Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          vnsGRGhDrNa2yiionP5XKfGmLd5878vQjiRgKIdBI8c=
Subject key identifier:   68:BB:88:B1:7E:78:9F:4A:B7:A1:7F:A3:83:CB:2B:B6:38:36:11:B6
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       0197B88F3D01A59E9326D1806BC86755FFF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:24 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: 3gobVkIRzycBtDGb++QHpyx2NEMq4Eh3InwCTzqfCqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:3d:01:a5:9e:93:26:d1:80:6b:c8:67:55:ff:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Jun 28 22:01:24 2025 GMT
            Not After : Jun 29 22:01:24 2025 GMT
        Subject: CN=68bb88b17e789f4ab7a17fa383cb2bb6383611b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2e:a9:c3:65:73:2d:17:89:50:46:1a:79:1f:
                    d6:12:10:20:4f:7d:ff:1a:03:7e:88:d2:9b:10:75:
                    c5:cc:a0:ee:9c:16:eb:19:c1:39:df:bb:09:38:50:
                    c2:35:7c:47:70:ad:56:64:6e:0d:55:b4:37:8c:69:
                    25:38:48:e1:61:ae:bc:f3:a9:38:d7:92:bf:c3:da:
                    a8:d0:20:8e:88:ed:36:d4:2a:1b:15:93:8c:6a:69:
                    3d:12:96:98:30:3a:57:18:38:3d:1c:71:34:e0:f5:
                    d4:36:d2:18:a2:ac:a1:1e:54:62:9a:aa:56:43:72:
                    2a:25:f8:96:7b:31:ac:33:97:47:b1:50:9e:d4:3a:
                    0a:2c:9a:f8:cd:5f:fc:2c:8c:15:13:89:c0:39:6f:
                    30:59:0a:68:04:74:f8:a7:61:85:65:b1:3d:4c:94:
                    ac:8a:5c:dd:5c:69:aa:99:eb:a3:a4:5e:9f:aa:be:
                    ae:6a:33:38:30:2e:81:53:4f:7e:42:fe:1f:26:0d:
                    78:90:ae:fa:2a:21:96:72:ed:08:38:95:b2:c8:bd:
                    c6:1e:7c:9a:39:94:8c:a4:35:ea:86:6e:e8:9c:30:
                    4c:a2:9b:fa:53:3f:e5:55:6f:5b:1c:e0:4c:74:15:
                    d5:24:9e:9b:94:a3:e7:11:97:74:97:52:32:8b:85:
                    2b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:BB:88:B1:7E:78:9F:4A:B7:A1:7F:A3:83:CB:2B:B6:38:36:11:B6
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:27:9c:28:a8:93:5f:1d:5a:15:b8:05:fe:4b:12:aa:b7:42:
         43:fe:dd:ba:e1:d4:b9:ee:6a:f6:da:67:cf:0e:b3:3d:4f:0b:
         02:5e:46:7e:ea:96:02:e6:90:50:3c:89:01:8c:eb:ac:85:e1:
         8c:f4:59:1e:aa:32:31:48:00:72:5b:a9:cc:d1:da:21:b8:44:
         bd:f0:a5:b6:bf:bd:bf:94:cf:fe:9b:0f:73:5d:bd:93:3d:d0:
         1a:30:7e:bb:46:d0:8a:c7:18:de:17:b6:bb:e4:1e:6b:1f:66:
         93:86:84:c9:54:8f:49:a1:9c:d1:11:26:22:58:47:cf:da:f7:
         de:1c:27:38:58:e8:4c:e0:00:86:5b:07:09:71:0d:ea:bc:51:
         0a:7a:af:90:83:e9:5c:a9:c5:95:e2:c0:95:d4:8b:e3:4d:07:
         f1:63:06:2c:ff:dd:be:b4:25:42:27:c8:ac:a8:32:10:2f:b2:
         3f:96:24:6c:4a:d4:40:32:71:31:a7:d5:23:75:42:e7:82:a9:
         e0:66:69:bb:86:a4:f3:43:e8:90:af:69:70:7f:02:4c:70:1a:
         76:da:82:34:5e:51:61:9b:fe:8f:0c:29:61:81:5a:f9:01:aa:
         e7:2a:59:e2:bc:18:77:79:82:d8:a2:86:8e:8a:74:4a:44:d8:
         8e:38:a7:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jz0BpZ6TJtGAa8hnVf/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUwNjI4MjIwMTI0WhcNMjUwNjI5MjIwMTI0WjAzMTEwLwYDVQQD
Eyg2OGJiODhiMTdlNzg5ZjRhYjdhMTdmYTM4M2NiMmJiNjM4MzYxMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC6pw2VzLReJUEYaeR/WEhAgT33/
GgN+iNKbEHXFzKDunBbrGcE537sJOFDCNXxHcK1WZG4NVbQ3jGklOEjhYa6886k4
15K/w9qo0CCOiO021CobFZOMamk9EpaYMDpXGDg9HHE04PXUNtIYoqyhHlRimqpW
Q3IqJfiWezGsM5dHsVCe1DoKLJr4zV/8LIwVE4nAOW8wWQpoBHT4p2GFZbE9TJSs
ilzdXGmqmeujpF6fqr6uajM4MC6BU09+Qv4fJg14kK76KiGWcu0IOJWyyL3GHnya
OZSMpDXqhm7onDBMopv6Uz/lVW9bHOBMdBXVJJ6blKPnEZd0l1Iyi4UrqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGi7iLF+eJ9Kt6F/o4PLK7Y4NhG2MB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyecKKiT
Xx1aFbgF/ksSqrdCQ/7duuHUue5q9tpnzw6zPU8LAl5GfuqWAuaQUDyJAYzrrIXh
jPRZHqoyMUgAclupzNHaIbhEvfCltr+9v5TP/psPc129kz3QGjB+u0bQiscY3he2
u+Qeax9mk4aEyVSPSaGc0REmIlhHz9r33hwnOFjoTOAAhlsHCXEN6rxRCnqvkIPp
XKnFleLAldSL400H8WMGLP/dvrQlQifIrKgyEC+yP5YkbErUQDJxMafVI3VC54Kp
4GZpu4ak80PokK9pcH8CTHAadtqCNF5RYZv+jwwpYYFa+QGq5ypZ4rwYd3mC2KKG
jop0SkTYjjiniA==
-----END CERTIFICATE-----