Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          RQ5d0FlUHnY1DFXp1AtrF+k3QmHd/u/b6/6Wm3Fjff8=
Subject key identifier:   C0:42:B1:20:A0:41:5A:D8:46:91:A6:79:6A:E9:03:CD:43:AC:0A:98
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       019769CF0C7B66DFB611C98705152BBEE76B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          052C
Signing time:             Fri 13 Jun 2025 15:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:05 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: 5VQOe15FljmcDeUE/BxlPl4z0D7M45+ws5LQ5Haeid0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:0c:7b:66:df:b6:11:c9:87:05:15:2b:be:e7:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Jun 13 15:01:05 2025 GMT
            Not After : Jun 14 15:01:05 2025 GMT
        Subject: CN=c042b120a0415ad84691a6796ae903cd43ac0a98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:85:7f:39:28:59:1f:3d:7d:d4:1a:c1:a6:03:
                    8f:57:ff:72:e5:02:de:9a:dc:14:82:80:b7:d1:55:
                    f5:ae:6d:43:4e:23:54:15:70:f7:68:f3:65:58:59:
                    49:cc:83:e3:a2:e9:46:ff:e0:60:5d:bd:72:a2:80:
                    c7:f0:e4:e5:35:44:ff:f3:b5:1e:5d:e4:e8:23:dc:
                    7f:f2:9d:b1:41:c6:53:63:98:68:ee:bc:76:04:5d:
                    d9:49:0b:cf:3f:06:1c:e0:a3:e5:09:94:1f:38:08:
                    a2:eb:47:27:0e:b3:bf:11:34:af:f3:05:a4:c9:86:
                    4c:a6:6a:cc:a5:ed:b4:d4:54:1c:bb:dc:76:21:0c:
                    14:bd:da:97:d3:c0:bb:29:c7:16:0a:a0:eb:c2:58:
                    06:9b:3d:4f:9f:3e:af:75:6e:3c:23:a3:48:8b:5d:
                    53:36:5a:e2:6d:82:30:a0:b6:2c:ef:0c:e7:88:7f:
                    c8:a4:46:68:ac:8e:9a:5b:8f:40:d3:d8:e1:c5:ad:
                    cc:ab:63:c6:98:3c:93:7e:9b:eb:d1:78:bb:52:9e:
                    ef:09:a8:4e:71:f1:98:df:7e:0b:6b:9b:00:41:dd:
                    22:24:13:ff:fb:40:a7:16:44:65:ff:74:86:96:7d:
                    7c:de:72:a0:99:31:42:75:ea:65:27:76:bc:10:ec:
                    98:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:42:B1:20:A0:41:5A:D8:46:91:A6:79:6A:E9:03:CD:43:AC:0A:98
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:d5:f0:fc:7d:23:53:96:2d:4e:b2:f1:09:8c:47:78:69:cb:
         b6:10:8f:c4:b7:15:69:9f:e0:08:b0:f6:ec:e2:76:08:f8:21:
         d4:99:d9:e6:95:57:eb:61:58:7d:26:92:d6:8a:78:22:2b:15:
         32:4d:24:aa:99:78:c9:46:f7:d3:cb:9a:51:85:4a:00:28:da:
         24:f5:01:af:e2:ab:da:3c:16:0e:37:ed:87:cc:46:77:c1:ea:
         ae:d1:ea:f3:8c:e8:69:9a:30:d8:da:f9:5d:8d:3b:b9:52:1a:
         55:fb:1e:a7:53:18:18:53:00:00:e4:5c:1d:7b:20:76:db:4c:
         c0:d3:ab:7b:e3:9e:b3:e3:07:66:ce:c1:c8:54:d9:c5:91:92:
         8a:72:af:87:9a:3e:10:ed:77:03:65:42:05:e2:f0:26:b6:4a:
         ed:c9:1a:c3:e6:93:06:5f:8b:1f:b5:a9:c7:79:1c:e5:d9:14:
         63:62:2a:7d:ec:03:29:2c:99:a8:9b:e7:91:15:d9:93:47:8e:
         ed:dc:9a:21:af:9f:34:2f:55:44:1a:aa:be:fb:10:ac:23:aa:
         93:c2:b5:68:fb:0a:af:ba:ae:c4:c2:7d:2c:d9:aa:ea:5f:78:
         12:4b:45:4a:21:97:c9:7b:c6:52:0c:19:b3:ad:71:23:14:6f:
         88:38:c4:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzwx7Zt+2EcmHBRUrvudrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUwNjEzMTUwMTA1WhcNMjUwNjE0MTUwMTA1WjAzMTEwLwYDVQQD
EyhjMDQyYjEyMGEwNDE1YWQ4NDY5MWE2Nzk2YWU5MDNjZDQzYWMwYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YV/OShZHz191BrBpgOPV/9y5QLe
mtwUgoC30VX1rm1DTiNUFXD3aPNlWFlJzIPjoulG/+BgXb1yooDH8OTlNUT/87Ue
XeToI9x/8p2xQcZTY5ho7rx2BF3ZSQvPPwYc4KPlCZQfOAii60cnDrO/ETSv8wWk
yYZMpmrMpe201FQcu9x2IQwUvdqX08C7KccWCqDrwlgGmz1Pnz6vdW48I6NIi11T
NlribYIwoLYs7wzniH/IpEZorI6aW49A09jhxa3Mq2PGmDyTfpvr0Xi7Up7vCahO
cfGY334La5sAQd0iJBP/+0CnFkRl/3SGln183nKgmTFCdeplJ3a8EOyY3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBCsSCgQVrYRpGmeWrpA81DrAqYMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAENXw/H0j
U5YtTrLxCYxHeGnLthCPxLcVaZ/gCLD27OJ2CPgh1JnZ5pVX62FYfSaS1op4IisV
Mk0kqpl4yUb308uaUYVKACjaJPUBr+Kr2jwWDjfth8xGd8HqrtHq84zoaZow2Nr5
XY07uVIaVfsep1MYGFMAAORcHXsgdttMwNOre+Oes+MHZs7ByFTZxZGSinKvh5o+
EO13A2VCBeLwJrZK7ckaw+aTBl+LH7Wpx3kc5dkUY2IqfewDKSyZqJvnkRXZk0eO
7dyaIa+fNC9VRBqqvvsQrCOqk8K1aPsKr7quxMJ9LNmq6l94EktFSiGXyXvGUgwZ
s61xIxRviDjErg==
-----END CERTIFICATE-----