Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          DOufShE8teRBaCRnknikHGuKdm9B40V5PWDbb8LVeRw=
Subject key identifier:   3E:07:8B:C8:10:BB:9E:DD:E7:D5:28:7B:61:97:E1:B3:40:E3:4A:56
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       01984A4121C359D5C6C6C9C7A1AC564775BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          040D
Signing time:             Sun 27 Jul 2025 05:00:39 +0000
Manifest this update:     Sun 27 Jul 2025 05:00:39 +0000
Manifest next update:     Mon 28 Jul 2025 05:00:39 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: xOVHJddQFwVdC70KqcznI5T3XAv7SS07Bo6k4aO6FgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:41:21:c3:59:d5:c6:c6:c9:c7:a1:ac:56:47:75:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Jul 27 05:00:39 2025 GMT
            Not After : Jul 28 05:00:39 2025 GMT
        Subject: CN=3e078bc810bb9edde7d5287b6197e1b340e34a56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:13:55:4a:21:cb:17:50:a0:58:7b:73:77:d0:
                    cb:e9:b0:23:71:3d:93:fe:1a:81:e8:3e:b2:10:ea:
                    74:6e:1d:c1:02:60:a5:e5:ee:e4:2e:a3:39:98:41:
                    03:2c:68:17:13:f8:f9:ac:1f:7e:6d:b8:d6:3c:e6:
                    5b:74:45:c2:85:cf:c3:18:33:d6:42:55:8a:36:8a:
                    e3:18:eb:8e:48:84:29:f0:55:45:d4:fa:01:3e:28:
                    ac:31:9a:fd:e2:cb:22:64:09:f5:dd:87:5d:83:85:
                    33:ad:24:17:f3:14:06:d3:ae:51:ca:1c:1e:ee:35:
                    ba:d9:d0:dd:b5:ce:07:2b:1d:e7:4c:12:de:25:d6:
                    54:08:24:89:54:8b:3b:28:85:66:21:e7:4c:cb:cc:
                    79:44:e6:4c:38:ee:96:42:a4:33:c8:39:0f:49:cd:
                    1a:b1:a5:8c:c9:d4:4e:66:5b:e7:8e:9a:81:91:a1:
                    93:69:7c:9a:48:a4:b0:2d:94:42:b6:85:a3:f2:3e:
                    79:e0:97:5f:e2:cf:18:f3:86:e8:ed:e9:7f:da:d3:
                    c6:a5:25:4b:9b:26:df:61:9c:3b:fa:51:82:1a:a3:
                    db:94:6b:10:0d:d5:5f:d1:ba:c8:02:16:a3:f1:91:
                    5e:a3:a9:38:d9:dc:b7:29:18:90:54:fa:79:75:49:
                    4f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:07:8B:C8:10:BB:9E:DD:E7:D5:28:7B:61:97:E1:B3:40:E3:4A:56
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:b8:fc:4e:b5:de:6d:94:df:f1:35:4d:79:52:60:0f:e5:5a:
         36:88:31:5b:11:e8:7c:5b:28:8d:83:0b:48:6a:8c:70:1a:da:
         ed:d0:2c:dd:9a:7b:e2:5a:04:92:ac:ba:dc:51:83:c4:3a:92:
         78:90:c6:90:44:02:7f:60:f2:ec:45:a8:26:56:6e:d1:cb:36:
         da:7b:c6:4c:fe:71:c7:06:e3:39:f8:fb:d7:c7:1b:d0:22:71:
         f5:a8:2e:df:cd:f1:6b:42:79:bc:eb:1b:e6:10:f7:0b:df:ea:
         ad:10:3d:d3:6c:e7:35:34:25:e1:08:8b:cd:a0:8a:9d:ea:90:
         c7:00:d5:b1:42:3b:fd:16:22:29:34:a0:2e:77:43:29:5c:62:
         58:ae:55:25:0d:9c:d2:61:1e:12:02:60:82:d8:28:70:4d:af:
         93:06:f6:f6:74:38:ff:4a:e6:10:9b:be:cd:5a:7f:2e:94:f2:
         ae:29:31:ee:8d:53:08:74:29:ac:b1:9b:11:33:a8:73:34:b9:
         3d:7e:df:9c:eb:6e:80:c6:2d:57:a7:0d:5d:08:2e:68:31:9a:
         c2:89:41:40:51:16:14:b5:43:05:6e:7e:1c:f8:2e:99:3e:6c:
         0b:dd:8e:49:42:bb:5e:bd:e4:e1:51:3c:36:a7:ba:79:d1:4b:
         68:4c:fc:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQSHDWdXGxsnHoaxWR3W9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwNzI3MDUwMDM5WhcNMjUwNzI4MDUwMDM5WjAzMTEwLwYDVQQD
EygzZTA3OGJjODEwYmI5ZWRkZTdkNTI4N2I2MTk3ZTFiMzQwZTM0YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhNVSiHLF1CgWHtzd9DL6bAjcT2T
/hqB6D6yEOp0bh3BAmCl5e7kLqM5mEEDLGgXE/j5rB9+bbjWPOZbdEXChc/DGDPW
QlWKNorjGOuOSIQp8FVF1PoBPiisMZr94ssiZAn13Yddg4UzrSQX8xQG065Ryhwe
7jW62dDdtc4HKx3nTBLeJdZUCCSJVIs7KIVmIedMy8x5ROZMOO6WQqQzyDkPSc0a
saWMydROZlvnjpqBkaGTaXyaSKSwLZRCtoWj8j554Jdf4s8Y84bo7el/2tPGpSVL
mybfYZw7+lGCGqPblGsQDdVf0brIAhaj8ZFeo6k42dy3KRiQVPp5dUlP4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4Hi8gQu57d59Uoe2GX4bNA40pWMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLj8TrXe
bZTf8TVNeVJgD+VaNogxWxHofFsojYMLSGqMcBra7dAs3Zp74loEkqy63FGDxDqS
eJDGkEQCf2Dy7EWoJlZu0cs22nvGTP5xxwbjOfj718cb0CJx9agu383xa0J5vOsb
5hD3C9/qrRA902znNTQl4QiLzaCKneqQxwDVsUI7/RYiKTSgLndDKVxiWK5VJQ2c
0mEeEgJggtgocE2vkwb29nQ4/0rmEJu+zVp/LpTyrikx7o1TCHQprLGbETOoczS5
PX7fnOtugMYtV6cNXQguaDGawolBQFEWFLVDBW5+HPgumT5sC92OSUK7Xr3k4VE8
Nqe6edFLaEz88Q==
-----END CERTIFICATE-----