Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
File:                     hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft (raw, json)
Hash identifier:          a+Wmk2VNSt+d3SGFLzhVYF0ORk4DMc0EWBfPIqtc5sI=
Subject key identifier:   A1:07:61:1D:E1:82:04:4F:06:18:7A:D0:C6:96:E9:6A:E5:45:53:EF
Authority key identifier: 85:02:8F:90:14:28:3B:34:9D:16:CA:FD:C9:4B:7F:5E:F1:53:0E:4D
Certificate issuer:       /CN=85028f9014283b349d16cafdc94b7f5ef1530e4d
Certificate serial:       0197B7EAC0CC6C359FF2D72C234D60E7EC9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
Manifest number:          034C
Signing time:             Sat 28 Jun 2025 19:01:44 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:44 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:44 +0000
Files and hashes:         1: hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl (hash: DlGBfkVeMHlywzkNw1otk9Q9bl6vWW4hq/Y9CxD2kDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:c0:cc:6c:35:9f:f2:d7:2c:23:4d:60:e7:ec:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85028f9014283b349d16cafdc94b7f5ef1530e4d
        Validity
            Not Before: Jun 28 19:01:44 2025 GMT
            Not After : Jun 29 19:01:44 2025 GMT
        Subject: CN=a107611de182044f06187ad0c696e96ae54553ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:90:15:c9:f6:25:61:f2:d9:e7:df:c9:1c:b2:
                    a7:64:a4:c8:d9:28:b5:d9:bf:ff:84:d7:bd:49:53:
                    41:26:2e:b8:e6:12:ad:88:14:47:a9:1a:85:48:c0:
                    36:3a:8b:7b:8e:09:42:f2:13:bd:07:f8:f7:71:3a:
                    17:c7:18:36:84:91:40:28:d4:2b:7c:13:78:8b:8b:
                    ef:62:5f:65:b7:0d:ab:26:f4:4c:33:36:07:a1:9b:
                    dd:26:ab:84:2a:06:91:79:2f:10:c5:23:8c:32:81:
                    64:63:f7:21:0b:a7:3c:09:2a:e7:d1:e5:6f:de:d6:
                    e3:70:f7:86:3c:c0:f6:33:4b:99:e2:cf:23:dc:18:
                    10:58:06:1d:43:68:2d:8a:0e:f9:da:48:90:af:94:
                    fe:23:ac:76:3c:b5:e2:36:d7:49:cf:63:b5:98:17:
                    d2:a4:7a:a4:54:3b:19:5c:4c:0e:16:99:5f:2c:05:
                    04:16:9e:6a:b8:c3:7f:0a:25:a3:f4:71:ff:49:b4:
                    2b:bc:ef:55:54:de:6f:4c:6f:3f:0d:70:ab:e5:3c:
                    78:9f:10:38:42:bd:6f:12:2a:d1:30:9e:73:2e:3e:
                    19:c8:fc:a9:06:a1:83:e6:c7:19:71:1b:5d:87:ab:
                    2a:a4:c9:0f:4f:f5:f6:2e:7b:bd:77:ea:0c:19:73:
                    85:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:07:61:1D:E1:82:04:4F:06:18:7A:D0:C6:96:E9:6A:E5:45:53:EF
            X509v3 Authority Key Identifier:
