GzyYgQI7RXDVfkorJUFxiRGruj
zGmDJynOlHxPw+L6MV1mN3l1GHlPqh31mWcfUKmSRvJbjO6capQjWMyYA+RpU5rW
Zav846fmg6KBWnWeRx9AaIRHhCMyutUe3vGZGCdf/qirhuO8LBsZH9G1kHRDRY8r
2yp3g/tMopwajXtMDCEyb05OjEkqhQQt7tv0IXD77z7ywcK8xTgfwua+THSRYHqA
Y1D9X7lApER2sRdjbq0jFr3Yl0T5xhOqEFI/MD9xn1gDr/gFEQ69h27xPT4D41ct
D3VohNeGf/HRCRZH/YcZl6ClFEEE/xG9Z400Y1F9SwHgkHkPo5EOlzgIJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxE775FCj7qEsBvMA+itaJNfodZMB8GA1UdIwQY
MBaAFIakla5odB551Y44hr4qqHjEjBO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEt
NDkxOGIwMjc0MmM3LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEtNDkxOGIwMjc0MmM3
LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFkuAAU1U
LbFLeeMy2cMM6FBx/gK967F4X0/rKFXX9sPjL9Vk4ACLFWlgM3JjG3ri38RFeazM
4YC2VyZ0acKayEc7FSw7CBuwo669xuo2XFdBqiW3TWKwaOUJus0vB7/uItr3TMT8
ekA+md9xshduzs6ifk28yMhUgqAlgz3aDO3hEMRgEOpw2uVknk/cZkjH0gEbFFbG
aYtdRYk+mqw5DrLDIsXj4nxCHyxm31UgLQZp01VrU5yiw7Xo0K3q7ngAjKAenAI0
RaVinEWuY5wkuXQ3QE81VynCMg3ycLrBkQabtgDkvWQyjbh6Zg905oYO+nShnMkt
dmu0RfMIpw5QCw==
-----END CERTIFICATE-----