Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          TN8AR0NBy7TfgnoVWMpM1fSPq3FepFTJGhryJ+ozgiI=
Subject key identifier:   9E:DC:9B:B6:FD:95:7E:3B:EE:84:26:D6:7C:6B:56:F5:68:C6:34:0C
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0197B7454485143A7738991BAE3B624FECF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          069A
Signing time:             Sat 28 Jun 2025 16:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:59 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: tyvzqUGZ46nlzZV5n94Kfrnp8IWhwJ+tunjqPyQlXjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:44:85:14:3a:77:38:99:1b:ae:3b:62:4f:ec:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Jun 28 16:00:59 2025 GMT
            Not After : Jun 29 16:00:59 2025 GMT
        Subject: CN=9edc9bb6fd957e3bee8426d67c6b56f568c6340c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6d:a2:9a:81:52:91:32:c0:e5:a6:d0:06:07:
                    a3:bf:bb:2d:ba:a6:88:fe:45:38:e9:e4:a4:59:fc:
                    5c:d8:f9:92:53:8d:91:02:98:2c:56:07:b2:fa:87:
                    d6:43:cf:9e:d0:29:87:36:64:d5:8a:85:e0:78:7f:
                    c9:33:29:ea:60:02:1e:5a:bb:e4:5f:6e:81:48:93:
                    f8:fc:6d:a5:3d:07:b5:a0:f4:9b:4e:0e:a2:06:17:
                    fd:b8:22:8b:3b:72:ad:23:7f:d6:56:ee:a2:97:75:
                    88:ef:43:d3:af:21:34:0e:2e:13:a4:75:93:35:2f:
                    a0:f8:8a:fa:80:e6:04:bf:ca:0f:e8:7f:98:ee:61:
                    dd:26:93:51:2d:7d:d6:13:5a:cd:5c:55:c0:98:43:
                    3a:af:ae:2a:92:8d:74:08:d5:3c:5a:78:2a:64:54:
                    8f:54:3d:9b:45:f2:cb:83:09:c8:06:f4:d7:f2:36:
                    0e:57:0f:51:61:28:6a:32:ee:bc:73:85:94:69:a2:
                    ec:78:75:ad:78:a7:fb:9d:db:d6:1c:f4:d5:2e:af:
                    8b:63:d1:92:58:2c:c2:83:93:fa:cc:68:15:ab:3d:
                    bb:7e:c5:ee:bb:03:62:76:ff:b5:79:d5:bf:96:6a:
                    e3:ae:da:11:58:b0:ff:dd:8c:d7:ea:4b:3b:37:52:
                    93:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:DC:9B:B6:FD:95:7E:3B:EE:84:26:D6:7C:6B:56:F5:68:C6:34:0C
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:6d:67:22:e2:d9:d3:3c:60:06:b7:d7:ab:98:b3:59:c9:21:
         96:2c:c2:44:a2:1b:8e:08:a5:4a:81:c1:f6:19:c9:ea:b9:73:
         72:b1:be:a9:c9:8f:40:30:85:96:0c:b8:b8:14:e0:e2:e4:e7:
         6b:b2:0a:11:2d:3f:f9:51:dc:78:cb:03:c6:ac:9b:69:ee:f2:
         0a:36:c4:12:41:83:a2:bd:53:08:d2:67:48:17:0c:17:fc:05:
         ac:e5:3a:af:8a:a5:ce:87:50:70:72:99:4f:34:ea:3f:9b:2d:
         e2:9e:e9:d8:16:7c:55:b4:c3:90:15:36:b4:9c:94:54:d3:ae:
         e2:17:81:96:04:0a:c6:ed:f7:82:61:b1:08:4d:8c:76:47:a2:
         3f:96:e1:c2:06:34:fd:86:d3:93:3f:2b:39:70:ee:ec:4e:69:
         56:8e:5f:09:ff:8b:0f:9f:40:23:df:0d:14:31:0c:a7:d2:c3:
         45:a9:bd:e6:62:c4:58:2e:bf:28:15:d5:62:76:3b:c3:01:81:
         ec:d4:80:8a:d9:e8:3f:4f:38:98:73:58:70:73:ff:33:7a:61:
         b4:fd:3a:f3:99:ae:fa:68:2e:12:f3:95:27:66:a0:c8:a6:32:
         f9:6b:25:d2:12:43:f8:95:4a:d8:92:f2:fc:a3:a8:3d:c0:30:
         b0:16:1d:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RUSFFDp3OJkbrjtiT+zwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwNjI4MTYwMDU5WhcNMjUwNjI5MTYwMDU5WjAzMTEwLwYDVQQD
Eyg5ZWRjOWJiNmZkOTU3ZTNiZWU4NDI2ZDY3YzZiNTZmNTY4YzYzNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm2imoFSkTLA5abQBgejv7stuqaI
/kU46eSkWfxc2PmSU42RApgsVgey+ofWQ8+e0CmHNmTVioXgeH/JMynqYAIeWrvk
X26BSJP4/G2lPQe1oPSbTg6iBhf9uCKLO3KtI3/WVu6il3WI70PTryE0Di4TpHWT
NS+g+Ir6gOYEv8oP6H+Y7mHdJpNRLX3WE1rNXFXAmEM6r64qko10CNU8WngqZFSP
VD2bRfLLgwnIBvTX8jYOVw9RYShqMu68c4WUaaLseHWteKf7ndvWHPTVLq+LY9GS
WCzCg5P6zGgVqz27fsXuuwNidv+1edW/lmrjrtoRWLD/3YzX6ks7N1KTcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7cm7b9lX477oQm1nxrVvVoxjQMMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMm1nIuLZ
0zxgBrfXq5izWckhlizCRKIbjgilSoHB9hnJ6rlzcrG+qcmPQDCFlgy4uBTg4uTn
a7IKES0/+VHceMsDxqybae7yCjbEEkGDor1TCNJnSBcMF/wFrOU6r4qlzodQcHKZ
TzTqP5st4p7p2BZ8VbTDkBU2tJyUVNOu4heBlgQKxu33gmGxCE2MdkeiP5bhwgY0
/YbTkz8rOXDu7E5pVo5fCf+LD59AI98NFDEMp9LDRam95mLEWC6/KBXVYnY7wwGB
7NSAitnoP084mHNYcHP/M3phtP0685mu+mguEvOVJ2agyKYy+Wsl0hJD+JVK2JLy
/KOoPcAwsBYdPA==
-----END CERTIFICATE-----