                keyid:85:02:8F:90:14:28:3B:34:9D:16:CA:FD:C9:4B:7F:5E:F1:53:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQKPkBQoOzSdFsr9yUt_XvFTDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e70fce-9612-4047-92e1-8639e5da97e7/1/hQKPkBQoOzSdFsr9yUt_XvFTDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:83:e1:20:3e:84:ac:a1:15:e7:7e:9f:49:80:4f:73:9d:2d:
         ae:45:1c:87:2a:40:87:ed:5b:52:07:86:c5:30:29:ea:c9:e6:
         63:73:e5:f0:5f:b6:9d:95:57:b5:ee:48:7d:b4:75:59:49:93:
         60:22:83:92:a5:09:14:1c:e9:17:42:dd:aa:03:99:7b:6e:45:
         29:f8:c0:48:40:d6:d7:e3:cf:41:42:7e:46:0f:e5:2f:7c:e2:
         79:66:d1:7b:6e:ef:bc:23:08:bc:2b:6d:de:b2:99:f6:86:65:
         65:b6:41:f4:61:1c:bd:03:80:9c:34:f9:bd:a4:68:db:55:ae:
         50:7c:ee:1d:06:6f:43:94:2e:eb:51:20:fb:7c:a3:73:67:09:
         dc:90:0c:24:d9:b4:91:74:77:04:11:e2:32:38:94:d8:d1:b1:
         ab:27:6d:28:57:f5:f2:22:c5:94:09:70:0d:33:29:ba:51:37:
         6f:00:dd:20:74:ef:a4:93:02:77:bd:84:a9:54:1d:bc:20:b1:
         ed:a0:03:94:96:ad:74:b0:1a:b2:8c:a5:32:46:23:a3:92:9c:
         75:7e:1f:7f:fc:c2:94:05:4e:98:d6:ee:66:41:b1:4d:1b:80:
         71:c1:80:c5:25:e7:f8:c0:b6:b1:0b:1e:43:e6:ea:31:5a:b0:
         73:18:b1:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36sDMbDWf8tcsI01g5+ybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDI4ZjkwMTQyODNiMzQ5ZDE2Y2FmZGM5NGI3ZjVlZjE1
MzBlNGQwHhcNMjUwNjI4MTkwMTQ0WhcNMjUwNjI5MTkwMTQ0WjAzMTEwLwYDVQQD
EyhhMTA3NjExZGUxODIwNDRmMDYxODdhZDBjNjk2ZTk2YWU1NDU1M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJAVyfYlYfLZ59/JHLKnZKTI2Si1
2b//hNe9SVNBJi645hKtiBRHqRqFSMA2Oot7jglC8hO9B/j3cToXxxg2hJFAKNQr
fBN4i4vvYl9ltw2rJvRMMzYHoZvdJquEKgaReS8QxSOMMoFkY/chC6c8CSrn0eVv
3tbjcPeGPMD2M0uZ4s8j3BgQWAYdQ2gtig752kiQr5T+I6x2PLXiNtdJz2O1mBfS
pHqkVDsZXEwOFplfLAUEFp5quMN/CiWj9HH/SbQrvO9VVN5vTG8/DXCr5Tx4nxA4
Qr1vEirRMJ5zLj4ZyPypBqGD5scZcRtdh6sqpMkPT/X2Lnu9d+oMGXOF3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEHYR3hggRPBhh60MaW6WrlRVPvMB8GA1UdIwQY
MBaAFIUCj5AUKDs0nRbK/clLf17xUw5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lNzBmY2UtOTYxMi00MDQ3LTkyZTEt
ODYzOWU1ZGE5N2U3LzEvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lNzBmY2UtOTYxMi00MDQ3LTkyZTEtODYzOWU1ZGE5N2U3
LzEvaFFLUGtCUW9PelNkRnNyOXlVdF9YdkZURGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUIPhID6E
rKEV536fSYBPc50trkUchypAh+1bUgeGxTAp6snmY3Pl8F+2nZVXte5IfbR1WUmT
YCKDkqUJFBzpF0LdqgOZe25FKfjASEDW1+PPQUJ+Rg/lL3zieWbRe27vvCMIvCtt
3rKZ9oZlZbZB9GEcvQOAnDT5vaRo21WuUHzuHQZvQ5Qu61Eg+3yjc2cJ3JAMJNm0
kXR3BBHiMjiU2NGxqydtKFf18iLFlAlwDTMpulE3bwDdIHTvpJMCd72EqVQdvCCx
7aADlJatdLAasoylMkYjo5KcdX4ff/zClAVOmNbuZkGxTRuAccGAxSXn+MC2sQse
Q+bqMVqwcxixbQ==
-----END CERTIFICATE-----