Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          cwp6Hen5bshxkuBSumuTK63d6J4nnXGED7ZgT0J2LCs=
Subject key identifier:   54:C3:60:48:03:F5:8F:9A:FE:5D:17:F4:66:08:4C:4B:0C:FA:14:48
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       0197B70E8B10E8CDB66699863AD7BEC3AFDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0A9C
Signing time:             Sat 28 Jun 2025 15:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:12 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: qIBAt5x6sOR21tzhwob8wtpOYLgYqlqCOnDtNR7nMSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:8b:10:e8:cd:b6:66:99:86:3a:d7:be:c3:af:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Jun 28 15:01:12 2025 GMT
            Not After : Jun 29 15:01:12 2025 GMT
        Subject: CN=54c3604803f58f9afe5d17f466084c4b0cfa1448
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f4:5c:e9:b6:f8:c4:c9:9a:7c:4c:55:58:e3:
                    15:8c:32:8f:95:04:a1:7b:58:6e:2d:4c:59:84:ad:
                    d2:30:38:ba:10:66:65:f7:85:15:b2:53:8f:42:49:
                    cf:a6:70:1a:53:5f:4b:d1:a0:46:2a:d5:27:7b:ad:
                    3f:2a:8a:1b:73:e3:48:46:47:df:39:64:ac:1b:8e:
                    37:f9:86:70:34:e6:4b:c8:cc:7e:19:f4:fa:44:a2:
                    6a:ff:c3:66:c9:b6:e8:1a:c2:3b:90:ef:91:b4:f8:
                    08:31:6d:ac:5d:07:f3:49:ef:b3:32:2d:30:d7:37:
                    32:bb:d7:2e:6f:2e:e0:20:2b:1f:c1:d8:f0:11:69:
                    3f:d4:21:df:4d:85:ae:3e:76:18:8c:1e:c9:05:be:
                    39:16:ea:4c:c2:4e:45:73:3e:75:ce:5c:2a:3d:99:
                    60:d4:a7:77:4f:04:1c:c9:92:07:b5:10:78:73:35:
                    93:2b:c2:3f:dd:8a:b5:2a:5b:15:45:dd:52:c3:27:
                    1a:65:dd:af:48:8d:02:f2:b6:fa:40:48:d2:25:b7:
                    ce:50:8e:b1:48:45:fc:98:bd:00:84:13:b5:39:bb:
                    f6:c0:0d:b8:96:82:7f:fd:ef:18:21:40:3a:9d:19:
                    6f:a4:74:d1:50:f7:fb:c1:40:40:d0:5b:02:a3:43:
                    1b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C3:60:48:03:F5:8F:9A:FE:5D:17:F4:66:08:4C:4B:0C:FA:14:48
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:e4:d9:3c:fd:15:3b:36:9f:08:48:19:f0:c6:04:be:f8:8b:
         03:e2:2e:14:7d:85:3e:a5:fa:a7:10:88:1f:e1:08:0f:85:f9:
         52:5d:db:e3:b3:60:13:5d:c9:3c:2f:da:8d:de:aa:b7:6e:f8:
         a5:7f:c6:7c:04:28:c7:80:61:ff:c9:7c:f1:40:2e:73:8c:a6:
         33:49:cf:d4:f5:89:06:c2:c1:2e:9b:be:55:52:39:89:20:f4:
         a4:11:a2:d9:de:5c:f9:e2:92:2f:bf:f1:6b:53:cb:26:5c:88:
         fc:05:72:70:74:14:75:10:25:7f:7a:b8:a9:94:13:27:8f:3e:
         7d:f9:44:6a:43:5a:1e:46:c9:74:af:f7:90:a7:b3:59:48:61:
         96:8c:d9:59:89:f8:77:d0:25:00:01:df:0d:34:60:3e:f8:a5:
         7b:c5:cb:12:18:a9:ae:47:62:0f:97:4f:db:c6:95:a2:8e:1f:
         14:a7:0c:68:d5:02:e6:35:d1:93:db:92:b7:c1:9d:26:27:e4:
         94:a3:3b:20:5c:b8:cf:52:a9:e4:aa:9d:1b:09:47:03:60:81:
         79:6d:cf:3a:49:45:be:32:7a:cf:c8:7c:0e:39:62:d7:35:3e:
         d6:1a:7f:83:01:3a:d6:1e:79:76:cc:7a:9b:35:13:9c:86:0c:
         fc:85:78:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DosQ6M22ZpmGOte+w6/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjUwNjI4MTUwMTEyWhcNMjUwNjI5MTUwMTEyWjAzMTEwLwYDVQQD
Eyg1NGMzNjA0ODAzZjU4ZjlhZmU1ZDE3ZjQ2NjA4NGM0YjBjZmExNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivRc6bb4xMmafExVWOMVjDKPlQSh
e1huLUxZhK3SMDi6EGZl94UVslOPQknPpnAaU19L0aBGKtUne60/Koobc+NIRkff
OWSsG443+YZwNOZLyMx+GfT6RKJq/8NmybboGsI7kO+RtPgIMW2sXQfzSe+zMi0w
1zcyu9cuby7gICsfwdjwEWk/1CHfTYWuPnYYjB7JBb45FupMwk5Fcz51zlwqPZlg
1Kd3TwQcyZIHtRB4czWTK8I/3Yq1KlsVRd1SwycaZd2vSI0C8rb6QEjSJbfOUI6x
SEX8mL0AhBO1Obv2wA24loJ//e8YIUA6nRlvpHTRUPf7wUBA0FsCo0MbSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTDYEgD9Y+a/l0X9GYITEsM+hRIMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn+TZPP0V
OzafCEgZ8MYEvviLA+IuFH2FPqX6pxCIH+EID4X5Ul3b47NgE13JPC/ajd6qt274
pX/GfAQox4Bh/8l88UAuc4ymM0nP1PWJBsLBLpu+VVI5iSD0pBGi2d5c+eKSL7/x
a1PLJlyI/AVycHQUdRAlf3q4qZQTJ48+fflEakNaHkbJdK/3kKezWUhhlozZWYn4
d9AlAAHfDTRgPvile8XLEhiprkdiD5dP28aVoo4fFKcMaNUC5jXRk9uSt8GdJifk
lKM7IFy4z1Kp5KqdGwlHA2CBeW3POklFvjJ6z8h8Djli1zU+1hp/gwE61h55dsx6
mzUTnIYM/IV49w==
-----END CERTIFICATE-----