Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          kMUy3J7PIUy47y4AZyrrTY02qA1pDkXokApk8LMKp/c=
Subject key identifier:   5C:38:3C:37:42:FD:D4:D5:4A:A5:98:A8:E3:AD:F1:CF:45:F7:87:80
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       0197B70F46A7186D0292A1B904688C76E445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0586
Signing time:             Sat 28 Jun 2025 15:02:00 +0000
Manifest this update:     Sat 28 Jun 2025 15:02:00 +0000
Manifest next update:     Sun 29 Jun 2025 15:02:00 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: /IQOIn0DeEPxUwwnNeY1FofUmk/7wrj/NjE2BSuw6Ao=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:46:a7:18:6d:02:92:a1:b9:04:68:8c:76:e4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Jun 28 15:02:00 2025 GMT
            Not After : Jun 29 15:02:00 2025 GMT
        Subject: CN=5c383c3742fdd4d54aa598a8e3adf1cf45f78780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:37:4b:c6:dc:a0:81:a4:43:2a:58:7f:3f:cd:
                    39:1a:c6:df:39:9a:54:ee:13:c4:5e:51:82:00:63:
                    dd:3c:1c:cd:69:67:45:a6:64:f9:e7:41:56:80:d2:
                    07:f0:4d:2f:16:cb:68:19:c3:54:c9:73:00:2b:e5:
                    e3:c4:e3:92:9e:20:e7:52:c2:37:d8:9e:0e:3b:a8:
                    34:f1:ac:f2:3d:95:2e:f6:36:df:38:9c:84:83:2d:
                    5c:ce:b6:25:68:fc:60:8d:b9:00:4e:90:8f:7d:54:
                    1b:5f:a3:b4:b5:73:16:c9:96:c1:5e:9f:dd:35:98:
                    ae:41:04:25:d7:8a:da:a3:b4:a2:2e:0c:10:c9:36:
                    ad:b6:0b:37:82:39:29:fd:20:52:ea:5c:51:3d:80:
                    80:54:d7:06:e0:9a:14:56:4f:d3:6b:2b:e0:4a:0a:
                    9a:a1:d5:23:68:be:66:9f:53:2e:83:02:4e:c3:9c:
                    c0:ac:ef:b7:97:10:a7:39:49:d1:d8:0b:5b:3d:62:
                    a9:0e:2a:d8:01:5d:54:26:e3:49:05:bb:0a:0f:58:
                    06:cd:a0:b9:7c:85:d3:2b:17:4c:54:f1:07:54:05:
                    7d:ec:e4:31:b6:50:32:dd:19:75:5f:88:9b:67:f2:
                    9e:08:40:cf:57:b0:cf:73:68:bf:ed:c9:a0:58:0d:
                    e2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:38:3C:37:42:FD:D4:D5:4A:A5:98:A8:E3:AD:F1:CF:45:F7:87:80
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:b0:f3:14:58:92:df:60:1e:7c:38:05:d3:e1:bb:e1:ad:f3:
         20:9e:fa:16:0c:16:bb:33:09:19:24:e3:c9:bb:09:62:a4:de:
         53:0c:1c:b9:d6:bd:8c:b4:d4:cb:19:38:5e:57:70:20:b4:57:
         5c:e4:79:a7:2c:98:22:0f:2a:2c:ee:7c:52:e6:17:d6:5a:54:
         66:f1:59:5d:64:64:e1:20:b9:15:79:2d:26:11:06:ef:6e:14:
         aa:27:a1:d4:a6:23:81:06:04:7e:51:18:3a:0f:df:9e:05:47:
         ea:a1:3d:cb:41:68:a0:3f:8c:bd:43:26:ff:12:63:77:f3:39:
         09:b5:c3:44:68:94:d3:9b:19:05:39:db:04:60:75:d7:ed:9d:
         2b:b5:f5:a8:81:25:dc:62:21:99:d4:bd:fa:3e:c8:30:cc:ba:
         82:fb:b9:b4:d6:b5:c5:6c:79:dc:99:d3:dd:dc:db:9b:cf:ae:
         22:4d:de:fc:79:6d:c4:bc:10:8f:75:99:0a:2b:eb:7c:8a:a4:
         9c:ab:7d:33:b2:23:88:f0:ce:15:b5:73:28:1c:9a:28:57:70:
         75:bb:86:c8:b1:f1:92:da:d5:56:90:82:d4:8e:94:4b:ec:ee:
         0b:85:13:d0:e8:c2:e2:db:8f:bf:59:90:9c:d7:1f:d9:56:fa:
         e3:b8:3a:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3D0anGG0CkqG5BGiMduRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNjI4MTUwMjAwWhcNMjUwNjI5MTUwMjAwWjAzMTEwLwYDVQQD
Eyg1YzM4M2MzNzQyZmRkNGQ1NGFhNTk4YThlM2FkZjFjZjQ1Zjc4NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTdLxtyggaRDKlh/P805GsbfOZpU
7hPEXlGCAGPdPBzNaWdFpmT550FWgNIH8E0vFstoGcNUyXMAK+XjxOOSniDnUsI3
2J4OO6g08azyPZUu9jbfOJyEgy1czrYlaPxgjbkATpCPfVQbX6O0tXMWyZbBXp/d
NZiuQQQl14rao7SiLgwQyTattgs3gjkp/SBS6lxRPYCAVNcG4JoUVk/TayvgSgqa
odUjaL5mn1MugwJOw5zArO+3lxCnOUnR2AtbPWKpDirYAV1UJuNJBbsKD1gGzaC5
fIXTKxdMVPEHVAV97OQxtlAy3Rl1X4ibZ/KeCEDPV7DPc2i/7cmgWA3iKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw4PDdC/dTVSqWYqOOt8c9F94eAMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrDzFFiS
32AefDgF0+G74a3zIJ76FgwWuzMJGSTjybsJYqTeUwwcuda9jLTUyxk4XldwILRX
XOR5pyyYIg8qLO58UuYX1lpUZvFZXWRk4SC5FXktJhEG724Uqieh1KYjgQYEflEY
Og/fngVH6qE9y0FooD+MvUMm/xJjd/M5CbXDRGiU05sZBTnbBGB11+2dK7X1qIEl
3GIhmdS9+j7IMMy6gvu5tNa1xWx53JnT3dzbm8+uIk3e/HltxLwQj3WZCivrfIqk
nKt9M7IjiPDOFbVzKByaKFdwdbuGyLHxktrVVpCC1I6US+zuC4UT0OjC4tuPv1mQ
nNcf2Vb647g64g==
-----END CERTIFICATE-----