Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
File:                     hheg4tbmBy6I03dN18z78HochjI.mft (raw, json)
Hash identifier:          hy3/zNdDTyT2IerpisU/CYryKM1cU8DSGU1SIA3Jyaw=
Subject key identifier:   42:A3:E9:73:70:B7:84:66:97:7A:7B:31:78:DD:0C:1B:AB:93:21:AF
Authority key identifier: 86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32
Certificate issuer:       /CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
Certificate serial:       0198D5BBACE86A527D3B83C2AB3696ADD4DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
Manifest number:          123B
Signing time:             Sat 23 Aug 2025 07:01:43 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:43 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:43 +0000
Files and hashes:         1: hheg4tbmBy6I03dN18z78HochjI.crl (hash: KgOo15qOhAJOPByEGr4gcWCAYCltIp7fNwpz70OaEo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:ac:e8:6a:52:7d:3b:83:c2:ab:36:96:ad:d4:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
        Validity
            Not Before: Aug 23 07:01:43 2025 GMT
            Not After : Aug 24 07:01:43 2025 GMT
        Subject: CN=42a3e97370b78466977a7b3178dd0c1bab9321af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:cc:c8:d9:1a:16:f0:f2:72:6b:d7:72:49:eb:
                    1c:2e:a0:ca:dd:6b:f6:a1:21:b5:30:f5:27:20:09:
                    d2:47:e3:9c:34:1d:c7:f1:1e:fa:42:80:6b:59:7e:
                    46:1e:19:51:17:fb:cb:bc:dd:ab:dc:38:65:03:82:
                    36:29:67:5a:ec:b3:23:c0:08:58:04:57:d2:b9:04:
                    f7:e5:86:f5:5f:1a:08:12:25:ef:23:7e:83:84:b6:
                    f7:1d:77:44:ec:64:cf:c6:bc:9c:dd:e9:a3:86:c7:
                    53:8a:89:6c:a3:3d:ee:a4:8f:12:44:bc:d8:54:07:
                    05:56:cf:a7:82:79:a4:f3:b4:c9:c9:35:b1:09:3f:
                    70:18:41:8d:84:71:35:1f:e0:a1:8a:3e:ba:1b:f2:
                    6a:75:fc:84:6d:c8:27:5c:f6:50:8a:c3:b8:aa:55:
                    a6:c4:8a:b7:cf:ca:3c:0d:af:d4:43:96:11:0b:9c:
                    3a:b3:7e:67:36:a6:ef:32:07:58:21:25:2d:ae:b9:
                    39:dd:f8:61:de:58:a8:b7:b0:cc:99:64:aa:a9:5c:
                    9f:d4:5f:3d:a7:46:70:71:e1:6f:76:e1:e2:21:d3:
                    94:f5:5f:b5:70:87:35:00:21:90:23:5b:e4:3c:d4:
                    e7:6f:15:1c:25:63:d7:b9:db:fb:4e:eb:40:48:36:
                    1e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A3:E9:73:70:B7:84:66:97:7A:7B:31:78:DD:0C:1B:AB:93:21:AF
            X509v3 Authority Key Identifier:
                keyid:86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:60:b0:e8:df:c3:3c:5d:4e:a7:0a:bb:75:6d:a0:bc:6d:75:
         80:c0:6d:e7:3a:26:e8:93:bf:df:6e:8d:ab:b7:48:6b:84:0c:
         19:f3:72:2f:bf:0a:e8:20:e7:97:c4:10:d4:48:83:f4:51:bf:
         37:c1:d0:08:e2:44:e3:de:54:89:dc:c4:bc:2b:28:da:fa:dc:
         ba:13:51:f1:f9:30:07:7d:32:e3:99:b1:a0:4c:90:66:0d:df:
         22:dd:9c:7d:a3:43:e8:01:20:ab:fd:87:7d:48:df:6d:51:69:
         3d:d9:ee:bd:7c:de:92:4a:bc:3f:b6:04:3b:af:0f:4f:34:5c:
         e6:06:96:0e:68:dc:ec:d2:ad:54:db:d5:9c:83:be:dc:24:3e:
         99:6f:9c:23:04:f1:a0:bd:21:81:9a:cc:38:0e:9b:cf:cd:0d:
         7d:cf:b1:95:fc:47:36:e5:c9:ac:86:f9:0f:9b:b5:b1:eb:2b:
         bd:e6:17:9d:49:9e:77:e0:ba:60:40:82:49:a1:8c:fa:c2:6b:
         a5:a3:7e:74:63:62:37:b8:76:d7:a9:d0:21:5c:1c:74:ac:2a:
         ed:12:73:e3:6c:cc:d1:a1:ca:60:bb:9a:64:33:e6:b7:f4:f3:
         d9:d5:ed:9e:3c:ae:0c:2c:70:ab:7b:f0:39:c0:75:f6:47:49:
         e3:52:e7:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu6zoalJ9O4PCqzaWrdTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTdhMGUyZDZlNjA3MmU4OGQzNzc0ZGQ3Y2NmYmYwN2Ex
Yzg2MzIwHhcNMjUwODIzMDcwMTQzWhcNMjUwODI0MDcwMTQzWjAzMTEwLwYDVQQD
Eyg0MmEzZTk3MzcwYjc4NDY2OTc3YTdiMzE3OGRkMGMxYmFiOTMyMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkszI2RoW8PJya9dySescLqDK3Wv2
oSG1MPUnIAnSR+OcNB3H8R76QoBrWX5GHhlRF/vLvN2r3DhlA4I2KWda7LMjwAhY
BFfSuQT35Yb1XxoIEiXvI36DhLb3HXdE7GTPxryc3emjhsdTiolsoz3upI8SRLzY
VAcFVs+ngnmk87TJyTWxCT9wGEGNhHE1H+Chij66G/JqdfyEbcgnXPZQisO4qlWm
xIq3z8o8Da/UQ5YRC5w6s35nNqbvMgdYISUtrrk53fhh3liot7DMmWSqqVyf1F89
p0ZwceFvduHiIdOU9V+1cIc1ACGQI1vkPNTnbxUcJWPXudv7TutASDYetwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKj6XNwt4Rml3p7MXjdDBurkyGvMB8GA1UdIwQY
MBaAFIYXoOLW5gcuiNN3TdfM+/B6HIYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5Njgt
ZWJkYzMyYTZhYjI3LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5NjgtZWJkYzMyYTZhYjI3
LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmCw6N/D
PF1Opwq7dW2gvG11gMBt5zom6JO/326Nq7dIa4QMGfNyL78K6CDnl8QQ1EiD9FG/
N8HQCOJE495UidzEvCso2vrcuhNR8fkwB30y45mxoEyQZg3fIt2cfaND6AEgq/2H
fUjfbVFpPdnuvXzekkq8P7YEO68PTzRc5gaWDmjc7NKtVNvVnIO+3CQ+mW+cIwTx
oL0hgZrMOA6bz80Nfc+xlfxHNuXJrIb5D5u1sesrveYXnUmed+C6YECCSaGM+sJr
paN+dGNiN7h216nQIVwcdKwq7RJz42zM0aHKYLuaZDPmt/Tz2dXtnjyuDCxwq3vw
OcB19kdJ41LnvA==
-----END CERTIFICATE-----