Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          wthPDjutkgRakJqdMF10de8THF9TTuxYsFU5glRKNe0=
Subject key identifier:   AE:53:95:9E:F1:A2:69:8B:B6:FB:FF:09:1B:FF:FE:48:2B:33:3A:E6
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       0197B6D7B45E44E71C9898EF3C48CF498BA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          052B
Signing time:             Sat 28 Jun 2025 14:01:19 +0000
Manifest this update:     Sat 28 Jun 2025 14:01:19 +0000
Manifest next update:     Sun 29 Jun 2025 14:01:19 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: QF3nl0x49tqOWq9Lbvm0DSXwYddNaixutOuusUQpMBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 14:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:d7:b4:5e:44:e7:1c:98:98:ef:3c:48:cf:49:8b:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Jun 28 14:01:19 2025 GMT
            Not After : Jun 29 14:01:19 2025 GMT
        Subject: CN=ae53959ef1a2698bb6fbff091bfffe482b333ae6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:61:c3:a0:b4:c3:f3:19:2e:44:38:1a:17:ca:
                    8f:dd:49:dc:05:1f:af:32:47:22:43:76:60:a1:dd:
                    f9:9a:9d:71:a2:15:22:43:2a:79:2f:16:8a:07:69:
                    18:72:70:41:b7:a1:02:ed:89:37:3b:26:a3:71:bb:
                    0d:bb:5b:e4:e0:75:ab:cc:84:09:5d:be:0e:7e:53:
                    c3:90:a1:1c:dd:c4:56:62:f7:44:cc:37:81:74:c0:
                    bc:3c:2c:d0:d0:db:48:1d:cc:12:8c:62:5b:62:a4:
                    f6:72:f4:00:ff:ea:4f:aa:7f:c7:48:ff:18:49:56:
                    9d:f4:92:34:2c:fd:8d:1d:25:54:97:ca:2e:1f:ca:
                    ec:69:2a:a6:26:f5:9c:a2:61:79:9b:bd:af:54:88:
                    3e:4d:05:af:9f:84:42:59:50:7c:be:cc:d1:a6:79:
                    84:2b:cc:a6:57:66:55:7f:3e:21:19:8f:b2:88:f5:
                    97:6e:ca:95:9a:5d:7d:f8:6b:39:56:89:3c:5a:0e:
                    a9:3e:ba:98:cd:3d:f1:93:26:06:bd:79:df:8e:fe:
                    66:49:79:98:61:1a:93:fd:a1:50:44:1d:04:34:fb:
                    53:a4:ed:4b:ce:f1:b3:1d:e8:7b:26:3a:2a:a9:0d:
                    0c:65:8d:4d:a9:61:9c:89:38:dd:01:2a:79:c9:ad:
                    cb:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:53:95:9E:F1:A2:69:8B:B6:FB:FF:09:1B:FF:FE:48:2B:33:3A:E6
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:2c:08:80:59:ea:97:c9:f6:be:a3:da:d2:ba:23:79:2d:aa:
         29:72:e7:2b:05:3c:dd:d1:cc:d5:02:97:71:fc:aa:13:24:4d:
         c3:1a:ed:28:9e:e0:55:71:74:de:ca:23:22:3d:02:47:af:65:
         40:e0:65:74:9e:68:60:87:c4:fa:08:20:40:9b:75:75:5e:f8:
         96:5c:33:23:07:61:16:18:6d:7a:40:a6:68:96:ad:83:1c:be:
         f6:ae:5f:7a:39:d0:61:e5:35:b1:c9:a7:d5:ef:4e:72:6a:fe:
         0a:72:53:a4:0b:cb:0e:2b:a1:7c:c4:cb:79:dd:f7:96:79:c7:
         42:f6:a0:db:6a:fb:bd:ff:9e:51:cf:37:c6:2a:ee:e8:6b:7a:
         cb:94:f3:c1:29:94:b4:4b:66:24:cc:ef:0d:f6:2a:4d:d3:8f:
         cb:2f:65:28:58:76:7f:55:69:54:d1:dd:76:52:cc:91:69:a6:
         d7:43:03:6b:9a:83:87:5d:73:1f:a5:63:85:43:eb:9e:d2:56:
         57:6c:28:e5:1a:fe:ea:fa:c9:d8:2d:d9:49:b2:d9:3e:7f:8c:
         54:5e:49:f5:77:e0:a6:51:6f:00:6d:37:b9:b8:1b:7f:d8:ab:
         ef:5d:1e:60:cc:1e:b2:85:2c:1f:6d:2d:36:d9:9f:d6:45:46:
         13:bf:56:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe217ReROccmJjvPEjPSYuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNjI4MTQwMTE5WhcNMjUwNjI5MTQwMTE5WjAzMTEwLwYDVQQD
EyhhZTUzOTU5ZWYxYTI2OThiYjZmYmZmMDkxYmZmZmU0ODJiMzMzYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2HDoLTD8xkuRDgaF8qP3UncBR+v
MkciQ3Zgod35mp1xohUiQyp5LxaKB2kYcnBBt6EC7Yk3OyajcbsNu1vk4HWrzIQJ
Xb4OflPDkKEc3cRWYvdEzDeBdMC8PCzQ0NtIHcwSjGJbYqT2cvQA/+pPqn/HSP8Y
SVad9JI0LP2NHSVUl8ouH8rsaSqmJvWcomF5m72vVIg+TQWvn4RCWVB8vszRpnmE
K8ymV2ZVfz4hGY+yiPWXbsqVml19+Gs5Vok8Wg6pPrqYzT3xkyYGvXnfjv5mSXmY
YRqT/aFQRB0ENPtTpO1LzvGzHeh7JjoqqQ0MZY1NqWGciTjdASp5ya3LkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5TlZ7xommLtvv/CRv//kgrMzrmMB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSwIgFnq
l8n2vqPa0rojeS2qKXLnKwU83dHM1QKXcfyqEyRNwxrtKJ7gVXF03sojIj0CR69l
QOBldJ5oYIfE+gggQJt1dV74llwzIwdhFhhtekCmaJatgxy+9q5fejnQYeU1scmn
1e9Ocmr+CnJTpAvLDiuhfMTLed33lnnHQvag22r7vf+eUc83xiru6Gt6y5TzwSmU
tEtmJMzvDfYqTdOPyy9lKFh2f1VpVNHddlLMkWmm10MDa5qDh11zH6VjhUPrntJW
V2wo5Rr+6vrJ2C3ZSbLZPn+MVF5J9XfgplFvAG03ubgbf9ir710eYMwesoUsH20t
Ntmf1kVGE79W1A==
-----END CERTIFICATE-----