Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          EduXMgzD7GpfCUD0EeRc3vNjf3v00QZO6KIc49qtsZ4=
Subject key identifier:   6A:19:8C:69:F2:8D:C6:C5:81:AA:0C:8B:DF:88:E0:07:D0:20:96:09
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0196B85A2786128E6308022AE2827755941D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          0616
Signing time:             Sat 10 May 2025 04:00:37 +0000
Manifest this update:     Sat 10 May 2025 04:00:37 +0000
Manifest next update:     Sun 11 May 2025 04:00:37 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: CqWvai7OrGx6o2y18WBJzqL/xi+Fn0f4d5KZVynbf+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:5a:27:86:12:8e:63:08:02:2a:e2:82:77:55:94:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: May 10 04:00:37 2025 GMT
            Not After : May 11 04:00:37 2025 GMT
        Subject: CN=6a198c69f28dc6c581aa0c8bdf88e007d0209609
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:f8:26:9f:ce:43:9d:9c:d1:c6:9f:cd:dc:07:
                    bc:fa:9b:22:eb:c5:09:be:be:d7:a9:d3:3a:1c:ef:
                    c1:b3:d8:6e:d8:6d:d4:50:35:ef:b8:0b:d2:6b:26:
                    69:d3:54:fd:17:cc:d1:51:0c:a1:30:f8:2e:ef:fb:
                    15:a2:e6:e6:43:aa:b9:de:91:c6:19:42:91:92:28:
                    92:86:5e:02:cd:44:91:29:4f:76:3b:b3:e2:5b:93:
                    21:25:85:71:ee:21:52:cb:e0:c3:74:cf:0f:b3:fc:
                    a6:14:75:20:68:92:d6:c5:bb:13:23:86:bc:65:1e:
                    b7:15:c5:30:8e:34:13:ce:ec:e4:60:18:48:7a:03:
                    b9:4f:aa:14:94:9c:bb:96:56:2c:1e:05:1e:de:30:
                    5b:f5:cf:9a:f6:25:3b:53:1e:38:07:62:65:fc:dd:
                    ae:33:26:ae:0b:ee:88:35:64:37:1b:4a:a9:82:91:
                    04:3e:6d:b3:08:ad:fd:0e:2d:22:e2:00:bd:1b:c3:
                    10:42:66:63:95:f9:f1:be:6f:aa:c1:fb:2d:77:e7:
                    53:37:dc:df:d0:a8:1c:5a:ea:20:51:70:79:67:a4:
                    3e:fd:6d:c4:c6:51:36:09:d4:8e:fb:40:09:fe:07:
                    cc:ba:25:30:20:54:41:da:3b:15:49:e0:a6:23:06:
                    ba:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:19:8C:69:F2:8D:C6:C5:81:AA:0C:8B:DF:88:E0:07:D0:20:96:09
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:a7:ad:66:2f:e0:6b:39:01:75:e5:c9:68:35:be:72:e5:e3:
         00:7a:2d:a9:d5:c3:6d:3e:27:82:17:50:7e:78:97:ae:8b:a9:
         60:4d:a5:12:43:86:82:64:78:11:92:f9:ce:23:f9:e0:9b:b5:
         1c:55:16:a6:d0:a3:35:c3:f6:bf:ae:40:cf:ef:5f:cc:25:db:
         64:19:d3:bc:d2:36:f1:77:fa:99:68:0f:08:50:8e:c4:21:d6:
         85:a5:40:a0:f0:fa:1d:8a:0c:cf:52:a3:52:ed:cc:43:e0:e7:
         9b:ca:60:c5:1a:f8:c7:f6:9d:cd:d2:c9:17:77:3d:aa:7f:e6:
         f1:60:52:f5:7e:f0:29:29:cb:55:89:10:0e:d9:32:08:31:93:
         4a:0b:86:02:00:1b:24:e8:ea:2d:53:c9:3e:71:2c:88:0e:f1:
         e5:dd:12:9d:90:4b:83:e3:d5:a1:0f:ee:de:45:74:6d:d5:19:
         ac:19:cf:1d:0a:9a:89:11:63:8b:a3:65:d1:ce:b5:e3:14:e6:
         37:83:5a:72:53:93:f5:15:4d:ec:e5:88:dd:da:18:a2:24:9d:
         57:30:d8:5e:1a:b4:91:ce:32:06:24:80:61:a6:bb:0d:28:68:
         5e:68:cb:0b:25:41:85:d1:db:ca:dc:b6:a2:08:52:26:62:98:
         00:7f:93:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4WieGEo5jCAIq4oJ3VZQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwNTEwMDQwMDM3WhcNMjUwNTExMDQwMDM3WjAzMTEwLwYDVQQD
Eyg2YTE5OGM2OWYyOGRjNmM1ODFhYTBjOGJkZjg4ZTAwN2QwMjA5NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/gmn85DnZzRxp/N3Ae8+psi68UJ
vr7XqdM6HO/Bs9hu2G3UUDXvuAvSayZp01T9F8zRUQyhMPgu7/sVoubmQ6q53pHG
GUKRkiiShl4CzUSRKU92O7PiW5MhJYVx7iFSy+DDdM8Ps/ymFHUgaJLWxbsTI4a8
ZR63FcUwjjQTzuzkYBhIegO5T6oUlJy7llYsHgUe3jBb9c+a9iU7Ux44B2Jl/N2u
MyauC+6INWQ3G0qpgpEEPm2zCK39Di0i4gC9G8MQQmZjlfnxvm+qwfstd+dTN9zf
0KgcWuogUXB5Z6Q+/W3ExlE2CdSO+0AJ/gfMuiUwIFRB2jsVSeCmIwa6owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGoZjGnyjcbFgaoMi9+I4AfQIJYJMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaetZi/g
azkBdeXJaDW+cuXjAHotqdXDbT4nghdQfniXroupYE2lEkOGgmR4EZL5ziP54Ju1
HFUWptCjNcP2v65Az+9fzCXbZBnTvNI28Xf6mWgPCFCOxCHWhaVAoPD6HYoMz1Kj
Uu3MQ+Dnm8pgxRr4x/adzdLJF3c9qn/m8WBS9X7wKSnLVYkQDtkyCDGTSguGAgAb
JOjqLVPJPnEsiA7x5d0SnZBLg+PVoQ/u3kV0bdUZrBnPHQqaiRFji6Nl0c614xTm
N4NaclOT9RVN7OWI3doYoiSdVzDYXhq0kc4yBiSAYaa7DShoXmjLCyVBhdHbyty2
oghSJmKYAH+TnA==
-----END CERTIFICATE-----