Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
File:                     hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft (raw, json)
Hash identifier:          TNwCrc/hlfTm78IWL47dzMFTbjCRqu6d6hbtuxxip2Y=
Subject key identifier:   67:77:43:30:2D:3A:9A:6E:88:3C:B8:13:B1:89:5D:85:1B:7A:CC:42
Authority key identifier: 84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
Certificate issuer:       /CN=84f590ca62c246440583818c31f2573a0f50ffd0
Certificate serial:       0198D515DB9B4F75FCE2027B456B813DDE4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
Manifest number:          0A5D
Signing time:             Sat 23 Aug 2025 04:00:36 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:36 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:36 +0000
Files and hashes:         1: hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl (hash: Yhs8BwWGa3eyzE9hJ/jYEtjrgd3NGJZlfEurwHLFonA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:db:9b:4f:75:fc:e2:02:7b:45:6b:81:3d:de:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f590ca62c246440583818c31f2573a0f50ffd0
        Validity
            Not Before: Aug 23 04:00:36 2025 GMT
            Not After : Aug 24 04:00:36 2025 GMT
        Subject: CN=677743302d3a9a6e883cb813b1895d851b7acc42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:80:8e:de:75:9c:2c:e6:df:9f:f7:0c:f2:f3:
                    03:db:ab:d5:bd:a7:71:95:e1:67:aa:e2:aa:bb:d2:
                    55:9a:85:a1:f8:8f:4d:f5:22:0f:e9:15:eb:73:a8:
                    76:2a:da:49:a9:a3:80:9e:0c:c9:0f:4d:12:ae:f3:
                    08:18:e7:9f:68:61:e3:04:0c:13:e4:18:10:8d:1f:
                    71:98:3b:61:a9:47:2b:ba:6b:86:62:1d:d0:5f:5e:
                    da:a2:59:1f:4e:0b:9d:2e:4a:09:f2:05:40:dd:0f:
                    9e:14:ba:19:9a:04:b6:14:69:b2:c3:43:e6:7d:19:
                    67:36:50:fc:b8:02:14:b4:5e:0f:34:ef:fb:06:c8:
                    5c:9c:38:cf:51:f7:2e:f6:a0:7e:06:df:11:db:2a:
                    83:52:8f:a2:a9:ff:2a:78:f0:94:d8:6f:b2:f4:08:
                    12:b5:34:1b:f9:04:cf:51:03:f5:7c:e5:69:6a:1a:
                    db:a4:f8:53:fd:07:15:18:e4:a0:d5:d8:d2:3b:b1:
                    83:a6:33:7e:d1:2e:ff:cd:5e:f7:c9:8b:72:f4:19:
                    b7:f1:79:0c:fc:b3:d8:2d:8a:e5:96:4a:af:02:ce:
                    be:6c:a9:04:d0:e4:cb:66:7e:14:c5:39:c9:d9:03:
                    04:b1:70:72:b8:62:c6:e3:a0:2c:8b:de:e1:56:f6:
                    db:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:77:43:30:2D:3A:9A:6E:88:3C:B8:13:B1:89:5D:85:1B:7A:CC:42
            X509v3 Authority Key Identifier:
                keyid:84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a6:d4:2e:5a:a3:9c:a4:18:b7:86:c9:e2:e8:b6:f2:fb:c5:
         37:47:2f:be:75:f7:b7:e5:82:17:c8:64:a5:20:f9:91:55:e3:
         67:4a:57:04:ca:ab:2b:5e:8c:1b:b0:db:59:14:02:26:54:e6:
         3e:37:7f:72:28:a4:0a:28:db:b6:c8:f5:71:74:86:3b:a3:99:
         08:c4:fc:88:75:cd:bb:1b:5e:63:79:a8:c5:9a:ba:88:7d:64:
         3d:f3:de:86:ed:17:af:53:db:66:b0:63:c6:f7:d7:26:99:29:
         03:f5:dd:a7:3a:47:02:28:8c:76:07:a4:6d:dc:38:40:49:db:
         a7:0b:ab:32:a7:6b:44:75:64:c8:17:ee:71:5f:a9:36:fc:ff:
         e8:27:99:2b:0c:94:f5:00:46:b7:f3:f0:f2:bd:e8:6d:03:aa:
         e0:93:23:fc:4e:37:cf:80:2b:eb:a2:13:6f:4f:f6:09:db:fe:
         c2:54:39:60:7b:e0:ad:cf:71:30:d9:7c:30:ee:1f:e9:d9:2f:
         f6:66:df:f2:3e:a7:a8:92:95:fa:36:fc:0c:82:4d:2f:ef:1a:
         02:e7:60:0e:4f:d9:50:c9:88:5a:0f:40:f7:4a:12:f3:71:1a:
         77:57:df:ba:5c:63:aa:c1:a5:b4:0e:92:4a:7f:d0:67:5d:88:
         74:5c:d3:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFdubT3X84gJ7RWuBPd5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjU5MGNhNjJjMjQ2NDQwNTgzODE4YzMxZjI1NzNhMGY1
MGZmZDAwHhcNMjUwODIzMDQwMDM2WhcNMjUwODI0MDQwMDM2WjAzMTEwLwYDVQQD
Eyg2Nzc3NDMzMDJkM2E5YTZlODgzY2I4MTNiMTg5NWQ4NTFiN2FjYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04CO3nWcLObfn/cM8vMD26vVvadx
leFnquKqu9JVmoWh+I9N9SIP6RXrc6h2KtpJqaOAngzJD00SrvMIGOefaGHjBAwT
5BgQjR9xmDthqUcrumuGYh3QX17aolkfTgudLkoJ8gVA3Q+eFLoZmgS2FGmyw0Pm
fRlnNlD8uAIUtF4PNO/7BshcnDjPUfcu9qB+Bt8R2yqDUo+iqf8qePCU2G+y9AgS
tTQb+QTPUQP1fOVpahrbpPhT/QcVGOSg1djSO7GDpjN+0S7/zV73yYty9Bm38XkM
/LPYLYrllkqvAs6+bKkE0OTLZn4UxTnJ2QMEsXByuGLG46Asi97hVvbb0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd3QzAtOppuiDy4E7GJXYUbesxCMB8GA1UdIwQY
MBaAFIT1kMpiwkZEBYOBjDHyVzoPUP/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEt
OGQ1NmE3YjA5OTUzLzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEtOGQ1NmE3YjA5OTUz
LzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqbULlqj
nKQYt4bJ4ui28vvFN0cvvnX3t+WCF8hkpSD5kVXjZ0pXBMqrK16MG7DbWRQCJlTm
Pjd/ciikCijbtsj1cXSGO6OZCMT8iHXNuxteY3moxZq6iH1kPfPehu0Xr1PbZrBj
xvfXJpkpA/XdpzpHAiiMdgekbdw4QEnbpwurMqdrRHVkyBfucV+pNvz/6CeZKwyU
9QBGt/Pw8r3obQOq4JMj/E43z4Ar66ITb0/2Cdv+wlQ5YHvgrc9xMNl8MO4f6dkv
9mbf8j6nqJKV+jb8DIJNL+8aAudgDk/ZUMmIWg9A90oS83Ead1ffulxjqsGltA6S
Sn/QZ12IdFzT8g==
-----END CERTIFICATE-----