Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
File:                     HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json)
Hash identifier:          9oRrHrjCz1Sx6gCdXucwwetOs7pjYXk9fcneMzr697Q=
Subject key identifier:   5C:B5:74:E3:73:44:F2:A8:96:4F:96:A4:F4:BC:C3:19:C9:F6:74:74
Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43
Certificate issuer:       /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
Certificate serial:       0197B77C2C4148F6B777003F51FF886F60B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
Manifest number:          0A5F
Signing time:             Sat 28 Jun 2025 17:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:57 +0000
Files and hashes:         1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: FYoZ8GEX51dEwCm/IaTDI08REMulmKdfw8wXG2t+Mog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:2c:41:48:f6:b7:77:00:3f:51:ff:88:6f:60:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
        Validity
            Not Before: Jun 28 17:00:57 2025 GMT
            Not After : Jun 29 17:00:57 2025 GMT
        Subject: CN=5cb574e37344f2a8964f96a4f4bcc319c9f67474
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a1:f7:f5:71:eb:c4:1e:05:d6:e8:41:38:73:
                    a2:1f:61:ec:31:55:9e:02:c7:a0:12:05:7f:fb:c3:
                    13:5b:d9:59:ea:ff:55:83:8d:e5:15:eb:17:a8:32:
                    f8:a2:5f:54:28:10:6d:89:7f:1d:1d:22:6d:4f:41:
                    96:54:28:cb:eb:3c:0a:15:46:6d:e8:f2:55:4e:1c:
                    b2:94:db:a5:0d:ac:42:d7:68:23:f3:ac:43:0d:42:
                    35:24:17:49:ec:4a:8d:68:00:46:9c:e8:97:28:f5:
                    27:ad:3b:67:88:ec:0a:0a:4a:a7:5f:8e:66:03:4e:
                    f7:a5:09:47:d0:3a:02:2d:2a:f3:02:04:67:09:01:
                    a3:ba:97:ca:e0:3f:a2:7c:78:cb:44:50:d9:d3:d2:
                    a8:2e:46:2e:30:54:8f:b7:c8:1a:75:8e:0a:d5:0b:
                    70:43:b3:95:eb:c5:ce:0a:bf:5e:60:9f:f4:61:c5:
                    e5:79:ad:70:8b:c3:04:24:f6:fa:e6:26:79:59:fc:
                    da:42:73:40:d1:3b:e7:58:49:f1:1f:e8:b1:55:23:
                    82:62:1b:55:b1:b8:0b:80:07:13:43:9c:80:d1:9e:
                    ec:65:ad:8d:21:ab:b2:95:32:97:1c:67:86:ad:2b:
                    db:23:44:7b:64:d0:4c:44:52:ac:8d:08:0e:bc:d1:
                    74:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B5:74:E3:73:44:F2:A8:96:4F:96:A4:F4:BC:C3:19:C9:F6:74:74
            X509v3 Authority Key Identifier:
                keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:d2:44:13:23:01:c3:9f:23:a7:67:54:4d:fe:91:51:22:c8:
         31:de:70:4d:6c:03:d2:4f:77:3a:d4:f1:aa:f4:0e:a3:51:06:
         b1:23:55:49:93:74:7c:41:e0:f0:c8:21:49:bf:33:b1:fa:d7:
         ea:b8:10:29:07:0b:a2:aa:8a:42:40:08:c6:34:2e:b8:cf:d2:
         59:1a:10:f5:a3:1a:66:56:ae:cb:13:ff:c0:78:0b:7e:a8:ec:
         61:e4:9f:7a:5a:f7:5d:f4:62:a2:db:74:ef:78:eb:7e:6b:93:
         a8:94:39:82:db:cf:57:1d:4f:1c:f0:73:1d:29:34:eb:62:e7:
         c6:ff:b1:de:b6:40:38:14:a9:d5:22:5b:5e:dd:e9:21:16:81:
         c9:bb:90:81:02:ce:d9:50:94:b4:48:04:9d:3d:09:a1:53:dd:
         65:1a:89:47:56:34:f9:da:72:b0:b3:b4:7b:8c:6c:64:72:a6:
         e8:b0:3a:44:f0:09:3c:24:52:c1:ef:57:71:15:1e:34:c4:b3:
         b2:b5:eb:9f:da:fb:61:c0:bf:3d:1c:88:de:50:2a:8f:70:06:
         ff:f7:7d:72:de:cc:f6:58:aa:85:ab:26:e9:53:0b:5f:6a:bb:
         67:17:fb:6b:cc:e2:87:9a:bc:c9:10:7b:7c:bf:cd:22:e2:c2:
         52:18:5f:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fCxBSPa3dwA/Uf+Ib2CzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl
NGU2NDMwHhcNMjUwNjI4MTcwMDU3WhcNMjUwNjI5MTcwMDU3WjAzMTEwLwYDVQQD
Eyg1Y2I1NzRlMzczNDRmMmE4OTY0Zjk2YTRmNGJjYzMxOWM5ZjY3NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaH39XHrxB4F1uhBOHOiH2HsMVWe
AsegEgV/+8MTW9lZ6v9Vg43lFesXqDL4ol9UKBBtiX8dHSJtT0GWVCjL6zwKFUZt
6PJVThyylNulDaxC12gj86xDDUI1JBdJ7EqNaABGnOiXKPUnrTtniOwKCkqnX45m
A073pQlH0DoCLSrzAgRnCQGjupfK4D+ifHjLRFDZ09KoLkYuMFSPt8gadY4K1Qtw
Q7OV68XOCr9eYJ/0YcXlea1wi8MEJPb65iZ5WfzaQnNA0TvnWEnxH+ixVSOCYhtV
sbgLgAcTQ5yA0Z7sZa2NIauylTKXHGeGrSvbI0R7ZNBMRFKsjQgOvNF0SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFy1dONzRPKolk+WpPS8wxnJ9nR0MB8GA1UdIwQY
MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt
NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz
LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtJEEyMB
w58jp2dUTf6RUSLIMd5wTWwD0k93OtTxqvQOo1EGsSNVSZN0fEHg8MghSb8zsfrX
6rgQKQcLoqqKQkAIxjQuuM/SWRoQ9aMaZlauyxP/wHgLfqjsYeSfelr3XfRiott0
73jrfmuTqJQ5gtvPVx1PHPBzHSk062Lnxv+x3rZAOBSp1SJbXt3pIRaBybuQgQLO
2VCUtEgEnT0JoVPdZRqJR1Y0+dpysLO0e4xsZHKm6LA6RPAJPCRSwe9XcRUeNMSz
srXrn9r7YcC/PRyI3lAqj3AG//d9ct7M9liqhasm6VMLX2q7Zxf7a8zih5q8yRB7
fL/NIuLCUhhfWA==
-----END CERTIFICATE-----