Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          BjxE5XjqvGo4WxkkTACym7i70rcfcc5hRngKtG3Cn28=
Subject key identifier:   53:2C:40:62:D3:3B:0B:AD:DA:7B:4B:2D:05:66:1E:26:96:21:26:8D
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       0197B7EA231A3CCF486D36F3328D70EFA71B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 19:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:04 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: 4OqTlsiy1HNBwUufjiMv25OFekEFFdI5T3bhr+niDzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:23:1a:3c:cf:48:6d:36:f3:32:8d:70:ef:a7:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Jun 28 19:01:04 2025 GMT
            Not After : Jun 29 19:01:04 2025 GMT
        Subject: CN=532c4062d33b0badda7b4b2d05661e269621268d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0b:9d:7c:13:c3:25:ff:fd:16:8d:51:2c:f1:
                    01:19:31:95:a5:6b:58:0c:06:e8:8a:36:c8:da:73:
                    20:05:f5:92:b9:ba:31:47:4e:a3:e1:3b:bb:7c:b6:
                    0b:e0:bd:a5:bb:d9:85:27:1b:25:a9:a3:06:4d:36:
                    02:07:90:5f:b3:36:d7:50:02:08:5e:11:01:9f:d0:
                    f6:a0:73:5a:81:f5:3d:8f:16:19:06:3a:d8:81:eb:
                    f6:2d:88:f1:ba:b7:7e:01:e6:32:ba:be:77:10:56:
                    86:6c:c6:7a:6e:36:cd:f0:c5:eb:d8:a6:e5:38:65:
                    36:a6:98:bb:3a:94:5a:75:e9:c0:55:6e:21:63:f5:
                    04:97:1d:47:ec:d2:b2:dc:4a:49:74:5e:7e:25:19:
                    86:65:86:7c:da:d8:30:af:5b:8e:12:bf:fa:e2:95:
                    4f:f6:52:b7:4b:fd:0f:bd:6f:6c:ab:38:56:fb:b6:
                    d4:33:b5:73:df:2f:95:b1:93:6b:36:14:c4:b1:09:
                    d1:49:1f:f0:bf:fd:98:79:09:fe:3f:2f:96:b3:ba:
                    a6:09:38:b9:21:d8:95:d3:aa:55:e0:eb:c9:48:cb:
                    b7:8e:b3:7e:90:ac:f8:87:6b:af:ec:29:6f:9d:a7:
                    0e:98:a6:e1:a7:d9:af:a7:43:80:60:89:7f:74:b8:
                    8b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:2C:40:62:D3:3B:0B:AD:DA:7B:4B:2D:05:66:1E:26:96:21:26:8D
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:6b:c9:f7:d4:18:5b:1d:27:0d:27:72:20:6e:ad:bf:68:7e:
         42:d4:ae:63:08:d6:ef:80:41:f6:b4:67:dd:43:b2:88:ff:d1:
         d8:d4:de:20:73:6a:f8:75:6e:29:a7:15:32:d4:de:50:b7:50:
         f2:d1:11:32:2e:4f:3b:b3:7c:7c:a3:56:2d:d6:24:8c:2e:00:
         29:4f:d4:6d:7d:c4:f9:04:c6:41:ec:75:5a:f3:f0:02:64:ab:
         c0:7a:d5:60:a7:e3:0f:89:ed:e8:90:9b:b6:4a:19:ed:db:a7:
         4a:cf:b5:3e:d9:52:0a:86:bb:49:b6:d2:ae:2f:8f:4a:52:e0:
         d6:94:39:64:19:1b:4e:8b:32:67:eb:7d:a4:b0:b4:f6:bd:2f:
         cd:bb:f5:bf:fa:4e:91:e0:60:b4:71:46:1a:bc:72:4e:39:02:
         08:53:16:e2:0c:a9:d8:b4:b1:36:02:bf:2e:f7:4b:41:04:e7:
         7e:32:f4:82:f8:5a:e3:d1:7b:e9:83:47:b4:14:3f:a0:e0:0d:
         d6:fb:2f:a7:a1:e0:b9:73:dd:3b:a5:d9:20:84:87:99:8e:7b:
         2b:65:9c:2c:21:84:3e:b4:51:04:a6:8a:28:29:8f:75:de:54:
         7b:96:a0:53:71:da:bf:08:b7:59:15:08:71:30:85:5e:4d:73:
         1f:20:b4:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36iMaPM9IbTbzMo1w76cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwNjI4MTkwMTA0WhcNMjUwNjI5MTkwMTA0WjAzMTEwLwYDVQQD
Eyg1MzJjNDA2MmQzM2IwYmFkZGE3YjRiMmQwNTY2MWUyNjk2MjEyNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwudfBPDJf/9Fo1RLPEBGTGVpWtY
DAboijbI2nMgBfWSuboxR06j4Tu7fLYL4L2lu9mFJxslqaMGTTYCB5BfszbXUAII
XhEBn9D2oHNagfU9jxYZBjrYgev2LYjxurd+AeYyur53EFaGbMZ6bjbN8MXr2Kbl
OGU2ppi7OpRadenAVW4hY/UElx1H7NKy3EpJdF5+JRmGZYZ82tgwr1uOEr/64pVP
9lK3S/0PvW9sqzhW+7bUM7Vz3y+VsZNrNhTEsQnRSR/wv/2YeQn+Py+Ws7qmCTi5
IdiV06pV4OvJSMu3jrN+kKz4h2uv7ClvnacOmKbhp9mvp0OAYIl/dLiL2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMsQGLTOwut2ntLLQVmHiaWISaNMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmvJ99QY
Wx0nDSdyIG6tv2h+QtSuYwjW74BB9rRn3UOyiP/R2NTeIHNq+HVuKacVMtTeULdQ
8tERMi5PO7N8fKNWLdYkjC4AKU/UbX3E+QTGQex1WvPwAmSrwHrVYKfjD4nt6JCb
tkoZ7dunSs+1PtlSCoa7SbbSri+PSlLg1pQ5ZBkbTosyZ+t9pLC09r0vzbv1v/pO
keBgtHFGGrxyTjkCCFMW4gyp2LSxNgK/LvdLQQTnfjL0gvha49F76YNHtBQ/oOAN
1vsvp6HguXPdO6XZIISHmY57K2WcLCGEPrRRBKaKKCmPdd5Ue5agU3Havwi3WRUI
cTCFXk1zHyC00g==
-----END CERTIFICATE-----