Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          EKSLIt4aJ5gPeUyzgIj0mXP3yD+dt+lse/uaBONetlM=
Subject key identifier:   D4:A8:1D:F6:D4:6A:48:88:B5:8B:45:04:5A:07:0F:2B:CE:36:17:A7
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       0198D73AEEDB413166E4BBC7225C66A9DC48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          0456
Signing time:             Sat 23 Aug 2025 14:00:20 +0000
Manifest this update:     Sat 23 Aug 2025 14:00:20 +0000
Manifest next update:     Sun 24 Aug 2025 14:00:20 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: bojJR+Ck5nQ3xXC9Fic88rFSKpU5n7DLDhYdk6oi4KE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:3a:ee:db:41:31:66:e4:bb:c7:22:5c:66:a9:dc:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Aug 23 14:00:20 2025 GMT
            Not After : Aug 24 14:00:20 2025 GMT
        Subject: CN=d4a81df6d46a4888b58b45045a070f2bce3617a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:72:e7:f7:b8:ed:a4:63:7c:71:bd:ec:03:02:
                    b7:2e:5a:ec:1a:61:9a:82:f6:37:41:39:38:99:7b:
                    e0:c1:fb:db:4d:33:2e:e5:11:a5:8a:9d:11:0f:23:
                    f1:8b:0f:77:65:84:ba:eb:e1:cc:41:b6:ac:a5:39:
                    9d:b9:0d:ca:f5:fc:2e:76:04:7e:99:c5:f3:e2:23:
                    3b:88:10:c8:dd:5a:53:bf:ae:50:4e:6f:7e:e3:d5:
                    74:28:20:b0:81:7b:ef:8a:53:be:45:e1:11:f8:a8:
                    aa:19:65:60:a9:0a:7a:ab:e2:82:7a:88:2a:c6:5d:
                    f7:74:96:14:9b:80:bd:66:62:7e:15:66:a0:c5:d4:
                    a0:20:9c:2f:27:79:28:3e:5b:85:ca:51:b5:be:98:
                    fd:75:fe:66:8e:d8:1c:f6:29:89:26:a7:ba:d5:cf:
                    f8:5e:78:43:26:f2:78:f9:08:01:a6:f0:83:ed:37:
                    27:a7:69:71:c2:dc:9b:58:8a:0a:27:d6:98:b2:87:
                    6d:e5:e3:fb:91:0f:a7:d6:96:51:6a:b6:11:19:5a:
                    4e:a4:0c:a7:cf:8d:14:70:7d:4c:82:31:84:f3:06:
                    ba:98:f5:e0:54:aa:35:c6:75:40:f0:10:5a:35:42:
                    21:f3:dc:e1:98:ab:4e:b8:eb:23:36:68:cf:57:79:
                    1f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:A8:1D:F6:D4:6A:48:88:B5:8B:45:04:5A:07:0F:2B:CE:36:17:A7
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:18:7e:76:45:51:3a:4d:cc:a4:38:7a:b4:c1:c8:fc:98:f6:
         85:3e:a3:af:de:13:0b:5e:51:ae:97:06:6b:63:32:de:e5:3b:
         49:64:f6:d1:94:d7:83:18:ec:49:5f:cd:55:77:bb:d0:81:2c:
         1e:a6:93:dd:54:e3:b0:a9:6d:04:3a:82:23:f4:d3:7c:4c:ab:
         9d:22:0f:89:39:d5:79:67:49:f6:4c:c5:03:29:49:65:aa:dc:
         26:82:dc:a3:04:21:0b:94:10:07:77:cd:56:00:9f:77:ec:d9:
         27:c4:37:aa:56:db:5f:f5:48:79:df:91:9f:04:3f:18:74:93:
         f7:e9:3c:65:23:e7:b5:a8:cf:5a:a3:82:0f:96:92:74:72:b4:
         a3:2f:d6:7f:da:08:8a:0c:59:2d:87:1d:d8:01:af:f6:a9:27:
         e3:64:5f:13:b0:eb:ba:63:d3:ed:ef:b2:76:76:17:2b:f5:c5:
         ec:98:43:91:0f:82:85:11:7e:ec:ec:99:2c:d5:33:06:89:d9:
         29:f2:f5:a4:2d:89:cc:26:6f:10:3a:55:47:70:f1:c0:2c:9e:
         4d:3f:84:9d:8a:22:e1:31:f2:19:7c:26:e6:bf:12:1e:c7:00:
         49:03:44:0e:71:35:66:68:15:bf:41:71:62:83:71:03:77:f9:
         9a:16:29:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXOu7bQTFm5LvHIlxmqdxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwODIzMTQwMDIwWhcNMjUwODI0MTQwMDIwWjAzMTEwLwYDVQQD
EyhkNGE4MWRmNmQ0NmE0ODg4YjU4YjQ1MDQ1YTA3MGYyYmNlMzYxN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHLn97jtpGN8cb3sAwK3LlrsGmGa
gvY3QTk4mXvgwfvbTTMu5RGlip0RDyPxiw93ZYS66+HMQbaspTmduQ3K9fwudgR+
mcXz4iM7iBDI3VpTv65QTm9+49V0KCCwgXvvilO+ReER+KiqGWVgqQp6q+KCeogq
xl33dJYUm4C9ZmJ+FWagxdSgIJwvJ3koPluFylG1vpj9df5mjtgc9imJJqe61c/4
XnhDJvJ4+QgBpvCD7Tcnp2lxwtybWIoKJ9aYsodt5eP7kQ+n1pZRarYRGVpOpAyn
z40UcH1MgjGE8wa6mPXgVKo1xnVA8BBaNUIh89zhmKtOuOsjNmjPV3kf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSoHfbUakiItYtFBFoHDyvONhenMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEBh+dkVR
Ok3MpDh6tMHI/Jj2hT6jr94TC15RrpcGa2My3uU7SWT20ZTXgxjsSV/NVXe70IEs
HqaT3VTjsKltBDqCI/TTfEyrnSIPiTnVeWdJ9kzFAylJZarcJoLcowQhC5QQB3fN
VgCfd+zZJ8Q3qlbbX/VIed+RnwQ/GHST9+k8ZSPntajPWqOCD5aSdHK0oy/Wf9oI
igxZLYcd2AGv9qkn42RfE7DrumPT7e+ydnYXK/XF7JhDkQ+ChRF+7OyZLNUzBonZ
KfL1pC2JzCZvEDpVR3DxwCyeTT+EnYoi4THyGXwm5r8SHscASQNEDnE1ZmgVv0Fx
YoNxA3f5mhYp/Q==
-----END CERTIFICATE-----