Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          BSxGyrCaOgNeQ9D+OhyhI0nVr/PHlIeOgDBBV/GQZ6g=
Subject key identifier:   B0:0A:B8:BD:1D:9C:64:D3:9D:DA:BD:4F:DD:1E:16:DA:85:7D:A5:65
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       0197C49397E7676FA5B3AEF4674AE41449C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          15B7
Signing time:             Tue 01 Jul 2025 06:01:36 +0000
Manifest this update:     Tue 01 Jul 2025 06:01:36 +0000
Manifest next update:     Wed 02 Jul 2025 06:01:36 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: 0RKcayj72BYZy6L21ekI/xGJA1KmpmpR8Nwkep9bPWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 06:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c4:93:97:e7:67:6f:a5:b3:ae:f4:67:4a:e4:14:49:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Jul  1 06:01:36 2025 GMT
            Not After : Jul  2 06:01:36 2025 GMT
        Subject: CN=b00ab8bd1d9c64d39ddabd4fdd1e16da857da565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1a:d4:ed:ea:52:41:6c:48:7f:90:7f:af:ba:
                    fa:03:34:8f:bf:e2:59:6a:92:4e:f4:47:6e:72:0e:
                    31:3b:f2:6b:cb:64:7a:49:c9:22:94:da:56:f6:13:
                    37:53:85:bd:b1:f1:d3:aa:88:d4:87:55:7b:78:60:
                    8d:7f:49:20:a2:65:c9:d3:53:4c:45:a2:03:66:4d:
                    e3:19:7d:2a:2f:90:18:e6:a3:46:7f:fe:78:7e:b3:
                    84:eb:96:61:8f:37:45:c1:15:a0:b4:15:09:5a:62:
                    a5:4b:88:77:db:87:63:54:5e:f0:8b:6a:76:98:ad:
                    a6:42:21:1c:48:fa:13:d6:92:3e:05:03:5e:3c:b8:
                    f9:87:1c:44:c7:2d:b5:89:83:2a:18:f9:4f:00:11:
                    82:53:db:c0:69:a8:e2:81:c4:19:10:fc:e2:ba:b7:
                    fb:a1:fc:7c:6d:84:ce:18:88:e0:93:85:f6:6f:27:
                    9a:37:08:73:b2:11:e2:34:e6:3c:d8:80:ce:ad:ec:
                    fd:0a:0f:f9:5f:74:78:be:bc:78:b2:bc:b9:4d:b7:
                    6a:71:eb:43:ea:42:4f:d3:fc:be:52:d4:71:8e:87:
                    88:55:b2:ee:1c:90:b6:08:92:30:f3:1a:1a:43:e1:
                    5d:90:7f:26:ec:c8:7c:34:6c:ae:27:a5:b9:2c:5e:
                    19:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:0A:B8:BD:1D:9C:64:D3:9D:DA:BD:4F:DD:1E:16:DA:85:7D:A5:65
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:f6:ce:a2:0e:f6:5a:c6:14:a9:ce:1a:6f:ca:d2:42:89:fa:
         05:81:b7:59:63:06:ab:89:1d:5c:29:54:32:5d:85:fa:2e:5d:
         b9:d4:05:76:07:3f:95:0d:92:fa:26:37:e0:63:22:1e:c7:34:
         8f:06:9c:de:13:40:9f:56:06:8c:bd:91:5d:4f:9f:36:54:af:
         08:09:94:15:0f:d3:38:94:0f:cb:28:6d:57:d1:2e:d8:be:7e:
         24:5f:f4:80:c9:ec:6d:e8:b4:d2:70:5e:0e:9e:cb:5c:a7:6a:
         8a:b5:0a:94:19:36:9b:a6:d9:88:52:6d:74:0c:87:a0:77:37:
         5c:62:3b:94:95:72:ba:dd:25:27:a6:3c:75:11:4f:3d:60:a0:
         71:65:33:ca:1e:a2:45:04:62:0b:ab:3d:ad:b9:3b:fe:14:35:
         9c:3c:5f:31:01:c5:62:39:9a:2b:74:3a:50:8b:72:31:fe:df:
         f0:41:cb:a4:60:1b:54:ce:a7:54:91:d2:58:b7:6c:aa:5a:ee:
         f8:51:6c:96:db:48:8f:76:78:06:ab:16:bc:4a:7c:b4:40:e1:
         03:4d:04:15:8d:d5:3c:d2:25:0f:fc:f6:62:49:b1:cd:04:06:
         5b:7e:5d:89:97:85:61:0f:92:1d:fe:cf:48:8e:bf:24:76:81:
         d0:ff:00:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEk5fnZ2+ls670Z0rkFEnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNzAxMDYwMTM2WhcNMjUwNzAyMDYwMTM2WjAzMTEwLwYDVQQD
EyhiMDBhYjhiZDFkOWM2NGQzOWRkYWJkNGZkZDFlMTZkYTg1N2RhNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xrU7epSQWxIf5B/r7r6AzSPv+JZ
apJO9Educg4xO/Jry2R6SckilNpW9hM3U4W9sfHTqojUh1V7eGCNf0kgomXJ01NM
RaIDZk3jGX0qL5AY5qNGf/54frOE65ZhjzdFwRWgtBUJWmKlS4h324djVF7wi2p2
mK2mQiEcSPoT1pI+BQNePLj5hxxExy21iYMqGPlPABGCU9vAaajigcQZEPziurf7
ofx8bYTOGIjgk4X2byeaNwhzshHiNOY82IDOrez9Cg/5X3R4vrx4sry5TbdqcetD
6kJP0/y+UtRxjoeIVbLuHJC2CJIw8xoaQ+FdkH8m7Mh8NGyuJ6W5LF4ZhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAKuL0dnGTTndq9T90eFtqFfaVlMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVvbOog72
WsYUqc4ab8rSQon6BYG3WWMGq4kdXClUMl2F+i5dudQFdgc/lQ2S+iY34GMiHsc0
jwac3hNAn1YGjL2RXU+fNlSvCAmUFQ/TOJQPyyhtV9Eu2L5+JF/0gMnsbei00nBe
Dp7LXKdqirUKlBk2m6bZiFJtdAyHoHc3XGI7lJVyut0lJ6Y8dRFPPWCgcWUzyh6i
RQRiC6s9rbk7/hQ1nDxfMQHFYjmaK3Q6UItyMf7f8EHLpGAbVM6nVJHSWLdsqlru
+FFslttIj3Z4BqsWvEp8tEDhA00EFY3VPNIlD/z2YkmxzQQGW35diZeFYQ+SHf7P
SI6/JHaB0P8AEA==
-----END CERTIFICATE-----