Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
File:                     hVLmDnmh3nUzQ9eBW4cMloDArn8.mft (raw, json)
Hash identifier:          D9o/5Kriw9tlRsQYbRgellUUz5Tg1/LM9Gev40SW7Ak=
Subject key identifier:   5A:A8:89:76:85:5D:E0:CD:A7:0E:CE:91:3C:29:5D:E9:D5:F3:FD:D7
Authority key identifier: 85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F
Certificate issuer:       /CN=8552e60e79a1de753343d7815b870c9680c0ae7f
Certificate serial:       0198530EB7CED382815BFEC70917701C8695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
Manifest number:          0BD7
Signing time:             Mon 28 Jul 2025 22:02:10 +0000
Manifest this update:     Mon 28 Jul 2025 22:02:10 +0000
Manifest next update:     Tue 29 Jul 2025 22:02:10 +0000
Files and hashes:         1: hVLmDnmh3nUzQ9eBW4cMloDArn8.crl (hash: hLxmMbKFqaYiemqKyqb4d+XjsPAmOP8L1LUBZAM7uqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 22:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:53:0e:b7:ce:d3:82:81:5b:fe:c7:09:17:70:1c:86:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8552e60e79a1de753343d7815b870c9680c0ae7f
        Validity
            Not Before: Jul 28 22:02:10 2025 GMT
            Not After : Jul 29 22:02:10 2025 GMT
        Subject: CN=5aa88976855de0cda70ece913c295de9d5f3fdd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0d:25:6e:bc:5c:ae:6b:1f:9a:f9:8f:d9:d3:
                    64:dd:c6:e5:5f:da:59:af:d0:1b:14:f6:a2:98:7e:
                    5c:6c:b3:61:3c:1a:93:bc:d9:11:e8:b4:ad:04:32:
                    93:29:d0:0f:fb:5c:60:be:e4:cc:20:60:55:79:4d:
                    3b:3c:8f:87:a7:4d:27:61:fe:11:94:48:fe:c1:d4:
                    54:f9:72:de:00:ca:65:64:bc:ec:27:9f:12:33:36:
                    b4:08:04:fe:58:2b:e6:5a:de:77:03:93:ad:d7:b1:
                    de:92:d1:b6:e7:53:1d:29:4f:e4:87:5a:6a:22:0a:
                    4b:d2:42:d5:52:ae:e1:03:0b:e9:3f:f7:21:fb:2f:
                    8a:23:c4:19:4f:46:a5:c0:e6:0e:c8:82:79:bd:a2:
                    3d:bb:77:74:7f:d9:b2:0c:af:fc:13:bf:a0:8f:dd:
                    41:93:9f:23:39:35:99:85:3b:f5:6b:6b:b5:0d:99:
                    49:c6:7c:64:f5:f5:fd:bc:b9:36:11:65:14:6b:f1:
                    62:6e:97:c0:a7:66:b2:86:45:71:98:36:3f:83:db:
                    79:98:9d:43:11:19:aa:50:19:b4:b6:cc:ad:26:96:
                    ea:92:da:4b:f1:a5:1b:81:01:a0:3a:82:85:9c:56:
                    ad:1f:7b:c8:b6:75:a7:99:4f:0a:68:30:ab:60:61:
                    e6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A8:89:76:85:5D:E0:CD:A7:0E:CE:91:3C:29:5D:E9:D5:F3:FD:D7
            X509v3 Authority Key Identifier:
                keyid:85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:68:4d:ad:10:39:a5:30:81:b3:9f:8a:ec:45:9f:b0:43:ed:
         44:c1:a4:59:ab:0c:c4:21:8a:4a:94:38:d3:08:9f:31:ac:e8:
         06:c6:03:49:88:2c:bc:c3:f3:b6:68:a5:14:30:2a:09:17:d8:
         b5:f6:a9:30:22:6e:0e:6f:86:56:e1:6b:97:86:fe:8e:ce:e6:
         eb:da:62:e0:bd:7d:3a:a5:13:f2:52:56:37:37:ec:48:83:ba:
         d2:c7:5f:95:33:51:3e:c5:ec:a4:a3:fe:0e:2b:99:87:e6:ff:
         60:c0:4a:7e:36:1a:7c:ec:ac:6a:84:10:de:13:bc:8c:b5:84:
         fb:cb:9d:6b:2b:91:a8:50:f7:1b:1d:81:79:d6:54:17:88:fa:
         77:95:a6:48:4d:2c:83:20:bb:ad:d0:24:81:97:08:ee:99:bf:
         1a:eb:c0:11:04:9a:e2:ef:2a:11:89:c2:8d:e7:f0:f1:05:2a:
         6c:ad:d7:95:54:33:74:dc:f7:7a:cc:77:3c:d7:72:32:c7:0e:
         57:32:10:4e:9b:ff:74:76:c5:ce:69:18:ab:67:38:18:b5:a9:
         f5:6e:3a:93:be:58:8e:89:7e:40:a6:91:2e:42:c3:60:32:ff:
         7f:8b:54:e8:7f:d9:3b:82:44:b7:55:c6:6e:04:44:fa:ac:ce:
         a4:97:ac:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhTDrfO04KBW/7HCRdwHIaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTJlNjBlNzlhMWRlNzUzMzQzZDc4MTViODcwYzk2ODBj
MGFlN2YwHhcNMjUwNzI4MjIwMjEwWhcNMjUwNzI5MjIwMjEwWjAzMTEwLwYDVQQD
Eyg1YWE4ODk3Njg1NWRlMGNkYTcwZWNlOTEzYzI5NWRlOWQ1ZjNmZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw0lbrxcrmsfmvmP2dNk3cblX9pZ
r9AbFPaimH5cbLNhPBqTvNkR6LStBDKTKdAP+1xgvuTMIGBVeU07PI+Hp00nYf4R
lEj+wdRU+XLeAMplZLzsJ58SMza0CAT+WCvmWt53A5Ot17HektG251MdKU/kh1pq
IgpL0kLVUq7hAwvpP/ch+y+KI8QZT0alwOYOyIJ5vaI9u3d0f9myDK/8E7+gj91B
k58jOTWZhTv1a2u1DZlJxnxk9fX9vLk2EWUUa/FibpfAp2ayhkVxmDY/g9t5mJ1D
ERmqUBm0tsytJpbqktpL8aUbgQGgOoKFnFatH3vItnWnmU8KaDCrYGHmSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqoiXaFXeDNpw7OkTwpXenV8/3XMB8GA1UdIwQY
MBaAFIVS5g55od51M0PXgVuHDJaAwK5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEt
OWZmYTYwZGI4ZjcxLzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEtOWZmYTYwZGI4Zjcx
LzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGhNrRA5
pTCBs5+K7EWfsEPtRMGkWasMxCGKSpQ40wifMazoBsYDSYgsvMPztmilFDAqCRfY
tfapMCJuDm+GVuFrl4b+js7m69pi4L19OqUT8lJWNzfsSIO60sdflTNRPsXspKP+
DiuZh+b/YMBKfjYafOysaoQQ3hO8jLWE+8udayuRqFD3Gx2BedZUF4j6d5WmSE0s
gyC7rdAkgZcI7pm/GuvAEQSa4u8qEYnCjefw8QUqbK3XlVQzdNz3esx3PNdyMscO
VzIQTpv/dHbFzmkYq2c4GLWp9W46k75Yjol+QKaRLkLDYDL/f4tU6H/ZO4JEt1XG
bgRE+qzOpJesIw==
-----END CERTIFICATE-----