Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          eJR4TpGh+yNyPYApPMlLMNi4ykTSy2cDbp1Cgk7wPDo=
Subject key identifier:   4F:79:42:F6:B9:D9:63:E6:E7:94:F1:75:8C:90:3E:63:DA:0B:AF:C8
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       0197B77C72AA9CF72E4360A492C5EE5FD351
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          083A
Signing time:             Sat 28 Jun 2025 17:01:15 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:15 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:15 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: 090w3P1tmf+A5G7TRJWroCl+BIDygWnSKFevN/4Amjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 17:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:72:aa:9c:f7:2e:43:60:a4:92:c5:ee:5f:d3:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Jun 28 17:01:15 2025 GMT
            Not After : Jun 29 17:01:15 2025 GMT
        Subject: CN=4f7942f6b9d963e6e794f1758c903e63da0bafc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:42:40:06:1b:f9:2e:9a:61:de:52:23:29:d7:
                    6e:1b:5b:90:2f:71:dc:b7:7c:eb:36:e9:b5:fb:54:
                    17:9c:a0:61:3f:ed:41:25:25:30:a2:36:c3:bb:bf:
                    a0:17:27:8f:7a:76:6e:14:77:aa:77:5c:9e:93:48:
                    91:f6:61:d1:98:df:f7:1f:ef:53:00:ff:8e:c8:9e:
                    fd:1c:f1:ad:b3:c6:0e:6d:57:87:59:73:29:52:2f:
                    07:4b:5e:c1:cf:02:0a:8d:bd:68:f0:32:fe:a0:9d:
                    dd:2c:a8:ae:2b:0c:e9:87:13:45:65:54:c9:6f:a9:
                    cb:f6:c4:af:67:d8:70:26:b0:a0:7c:d4:f3:b0:6f:
                    17:63:a2:21:ef:2a:50:d9:d3:89:04:8b:a9:4f:6e:
                    1b:bc:54:7e:96:82:d8:84:42:09:0a:77:60:ea:e2:
                    ca:37:25:19:bc:c8:1a:9d:4d:27:62:c9:85:ab:7f:
                    89:73:01:87:38:8f:a6:27:7c:02:21:8c:d4:bb:90:
                    3b:af:9e:01:c5:d6:b9:6b:8c:83:c2:1b:0a:d2:24:
                    81:10:58:17:22:99:52:81:c2:15:64:1d:49:18:f3:
                    8b:5e:9b:da:19:0a:c9:79:ac:f2:42:a9:05:b3:05:
                    a6:20:a8:f0:e0:8e:5b:49:a2:49:5b:e5:b7:e1:64:
                    f7:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:79:42:F6:B9:D9:63:E6:E7:94:F1:75:8C:90:3E:63:DA:0B:AF:C8
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:fd:03:fe:ad:dc:a2:fe:1c:e2:53:47:96:b5:21:e7:86:69:
         7e:e5:2b:0c:6c:16:41:e6:0d:21:7b:0b:36:ab:89:73:cb:c4:
         27:ce:96:3d:78:a2:72:9f:3f:3e:8d:00:37:bb:e8:32:d4:19:
         ea:fe:23:77:d2:ec:a3:2a:18:70:65:ff:37:5b:4b:4a:d8:1f:
         47:20:1e:ab:48:a9:e3:5c:0a:a9:0c:fb:a1:8e:8f:d4:3a:5f:
         85:a5:dc:6b:9c:75:d0:32:32:c5:17:d0:a1:1b:e2:e6:c0:e5:
         76:60:5e:74:db:a9:c0:d7:29:79:d4:98:de:43:6d:91:13:40:
         c1:52:cb:c3:ea:71:b6:10:bd:e8:a4:96:b9:a4:ce:15:28:95:
         3d:a7:ca:7e:f4:57:4d:0a:a1:3f:45:8f:f8:08:53:cb:67:c9:
         e4:f1:ea:b9:29:cf:a7:c7:13:80:48:fb:21:da:6f:86:98:02:
         b8:84:54:1b:17:24:f7:8e:4c:66:2b:d9:30:1d:c1:cd:a0:01:
         a7:e3:c4:86:60:aa:1b:db:cc:29:ed:6f:48:79:e3:dd:7b:9e:
         54:40:12:88:26:6d:06:c0:20:3b:0b:c7:94:99:ac:e1:66:40:
         66:95:4a:e2:ff:7d:0f:bb:9a:c1:6a:94:6a:24:44:c8:d1:a6:
         d7:07:02:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fHKqnPcuQ2CkksXuX9NRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjUwNjI4MTcwMTE1WhcNMjUwNjI5MTcwMTE1WjAzMTEwLwYDVQQD
Eyg0Zjc5NDJmNmI5ZDk2M2U2ZTc5NGYxNzU4YzkwM2U2M2RhMGJhZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUJABhv5Lpph3lIjKdduG1uQL3Hc
t3zrNum1+1QXnKBhP+1BJSUwojbDu7+gFyePenZuFHeqd1yek0iR9mHRmN/3H+9T
AP+OyJ79HPGts8YObVeHWXMpUi8HS17BzwIKjb1o8DL+oJ3dLKiuKwzphxNFZVTJ
b6nL9sSvZ9hwJrCgfNTzsG8XY6Ih7ypQ2dOJBIupT24bvFR+loLYhEIJCndg6uLK
NyUZvMganU0nYsmFq3+JcwGHOI+mJ3wCIYzUu5A7r54Bxda5a4yDwhsK0iSBEFgX
IplSgcIVZB1JGPOLXpvaGQrJeazyQqkFswWmIKjw4I5bSaJJW+W34WT3ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE95Qva52WPm55TxdYyQPmPaC6/IMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuf0D/q3c
ov4c4lNHlrUh54ZpfuUrDGwWQeYNIXsLNquJc8vEJ86WPXiicp8/Po0AN7voMtQZ
6v4jd9LsoyoYcGX/N1tLStgfRyAeq0ip41wKqQz7oY6P1DpfhaXca5x10DIyxRfQ
oRvi5sDldmBedNupwNcpedSY3kNtkRNAwVLLw+pxthC96KSWuaTOFSiVPafKfvRX
TQqhP0WP+AhTy2fJ5PHquSnPp8cTgEj7IdpvhpgCuIRUGxck945MZivZMB3BzaAB
p+PEhmCqG9vMKe1vSHnj3XueVEASiCZtBsAgOwvHlJms4WZAZpVK4v99D7uawWqU
aiREyNGm1wcC4w==
-----END CERTIFICATE-----