Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
File:                     hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft (raw, json)
Hash identifier:          BAjfCsg6FJ7fC3fjfzZU5afow9rk5Sm/D6N3xmZZ884=
Subject key identifier:   AE:78:E7:20:A5:F8:0C:F5:11:40:56:80:BA:BB:D6:AF:90:79:A8:37
Authority key identifier: 86:5A:F1:8A:8D:80:27:4C:0A:C2:F5:01:B1:6D:69:A4:54:E0:8D:5E
Certificate issuer:       /CN=865af18a8d80274c0ac2f501b16d69a454e08d5e
Certificate serial:       0197B6A1A087B86DB5B87A9078C478A75A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
Manifest number:          09A5
Signing time:             Sat 28 Jun 2025 13:02:15 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:15 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:15 +0000
Files and hashes:         1: hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl (hash: dQRYJFDohrhcSob9++DoPI643n0Ao8yX/CaSwB4jQZE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:a0:87:b8:6d:b5:b8:7a:90:78:c4:78:a7:5a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=865af18a8d80274c0ac2f501b16d69a454e08d5e
        Validity
            Not Before: Jun 28 13:02:15 2025 GMT
            Not After : Jun 29 13:02:15 2025 GMT
        Subject: CN=ae78e720a5f80cf511405680babbd6af9079a837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:43:18:be:a9:2a:96:83:af:41:ea:3a:bc:a7:
                    cb:73:ea:2b:a6:db:e7:02:a3:dd:e9:c8:04:13:f8:
                    30:69:b4:42:15:30:49:fd:7a:7b:18:5a:24:3f:68:
                    08:b3:23:71:80:29:55:56:a3:b5:e0:99:fd:39:49:
                    ce:43:e3:ca:c3:c2:bb:53:e5:a3:e2:85:c9:1d:96:
                    8f:97:fc:26:d2:8c:4b:53:7e:a4:57:7f:7e:08:85:
                    bb:cb:10:3f:ec:16:32:33:19:2d:75:50:3f:94:ec:
                    e9:a6:08:63:ac:b0:b5:03:59:35:3a:b9:1c:12:ab:
                    4f:f9:30:8a:c0:c9:f8:f9:bc:a0:1f:91:79:69:73:
                    92:c0:f4:82:fd:69:97:bb:a6:58:ea:2d:df:c3:4a:
                    b2:d2:25:52:a4:d9:04:b7:dd:04:7e:68:25:6a:fd:
                    3c:a8:55:64:fd:38:e5:56:94:f2:b3:e3:fe:b7:0b:
                    c0:cd:f2:4f:8f:56:3e:09:74:a3:26:eb:ca:87:c2:
                    12:cc:ac:0d:23:dd:fc:01:ca:9d:76:e5:af:1a:72:
                    07:98:89:07:fb:4f:f2:28:98:b0:62:8d:85:f2:df:
                    ef:67:6e:b3:32:fb:e4:2c:64:dc:fb:64:8f:92:2a:
                    e6:ec:10:92:3c:60:44:ac:0c:be:4c:ef:4c:0d:31:
                    97:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:78:E7:20:A5:F8:0C:F5:11:40:56:80:BA:BB:D6:AF:90:79:A8:37
            X509v3 Authority Key Identifier:
                keyid:86:5A:F1:8A:8D:80:27:4C:0A:C2:F5:01:B1:6D:69:A4:54:E0:8D:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:10:aa:95:26:eb:95:5e:f0:ae:a1:5c:06:82:62:2c:28:11:
         19:39:f3:d1:f4:e2:d8:01:1b:25:1e:6f:d9:97:16:58:38:34:
         54:34:5b:9e:ab:24:d6:31:ce:f0:56:79:fe:23:b8:fc:3d:ba:
         8d:43:8a:e8:08:49:33:48:32:38:d2:f4:50:60:fd:87:4f:0f:
         08:1d:ae:5b:4b:cb:f4:04:17:83:5b:af:99:e8:fe:27:a7:66:
         ca:8f:00:bc:67:f3:31:1d:ae:c0:68:a2:b0:30:19:45:01:28:
         f3:69:79:c3:0c:f3:aa:6f:08:eb:f5:c5:d1:e0:57:c5:34:78:
         b8:b3:e7:8c:04:b0:c7:ef:29:6d:58:c3:4f:a6:10:f0:51:49:
         86:1b:05:8e:e5:97:51:24:76:a9:bd:e2:2c:c3:38:44:13:17:
         f3:23:9b:f3:60:d2:29:61:7b:22:f8:78:34:37:bf:09:79:da:
         a1:83:af:07:26:ee:31:fd:a4:00:5a:3a:55:0b:6f:59:cb:2f:
         74:a2:95:6e:8a:10:c8:cd:f0:b6:c6:39:df:a1:79:ae:38:a5:
         00:6d:2d:e0:f6:e8:53:29:72:b1:98:64:1e:1d:e7:1f:6b:57:
         35:bb:d5:1d:11:81:0b:91:1e:19:2a:96:21:41:b3:06:39:aa:
         fe:33:ff:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oaCHuG21uHqQeMR4p1pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NWFmMThhOGQ4MDI3NGMwYWMyZjUwMWIxNmQ2OWE0NTRl
MDhkNWUwHhcNMjUwNjI4MTMwMjE1WhcNMjUwNjI5MTMwMjE1WjAzMTEwLwYDVQQD
EyhhZTc4ZTcyMGE1ZjgwY2Y1MTE0MDU2ODBiYWJiZDZhZjkwNzlhODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskMYvqkqloOvQeo6vKfLc+orptvn
AqPd6cgEE/gwabRCFTBJ/Xp7GFokP2gIsyNxgClVVqO14Jn9OUnOQ+PKw8K7U+Wj
4oXJHZaPl/wm0oxLU36kV39+CIW7yxA/7BYyMxktdVA/lOzppghjrLC1A1k1Orkc
EqtP+TCKwMn4+bygH5F5aXOSwPSC/WmXu6ZY6i3fw0qy0iVSpNkEt90Efmglav08
qFVk/TjlVpTys+P+twvAzfJPj1Y+CXSjJuvKh8ISzKwNI938AcqdduWvGnIHmIkH
+0/yKJiwYo2F8t/vZ26zMvvkLGTc+2SPkirm7BCSPGBErAy+TO9MDTGXzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK545yCl+Az1EUBWgLq71q+Qeag3MB8GA1UdIwQY
MBaAFIZa8YqNgCdMCsL1AbFtaaRU4I1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jOWM4MDAtYWVmYi00NGJjLWI3MTIt
MWVlYTRlYTQzYTJmLzEvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jOWM4MDAtYWVmYi00NGJjLWI3MTItMWVlYTRlYTQzYTJm
LzEvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAChCqlSbr
lV7wrqFcBoJiLCgRGTnz0fTi2AEbJR5v2ZcWWDg0VDRbnqsk1jHO8FZ5/iO4/D26
jUOK6AhJM0gyONL0UGD9h08PCB2uW0vL9AQXg1uvmej+J6dmyo8AvGfzMR2uwGii
sDAZRQEo82l5wwzzqm8I6/XF0eBXxTR4uLPnjASwx+8pbVjDT6YQ8FFJhhsFjuWX
USR2qb3iLMM4RBMX8yOb82DSKWF7Ivh4NDe/CXnaoYOvBybuMf2kAFo6VQtvWcsv
dKKVbooQyM3wtsY536F5rjilAG0t4PboUylysZhkHh3nH2tXNbvVHRGBC5EeGSqW
IUGzBjmq/jP/xw==
-----END CERTIFICATE-----