Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          fQhCTOYHoraoUMHebMb5J0168t418uhKsu8NETei7nw=
Subject key identifier:   C8:04:48:6D:65:1A:15:62:8C:6D:18:5C:70:A4:30:6C:D9:10:DE:47
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       0197B6A0E17F16C8A8B587AA89F767F182BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          69
Signing time:             Sat 28 Jun 2025 13:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:26 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: Gc7N1eNrpaMmmOjRtS97RkTrIC0172BaU2YQM6r0P+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:e1:7f:16:c8:a8:b5:87:aa:89:f7:67:f1:82:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Jun 28 13:01:26 2025 GMT
            Not After : Jun 29 13:01:26 2025 GMT
        Subject: CN=c804486d651a15628c6d185c70a4306cd910de47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:05:82:95:72:c0:61:67:fa:d4:ac:30:79:49:
                    1f:cf:fc:c5:74:06:55:f4:63:c3:ff:0d:02:de:ef:
                    41:da:ba:37:24:3d:c9:24:7c:d1:c0:f7:da:15:de:
                    75:78:e4:11:33:04:d5:d8:fc:ce:97:37:e9:07:d1:
                    f7:6d:09:0b:45:8e:3c:05:70:fd:ba:1d:f3:7b:98:
                    06:81:23:19:99:10:45:a9:66:16:aa:3e:93:06:83:
                    af:85:58:09:8e:2a:48:77:d3:68:67:d5:bb:59:90:
                    ff:5f:3d:ed:a7:e6:42:88:e6:d3:b1:da:a2:7f:8b:
                    57:75:57:33:81:c6:0c:f8:2f:35:8d:14:a0:a8:3b:
                    44:fe:a3:42:d8:9d:a0:21:e2:f5:2f:f9:59:b3:29:
                    32:01:20:f4:da:51:ad:f2:75:6b:cc:1f:02:e3:fb:
                    71:42:99:05:e8:c6:bf:7a:cb:3c:c5:ae:65:19:21:
                    9e:18:7d:fe:d2:57:e9:78:aa:68:61:f3:ce:2f:59:
                    74:0f:d1:9b:16:08:55:07:7c:f5:49:34:f2:a3:3d:
                    ab:f1:ff:3b:a5:62:9e:3b:bf:44:0c:d2:8a:6a:cc:
                    d9:97:c0:ba:b5:4e:eb:af:5c:c0:59:55:b8:ae:67:
                    be:3a:cf:44:ef:f7:67:e1:b7:3d:77:d5:9d:39:b7:
                    53:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:04:48:6D:65:1A:15:62:8C:6D:18:5C:70:A4:30:6C:D9:10:DE:47
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:c3:bb:52:a4:15:ad:88:7f:b6:c7:62:83:52:d8:5f:bc:23:
         48:61:5f:49:aa:ff:b0:5d:c2:73:26:2e:24:b5:d5:46:a7:1c:
         4e:3d:41:44:76:bf:43:91:52:5a:3a:33:0b:56:50:85:26:5c:
         1b:5b:4d:ab:55:35:82:75:83:a8:30:81:92:bb:6e:26:d8:5e:
         a7:72:58:6e:89:23:7e:69:ad:8f:74:87:d5:22:46:4a:47:56:
         9a:fa:93:af:56:43:35:7a:61:ae:e4:af:21:d4:e3:1e:20:4d:
         5d:fc:82:5a:aa:c9:54:68:8a:ea:77:bf:4c:ac:d9:0a:b3:a8:
         04:12:18:da:b4:73:eb:b7:3f:26:19:bf:9d:5c:ff:a8:cf:e0:
         65:fa:7a:29:bb:1e:03:55:94:c9:c7:54:76:04:49:cf:07:ac:
         d5:39:41:3c:d0:26:87:7e:d3:4a:aa:90:03:da:5c:3f:94:7c:
         0b:a3:1e:48:7b:61:c9:fc:02:53:11:69:5a:f4:3a:d0:6c:5f:
         85:d7:f8:04:73:87:d7:29:e8:0d:3a:74:1c:6a:5e:f2:a6:60:
         a9:a5:88:9c:2a:99:14:93:7e:cd:df:60:75:1c:55:7d:1b:4f:
         cb:56:70:39:2e:38:bc:42:ed:a9:7d:b7:3c:e3:07:69:74:79:
         f5:4d:0f:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oOF/FsiotYeqifdn8YK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjUwNjI4MTMwMTI2WhcNMjUwNjI5MTMwMTI2WjAzMTEwLwYDVQQD
EyhjODA0NDg2ZDY1MWExNTYyOGM2ZDE4NWM3MGE0MzA2Y2Q5MTBkZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAWClXLAYWf61KwweUkfz/zFdAZV
9GPD/w0C3u9B2ro3JD3JJHzRwPfaFd51eOQRMwTV2PzOlzfpB9H3bQkLRY48BXD9
uh3ze5gGgSMZmRBFqWYWqj6TBoOvhVgJjipId9NoZ9W7WZD/Xz3tp+ZCiObTsdqi
f4tXdVczgcYM+C81jRSgqDtE/qNC2J2gIeL1L/lZsykyASD02lGt8nVrzB8C4/tx
QpkF6Ma/ess8xa5lGSGeGH3+0lfpeKpoYfPOL1l0D9GbFghVB3z1STTyoz2r8f87
pWKeO79EDNKKaszZl8C6tU7rr1zAWVW4rme+Os9E7/dn4bc9d9WdObdTbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgESG1lGhVijG0YXHCkMGzZEN5HMB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkcO7UqQV
rYh/tsdig1LYX7wjSGFfSar/sF3CcyYuJLXVRqccTj1BRHa/Q5FSWjozC1ZQhSZc
G1tNq1U1gnWDqDCBkrtuJthep3JYbokjfmmtj3SH1SJGSkdWmvqTr1ZDNXphruSv
IdTjHiBNXfyCWqrJVGiK6ne/TKzZCrOoBBIY2rRz67c/Jhm/nVz/qM/gZfp6Kbse
A1WUycdUdgRJzwes1TlBPNAmh37TSqqQA9pcP5R8C6MeSHthyfwCUxFpWvQ60Gxf
hdf4BHOH1ynoDTp0HGpe8qZgqaWInCqZFJN+zd9gdRxVfRtPy1ZwOS44vELtqX23
POMHaXR59U0PjA==
-----END CERTIFICATE-----