Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          MgDTxGix41qRa4GXgIrwSQ5E3clFnNux+a8YtkceO68=
Subject key identifier:   54:8E:1F:DF:D9:BC:0A:FA:46:5A:FB:02:A8:37:B4:BB:07:64:5E:5E
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       01975C49EEFC9E89E6D9C688173A837B1685
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          0525
Signing time:             Wed 11 Jun 2025 00:00:38 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:38 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:38 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: oE68rA8GN5BRF/+CYcOXIKaEVDWSVDwCDOR/xyeWXvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:49:ee:fc:9e:89:e6:d9:c6:88:17:3a:83:7b:16:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Jun 11 00:00:38 2025 GMT
            Not After : Jun 12 00:00:38 2025 GMT
        Subject: CN=548e1fdfd9bc0afa465afb02a837b4bb07645e5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:1b:39:d2:fc:b6:56:ff:e4:db:1e:fd:89:a8:
                    ad:0a:72:49:43:05:93:ca:3d:05:33:d5:d4:01:e4:
                    9f:3a:00:58:56:71:fe:d9:9d:7e:68:cc:e1:0c:e8:
                    02:2f:90:ff:72:7f:0f:a0:e2:80:7f:e0:b3:83:46:
                    ab:17:4c:29:46:de:34:55:b0:9d:cb:9f:9b:ba:98:
                    fc:0a:2f:bb:70:27:ae:47:92:ed:06:b8:0f:cd:07:
                    e9:e2:a9:65:e7:30:08:52:e4:8b:78:fc:f0:ac:79:
                    92:ee:69:7a:34:dd:89:c6:7c:6d:35:2d:fa:c8:2c:
                    70:cf:f9:76:2c:07:7b:4b:b0:b2:58:7d:dd:b6:77:
                    4f:8f:a6:14:4c:45:d7:5c:4f:18:76:4f:c2:3b:6a:
                    0e:3e:d1:2f:2f:e8:cb:ed:28:13:e3:df:d2:d7:b8:
                    c9:53:28:6c:7d:ea:be:80:ec:27:88:7e:a3:96:24:
                    63:2d:13:b9:ba:aa:51:f1:22:e5:d5:a4:38:e3:b6:
                    d4:32:4a:bc:74:65:51:16:b6:77:6f:38:b2:84:d3:
                    7d:c1:9d:eb:77:15:b8:ba:3d:f0:85:7b:be:f6:bb:
                    69:b0:1d:d4:93:bb:c4:50:6d:30:14:b6:13:12:7b:
                    e1:83:cc:86:3e:42:05:9b:23:a8:b4:9f:1f:9a:f2:
                    71:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:8E:1F:DF:D9:BC:0A:FA:46:5A:FB:02:A8:37:B4:BB:07:64:5E:5E
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:f7:51:1c:49:9f:5d:e5:75:47:0d:cd:e4:72:da:22:39:65:
         38:40:bb:31:0b:49:0c:57:db:4b:19:c4:7b:a3:16:09:dc:e0:
         94:11:a4:02:a3:f2:5f:7b:4b:ea:a2:ab:cf:29:9a:6b:d1:97:
         37:ce:d3:ac:79:c9:aa:c2:2f:aa:90:db:a1:58:6d:ea:41:21:
         ef:15:3f:0c:35:d7:0a:5e:2f:77:85:aa:a5:b3:d8:e0:bb:96:
         95:b9:5a:8d:e7:c7:4b:e8:29:ab:61:83:3d:f5:b9:89:f1:bb:
         40:46:31:2d:a3:bc:33:87:eb:12:81:b6:c8:ec:7d:06:1a:36:
         bc:9f:49:08:26:37:3a:f9:ba:98:a2:89:d4:5a:a2:a8:af:69:
         31:d2:e9:0e:53:a9:4b:c8:23:05:35:a5:1d:ac:a3:fd:12:bd:
         7e:a1:03:d6:01:1a:f5:07:7f:c8:83:e1:61:f0:7b:a7:38:1e:
         28:f3:55:ba:f6:28:6d:41:b1:d3:c1:46:96:43:83:0d:42:e7:
         da:cc:c7:49:3c:83:2c:31:e4:59:9d:d7:22:68:08:e0:3b:c8:
         52:00:05:3f:db:bd:4c:31:03:c4:fe:2a:4a:0b:e5:ce:f7:8e:
         3c:46:5e:b7:b5:86:b6:d6:74:98:ee:62:3f:7a:08:92:9a:1c:
         05:e6:e3:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSe78nonm2caIFzqDexaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUwNjExMDAwMDM4WhcNMjUwNjEyMDAwMDM4WjAzMTEwLwYDVQQD
Eyg1NDhlMWZkZmQ5YmMwYWZhNDY1YWZiMDJhODM3YjRiYjA3NjQ1ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hs50vy2Vv/k2x79iaitCnJJQwWT
yj0FM9XUAeSfOgBYVnH+2Z1+aMzhDOgCL5D/cn8PoOKAf+Czg0arF0wpRt40VbCd
y5+bupj8Ci+7cCeuR5LtBrgPzQfp4qll5zAIUuSLePzwrHmS7ml6NN2JxnxtNS36
yCxwz/l2LAd7S7CyWH3dtndPj6YUTEXXXE8Ydk/CO2oOPtEvL+jL7SgT49/S17jJ
Uyhsfeq+gOwniH6jliRjLRO5uqpR8SLl1aQ447bUMkq8dGVRFrZ3bziyhNN9wZ3r
dxW4uj3whXu+9rtpsB3Uk7vEUG0wFLYTEnvhg8yGPkIFmyOotJ8fmvJxCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSOH9/ZvAr6Rlr7Aqg3tLsHZF5eMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfdRHEmf
XeV1Rw3N5HLaIjllOEC7MQtJDFfbSxnEe6MWCdzglBGkAqPyX3tL6qKrzymaa9GX
N87TrHnJqsIvqpDboVht6kEh7xU/DDXXCl4vd4WqpbPY4LuWlblajefHS+gpq2GD
PfW5ifG7QEYxLaO8M4frEoG2yOx9Bho2vJ9JCCY3Ovm6mKKJ1FqiqK9pMdLpDlOp
S8gjBTWlHayj/RK9fqED1gEa9Qd/yIPhYfB7pzgeKPNVuvYobUGx08FGlkODDULn
2szHSTyDLDHkWZ3XImgI4DvIUgAFP9u9TDEDxP4qSgvlzveOPEZet7WGttZ0mO5i
P3oIkpocBebjUw==
-----END CERTIFICATE-----