Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          mTz0D49f2ktyUkeeWrdB/vws2NZHnohR0mKR1pq0izQ=
Subject key identifier:   26:0D:DD:93:E6:16:45:D4:66:34:8A:A9:41:A9:A7:EC:36:12:BC:78
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       0197B70ED75B4BD5E9F2645CD3A0512260BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          11CC
Signing time:             Sat 28 Jun 2025 15:01:32 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:32 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:32 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: aZ7OY8BtViIbmNDg96D3EOW2hkcOKqPseM2BjKA0ZaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:d7:5b:4b:d5:e9:f2:64:5c:d3:a0:51:22:60:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Jun 28 15:01:32 2025 GMT
            Not After : Jun 29 15:01:32 2025 GMT
        Subject: CN=260ddd93e61645d466348aa941a9a7ec3612bc78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:48:ec:71:5e:6d:a3:ce:10:3c:be:03:41:69:
                    ac:95:8a:e9:83:d9:7c:2e:ba:85:ca:2c:3b:8e:77:
                    82:44:3d:05:85:4e:ff:45:52:2f:aa:6d:81:38:1b:
                    4e:74:38:57:88:ba:73:c8:b5:d3:a2:88:a2:ea:d3:
                    ff:75:5d:9a:d5:66:ee:44:86:e5:66:42:3f:46:bd:
                    61:02:21:35:9a:55:4a:80:b2:9c:08:43:25:23:d7:
                    63:0f:60:0d:4a:b5:c4:84:f5:9f:4c:c8:bf:04:41:
                    91:a6:c6:6c:94:e1:75:73:e0:36:78:b6:89:32:46:
                    7a:6c:e0:c4:ef:64:8c:88:81:bc:a2:32:ed:be:88:
                    dc:a8:c7:af:59:f0:02:9e:90:e6:14:80:38:4c:bb:
                    de:5c:f7:49:a5:82:bd:0d:79:97:c6:23:21:18:c3:
                    7f:7d:09:73:b8:c0:7f:d1:84:9b:ee:de:9d:08:ac:
                    29:f1:ea:0f:c5:86:79:58:6b:da:d0:66:cb:9b:c5:
                    27:c8:7f:5f:50:12:b9:b7:9b:bc:7e:06:e3:e4:27:
                    96:0c:65:3a:cc:0e:fd:9c:6b:49:d4:fc:3f:f2:47:
                    df:6b:90:b2:4d:0e:36:72:00:25:73:3e:13:41:b8:
                    3d:b0:08:8f:f1:2a:bf:6e:b3:07:34:22:45:26:ac:
                    c0:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:0D:DD:93:E6:16:45:D4:66:34:8A:A9:41:A9:A7:EC:36:12:BC:78
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:21:39:80:82:59:a9:58:ea:35:9e:ba:5f:ac:49:15:c1:4e:
         31:24:26:fb:87:c4:a2:49:db:58:38:e9:b3:2e:f6:f1:9d:56:
         9b:df:bc:cf:8d:1b:c7:59:f8:96:e7:17:c2:95:c5:e2:70:8e:
         1e:7f:5a:db:70:2c:38:f4:82:2f:78:bd:5b:59:5d:5d:26:43:
         68:58:4b:6d:38:2e:f1:f6:da:82:e7:65:8c:1d:4f:d7:6c:4c:
         d1:74:c2:35:5c:64:c6:4c:7e:e6:a7:c6:4f:aa:c7:3a:d0:cb:
         76:c4:71:1d:46:1f:96:1f:ac:7b:c7:f0:eb:e9:06:81:09:93:
         df:ee:75:7f:4b:9f:1a:d5:49:9a:29:93:fd:bb:9d:21:3f:09:
         8d:4e:23:89:f8:13:d1:f2:69:c5:f8:89:25:78:43:24:8e:61:
         96:6f:dd:76:d8:ec:af:40:27:72:d8:cf:b5:26:fa:a6:4f:f4:
         24:7d:5b:b6:6d:69:16:c5:43:19:0e:26:b0:53:b2:52:10:0c:
         b2:6e:13:08:7f:e8:9e:34:ab:a5:a2:91:40:95:2b:8f:66:4d:
         ec:62:58:83:73:84:69:24:77:3b:dd:dc:08:f5:88:d8:b3:f7:
         c7:6b:f9:e8:cd:46:20:6f:30:dd:1b:b2:a3:cb:ab:f4:e6:c0:
         ad:59:5e:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DtdbS9Xp8mRc06BRImC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUwNjI4MTUwMTMyWhcNMjUwNjI5MTUwMTMyWjAzMTEwLwYDVQQD
EygyNjBkZGQ5M2U2MTY0NWQ0NjYzNDhhYTk0MWE5YTdlYzM2MTJiYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEjscV5to84QPL4DQWmslYrpg9l8
LrqFyiw7jneCRD0FhU7/RVIvqm2BOBtOdDhXiLpzyLXTooii6tP/dV2a1WbuRIbl
ZkI/Rr1hAiE1mlVKgLKcCEMlI9djD2ANSrXEhPWfTMi/BEGRpsZslOF1c+A2eLaJ
MkZ6bODE72SMiIG8ojLtvojcqMevWfACnpDmFIA4TLveXPdJpYK9DXmXxiMhGMN/
fQlzuMB/0YSb7t6dCKwp8eoPxYZ5WGva0GbLm8UnyH9fUBK5t5u8fgbj5CeWDGU6
zA79nGtJ1Pw/8kffa5CyTQ42cgAlcz4TQbg9sAiP8Sq/brMHNCJFJqzA1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYN3ZPmFkXUZjSKqUGpp+w2Erx4MB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGyE5gIJZ
qVjqNZ66X6xJFcFOMSQm+4fEoknbWDjpsy728Z1Wm9+8z40bx1n4lucXwpXF4nCO
Hn9a23AsOPSCL3i9W1ldXSZDaFhLbTgu8fbagudljB1P12xM0XTCNVxkxkx+5qfG
T6rHOtDLdsRxHUYflh+se8fw6+kGgQmT3+51f0ufGtVJmimT/budIT8JjU4jifgT
0fJpxfiJJXhDJI5hlm/ddtjsr0AnctjPtSb6pk/0JH1btm1pFsVDGQ4msFOyUhAM
sm4TCH/onjSrpaKRQJUrj2ZN7GJYg3OEaSR3O93cCPWI2LP3x2v56M1GIG8w3Ruy
o8ur9ObArVleSA==
-----END CERTIFICATE-----