Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
File:                     THHp8j7qymjHIcvkKAYQC3XhV3A.mft (raw, json)
Hash identifier:          c93hQWY+gW3ytJA+d5j0/7w+Z+RRo6z1+17YbRBju1A=
Subject key identifier:   E3:1D:C6:6A:B9:EC:03:15:21:C9:01:A5:CD:96:02:7E:9C:13:F1:F5
Authority key identifier: 4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70
Certificate issuer:       /CN=4c71e9f23eeaca68c721cbe42806100b75e15770
Certificate serial:       019768BC0178CCDF64BB9E3F42C1E987A765
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
Manifest number:          044A
Signing time:             Fri 13 Jun 2025 10:00:40 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:40 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:40 +0000
Files and hashes:         1: THHp8j7qymjHIcvkKAYQC3XhV3A.crl (hash: akhdZEvnc8MuerXDySqLiAA78Qr/i5h3s6s8P8gebDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bc:01:78:cc:df:64:bb:9e:3f:42:c1:e9:87:a7:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c71e9f23eeaca68c721cbe42806100b75e15770
        Validity
            Not Before: Jun 13 10:00:40 2025 GMT
            Not After : Jun 14 10:00:40 2025 GMT
        Subject: CN=e31dc66ab9ec031521c901a5cd96027e9c13f1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d0:98:ac:3d:43:11:34:9b:3b:02:04:34:32:
                    8a:48:ca:0b:d8:d0:c2:e5:b0:46:65:15:1d:ab:17:
                    ae:bc:55:b0:66:e8:e6:e9:e5:13:9d:16:64:d6:c4:
                    de:02:6b:b9:d2:b6:cd:58:f6:c1:fb:fc:78:38:92:
                    71:2f:8d:a6:53:cf:31:e6:69:20:0d:54:02:a9:83:
                    08:ad:6c:65:99:50:b6:09:e5:d6:c3:24:2d:dd:53:
                    b5:cd:e5:2f:0d:d9:18:d1:b8:df:29:ce:35:19:84:
                    c4:50:97:56:9c:50:0a:4a:9f:12:25:52:6e:ed:f1:
                    2a:22:a7:36:d5:e7:91:ea:9e:73:53:9c:65:fe:f3:
                    17:c6:ef:3b:21:b8:ce:a7:47:8c:c1:b4:98:bb:f4:
                    e1:f5:50:33:ad:21:1a:6a:53:35:6b:26:9f:3a:17:
                    10:ed:14:e0:42:a3:f0:83:80:5a:d2:11:c2:dd:53:
                    12:d5:0f:3e:3f:b7:57:2e:f4:fe:d4:ad:5c:89:bb:
                    4f:8e:92:85:f4:c2:e5:9b:0f:fe:f4:c2:64:cc:97:
                    1e:e4:f1:27:7e:7b:52:e1:65:af:f6:33:73:06:66:
                    09:ff:22:29:7c:6c:0f:e8:40:b4:71:fc:4e:01:c2:
                    9f:f9:b6:3e:3e:42:bd:97:ac:c0:b7:9f:9b:7e:b1:
                    fb:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:1D:C6:6A:B9:EC:03:15:21:C9:01:A5:CD:96:02:7E:9C:13:F1:F5
            X509v3 Authority Key Identifier:
                keyid:4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:2f:35:20:6f:da:3c:ca:2f:1a:21:5d:0a:c2:56:c6:db:c1:
         e2:76:35:2b:24:26:b7:28:a7:4c:02:5a:71:a5:cd:2b:b5:3e:
         0c:ea:88:ad:f1:b5:cc:15:84:3d:a4:c6:27:4d:f6:4e:14:2e:
         fa:5f:0a:93:f0:55:35:52:39:4f:91:31:5f:c5:19:73:62:e4:
         1d:37:e4:30:43:59:d9:c5:8c:fe:17:a6:e8:7d:82:bd:ed:33:
         d8:35:08:15:d1:12:96:23:96:ca:ea:f3:90:d0:bf:17:4c:ef:
         07:b1:35:8e:92:79:2c:e7:2d:c7:bf:3f:28:54:27:a1:29:98:
         46:1d:db:5d:fd:51:09:a3:e5:7f:7b:9a:cc:4c:10:85:d6:d9:
         8a:37:a7:4b:3d:da:37:8b:40:38:96:df:c3:d9:ed:8b:1d:3f:
         21:ed:12:2f:b6:06:da:70:12:15:4d:8f:92:d4:28:ba:56:42:
         f5:2d:50:68:67:1f:88:93:76:77:df:a2:2e:7a:5f:79:50:f8:
         1e:0a:51:25:40:64:6f:96:a5:ef:51:06:e6:e4:71:92:82:17:
         c5:14:c5:89:c8:2d:85:05:65:57:fe:5b:f8:3d:bb:75:1d:d5:
         3b:c7:16:f5:be:83:5d:28:cd:91:d4:b3:ff:71:24:10:42:52:
         a4:ea:90:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdovAF4zN9ku54/QsHph6dlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFlOWYyM2VlYWNhNjhjNzIxY2JlNDI4MDYxMDBiNzVl
MTU3NzAwHhcNMjUwNjEzMTAwMDQwWhcNMjUwNjE0MTAwMDQwWjAzMTEwLwYDVQQD
EyhlMzFkYzY2YWI5ZWMwMzE1MjFjOTAxYTVjZDk2MDI3ZTljMTNmMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9CYrD1DETSbOwIENDKKSMoL2NDC
5bBGZRUdqxeuvFWwZujm6eUTnRZk1sTeAmu50rbNWPbB+/x4OJJxL42mU88x5mkg
DVQCqYMIrWxlmVC2CeXWwyQt3VO1zeUvDdkY0bjfKc41GYTEUJdWnFAKSp8SJVJu
7fEqIqc21eeR6p5zU5xl/vMXxu87IbjOp0eMwbSYu/Th9VAzrSEaalM1ayafOhcQ
7RTgQqPwg4Ba0hHC3VMS1Q8+P7dXLvT+1K1cibtPjpKF9MLlmw/+9MJkzJce5PEn
fntS4WWv9jNzBmYJ/yIpfGwP6EC0cfxOAcKf+bY+PkK9l6zAt5+bfrH7/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMdxmq57AMVIckBpc2WAn6cE/H1MB8GA1UdIwQY
MBaAFExx6fI+6spoxyHL5CgGEAt14VdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEt
YzliN2ViMmNlYTU3LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEtYzliN2ViMmNlYTU3
LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaS81IG/a
PMovGiFdCsJWxtvB4nY1KyQmtyinTAJacaXNK7U+DOqIrfG1zBWEPaTGJ032ThQu
+l8Kk/BVNVI5T5ExX8UZc2LkHTfkMENZ2cWM/hem6H2Cve0z2DUIFdESliOWyurz
kNC/F0zvB7E1jpJ5LOctx78/KFQnoSmYRh3bXf1RCaPlf3uazEwQhdbZijenSz3a
N4tAOJbfw9ntix0/Ie0SL7YG2nASFU2PktQoulZC9S1QaGcfiJN2d9+iLnpfeVD4
HgpRJUBkb5al71EG5uRxkoIXxRTFicgthQVlV/5b+D27dR3VO8cW9b6DXSjNkdSz
/3EkEEJSpOqQPQ==
-----END CERTIFICATE-----