Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          A44NSrSDbUYW2aHjU811LNnPtkxnEGeHX4r4MfdZtRE=
Subject key identifier:   CD:34:45:49:0C:C1:A4:94:7C:08:C1:24:5E:CE:2E:39:15:BA:AA:9C
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       0197B89077AE54443619B37EB14D95292F07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          1198
Signing time:             Sat 28 Jun 2025 22:02:44 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:44 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:44 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: BBd1iXOK8sVWAGxTr5V0hPXxSmEaBq91vjmKv5usI80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:77:ae:54:44:36:19:b3:7e:b1:4d:95:29:2f:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Jun 28 22:02:44 2025 GMT
            Not After : Jun 29 22:02:44 2025 GMT
        Subject: CN=cd3445490cc1a4947c08c1245ece2e3915baaa9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:01:95:dd:91:2d:07:14:39:37:8b:0b:8c:c3:
                    d9:bb:bc:d3:18:e9:82:c1:5a:37:a4:99:f0:cc:db:
                    f1:8f:25:fb:37:01:17:06:c6:4a:80:d4:4e:77:ef:
                    40:ca:02:90:f5:ae:1f:61:df:28:27:1e:b0:96:c6:
                    ea:38:e9:f9:9b:b3:f9:e9:05:da:06:c8:60:c7:05:
                    b7:ba:21:1a:df:ef:2c:e4:f5:c3:65:1b:e2:a9:52:
                    39:fc:88:fd:a4:31:58:b6:23:45:87:87:f3:7a:57:
                    8f:d8:d2:a8:1c:11:14:e2:3f:88:f6:7b:7f:de:33:
                    17:d0:27:69:8c:89:13:29:e1:0c:5d:93:ea:47:94:
                    42:e0:bd:9a:d7:35:00:f0:46:03:ec:40:96:8b:a5:
                    82:08:29:24:c7:ec:e2:23:82:9c:a3:fe:9f:f7:88:
                    b1:5f:30:0f:d1:d2:8f:1b:34:b8:73:25:42:71:3e:
                    94:5d:81:82:d0:57:6a:ab:12:94:ab:91:af:bb:01:
                    17:f6:35:fb:b4:ed:37:23:8d:69:5f:0e:2e:d3:40:
                    f3:82:ec:f6:0d:d9:7b:a5:1b:0c:06:5f:56:c8:9c:
                    92:d4:f9:6f:0a:be:7e:fd:ec:ed:13:4f:94:a5:28:
                    bb:d7:89:f0:86:29:3f:41:dd:f4:c9:68:0b:65:86:
                    6d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:34:45:49:0C:C1:A4:94:7C:08:C1:24:5E:CE:2E:39:15:BA:AA:9C
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:52:74:3c:d3:53:35:e6:7c:21:8d:0a:40:d4:e6:d7:6f:84:
         1a:f5:96:aa:36:9d:53:49:15:60:c9:32:fe:70:08:03:94:c8:
         4f:c6:44:df:9c:e5:60:de:95:c8:4e:17:06:34:9a:5b:b5:da:
         d5:5c:6f:12:e6:d4:e7:c2:78:55:92:e2:b4:fb:86:82:ad:38:
         db:bb:05:e6:48:c4:8d:c0:da:98:f9:63:b4:de:ec:4e:ad:76:
         0d:d6:39:c6:21:04:56:43:3c:9a:57:7a:81:be:e3:05:67:5d:
         45:6c:80:46:f3:f0:91:6d:24:10:4f:c5:3e:95:c5:79:46:7a:
         4f:a7:26:92:84:40:c9:97:8f:d4:1f:0f:a7:10:95:74:5f:74:
         d0:7c:27:e2:a4:c6:0e:20:be:52:8f:6b:31:34:4b:69:bf:ee:
         db:0c:f9:64:22:cb:f6:a5:24:da:e1:a6:8a:42:12:c8:01:ff:
         8a:a3:79:a5:a5:df:72:1d:65:7c:77:65:f9:e6:6b:db:61:5d:
         3b:11:e0:9d:70:f3:f4:f6:78:56:c1:6c:21:50:d8:d0:38:c4:
         20:64:f3:49:74:08:99:13:13:af:e2:a3:02:da:80:f7:61:5a:
         14:c7:da:06:0e:07:ac:ae:b6:7f:1a:0a:f6:72:81:a2:f9:81:
         0a:23:6d:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kHeuVEQ2GbN+sU2VKS8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjUwNjI4MjIwMjQ0WhcNMjUwNjI5MjIwMjQ0WjAzMTEwLwYDVQQD
EyhjZDM0NDU0OTBjYzFhNDk0N2MwOGMxMjQ1ZWNlMmUzOTE1YmFhYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgGV3ZEtBxQ5N4sLjMPZu7zTGOmC
wVo3pJnwzNvxjyX7NwEXBsZKgNROd+9AygKQ9a4fYd8oJx6wlsbqOOn5m7P56QXa
BshgxwW3uiEa3+8s5PXDZRviqVI5/Ij9pDFYtiNFh4fzeleP2NKoHBEU4j+I9nt/
3jMX0CdpjIkTKeEMXZPqR5RC4L2a1zUA8EYD7ECWi6WCCCkkx+ziI4Kco/6f94ix
XzAP0dKPGzS4cyVCcT6UXYGC0FdqqxKUq5GvuwEX9jX7tO03I41pXw4u00Dzguz2
Ddl7pRsMBl9WyJyS1PlvCr5+/eztE0+UpSi714nwhik/Qd30yWgLZYZtKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM00RUkMwaSUfAjBJF7OLjkVuqqcMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJFJ0PNNT
NeZ8IY0KQNTm12+EGvWWqjadU0kVYMky/nAIA5TIT8ZE35zlYN6VyE4XBjSaW7Xa
1VxvEubU58J4VZLitPuGgq0427sF5kjEjcDamPljtN7sTq12DdY5xiEEVkM8mld6
gb7jBWddRWyARvPwkW0kEE/FPpXFeUZ6T6cmkoRAyZeP1B8PpxCVdF900Hwn4qTG
DiC+Uo9rMTRLab/u2wz5ZCLL9qUk2uGmikISyAH/iqN5paXfch1lfHdl+eZr22Fd
OxHgnXDz9PZ4VsFsIVDY0DjEIGTzSXQImRMTr+KjAtqA92FaFMfaBg4HrK62fxoK
9nKBovmBCiNt9A==
-----END CERTIFICATE-----