Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          O92hihqBydRe4SeZDbCR6FuiLPNWAzbsvPeoQPDkduM=
Subject key identifier:   53:3E:B4:27:D5:12:F2:87:3D:AB:1E:BB:C1:C5:92:B7:09:E6:2B:18
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       0197C8DDF90AE3853A8B8E3E8588EF8277B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          03CA
Signing time:             Wed 02 Jul 2025 02:01:19 +0000
Manifest this update:     Wed 02 Jul 2025 02:01:19 +0000
Manifest next update:     Thu 03 Jul 2025 02:01:19 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: apTyjW0XMyHOg+7YWxkAO1D9+JxbQjPRL5uGLS57y9o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 01:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c8:dd:f9:0a:e3:85:3a:8b:8e:3e:85:88:ef:82:77:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Jul  2 02:01:19 2025 GMT
            Not After : Jul  3 02:01:19 2025 GMT
        Subject: CN=533eb427d512f2873dab1ebbc1c592b709e62b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:67:88:f3:1b:cf:5c:8e:ec:f9:b0:7e:da:81:
                    af:f2:15:a7:77:16:6d:54:2d:d6:75:8e:ed:21:55:
                    b1:dd:b5:31:f7:ce:1d:e9:1a:23:55:3f:bb:37:5f:
                    a6:96:18:26:35:be:19:0c:7e:e5:5c:cb:67:17:ce:
                    e3:e1:a1:c6:32:3b:bd:a1:22:ef:4e:87:65:b3:ce:
                    97:6c:63:a8:5d:0f:35:50:2f:09:4e:5f:76:1f:61:
                    31:a3:b2:37:34:e6:b3:01:e6:72:5a:49:e3:7c:33:
                    c4:fc:32:a7:76:eb:de:39:fd:f6:1a:57:53:83:eb:
                    0a:69:df:ff:24:e3:0c:b0:6a:71:ec:a1:cf:14:6a:
                    a7:f4:e3:fe:b1:62:21:ff:c5:41:70:0c:f4:66:72:
                    ea:1f:75:3d:93:a4:94:84:77:ff:cb:7b:52:ea:5e:
                    88:c9:f6:17:71:a8:1a:1e:73:e2:49:dc:22:0a:6b:
                    fb:20:d8:a2:54:f0:9f:3b:6f:96:ad:42:a6:a8:2b:
                    db:ce:8d:7c:ad:3c:85:13:77:30:b1:60:e0:e4:55:
                    ae:fb:4a:64:fa:79:05:a2:61:b8:3c:70:cc:1e:77:
                    ae:49:bf:da:84:e7:cc:0c:48:88:70:7f:3f:1b:84:
                    71:ac:d6:bc:45:a9:34:32:64:63:21:ae:02:9e:24:
                    6e:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:3E:B4:27:D5:12:F2:87:3D:AB:1E:BB:C1:C5:92:B7:09:E6:2B:18
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:13:2f:6e:cc:8d:4b:84:ee:18:10:4a:cd:44:c4:da:3d:6b:
         de:8e:b1:e7:a7:68:a5:4c:3c:78:65:b2:25:a3:ba:22:fc:5a:
         a5:bc:35:b8:3d:07:6e:b4:66:a1:b9:5d:03:2a:3f:d6:dc:40:
         1f:5b:31:35:03:4a:ed:42:ca:82:92:b2:c9:ea:01:1c:fe:1d:
         bf:89:ea:29:45:e4:83:2c:58:ef:27:3d:2f:f9:88:c6:ee:6c:
         28:83:10:38:0e:5e:fd:73:eb:f6:51:d3:ed:16:db:82:7d:5c:
         9e:bc:0d:e6:17:06:a3:af:ee:b5:29:9a:f7:65:47:c8:0a:84:
         14:76:22:5d:e1:c6:2a:8f:da:f4:ee:57:33:cc:e4:28:65:28:
         d3:fa:42:5f:23:75:28:f9:1b:3f:57:44:a9:5b:ed:25:f0:4b:
         29:bb:d5:00:98:8b:98:83:e0:2d:01:f6:11:61:d8:67:50:52:
         c1:f3:1c:e0:8f:2a:8e:ff:e6:9f:e3:55:67:7a:f6:7c:c3:b8:
         7d:fe:03:5b:a3:00:ee:22:fd:27:0a:9a:29:ef:ac:fd:f4:6f:
         c1:86:3a:60:53:1e:a2:3e:90:70:d3:eb:6f:18:a9:6f:7c:73:
         ce:f7:94:96:d2:66:55:61:e3:90:0e:d5:e7:fa:62:ec:58:b3:
         da:6b:f9:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfI3fkK44U6i44+hYjvgne2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwNzAyMDIwMTE5WhcNMjUwNzAzMDIwMTE5WjAzMTEwLwYDVQQD
Eyg1MzNlYjQyN2Q1MTJmMjg3M2RhYjFlYmJjMWM1OTJiNzA5ZTYyYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2eI8xvPXI7s+bB+2oGv8hWndxZt
VC3WdY7tIVWx3bUx984d6RojVT+7N1+mlhgmNb4ZDH7lXMtnF87j4aHGMju9oSLv
Todls86XbGOoXQ81UC8JTl92H2Exo7I3NOazAeZyWknjfDPE/DKnduveOf32GldT
g+sKad//JOMMsGpx7KHPFGqn9OP+sWIh/8VBcAz0ZnLqH3U9k6SUhHf/y3tS6l6I
yfYXcagaHnPiSdwiCmv7INiiVPCfO2+WrUKmqCvbzo18rTyFE3cwsWDg5FWu+0pk
+nkFomG4PHDMHneuSb/ahOfMDEiIcH8/G4RxrNa8Rak0MmRjIa4CniRu/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFM+tCfVEvKHPaseu8HFkrcJ5isYMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBMvbsyN
S4TuGBBKzUTE2j1r3o6x56dopUw8eGWyJaO6Ivxapbw1uD0HbrRmobldAyo/1txA
H1sxNQNK7ULKgpKyyeoBHP4dv4nqKUXkgyxY7yc9L/mIxu5sKIMQOA5e/XPr9lHT
7Rbbgn1cnrwN5hcGo6/utSma92VHyAqEFHYiXeHGKo/a9O5XM8zkKGUo0/pCXyN1
KPkbP1dEqVvtJfBLKbvVAJiLmIPgLQH2EWHYZ1BSwfMc4I8qjv/mn+NVZ3r2fMO4
ff4DW6MA7iL9JwqaKe+s/fRvwYY6YFMeoj6QcNPrbxipb3xzzveUltJmVWHjkA7V
5/pi7Fiz2mv5FA==
-----END CERTIFICATE-----