Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          rhyvPowH+ybU28fxr7QNc9a7jVmAqgHCHbN/+JQnQ9U=
Subject key identifier:   01:36:63:A9:9C:24:3D:EA:46:FD:1B:97:1F:12:FA:E7:C3:AF:F6:7B
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       0197677362F15A486997D2BD96EEC0FC5F0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0A02
Signing time:             Fri 13 Jun 2025 04:01:44 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:44 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:44 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: JtI9MSfrD0iEGS3mIMaytVp0SvZLzQ4AW5AADRpDv7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:73:62:f1:5a:48:69:97:d2:bd:96:ee:c0:fc:5f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Jun 13 04:01:44 2025 GMT
            Not After : Jun 14 04:01:44 2025 GMT
        Subject: CN=013663a99c243dea46fd1b971f12fae7c3aff67b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:54:4b:74:47:67:65:7e:80:38:f9:6d:a0:ea:
                    09:bc:64:b3:44:4e:ae:b4:5d:cb:e0:44:45:7d:72:
                    c7:2d:d4:a7:9a:f4:82:ca:75:7c:28:50:00:86:50:
                    4b:a2:2f:72:f2:69:cb:23:88:dd:43:6c:30:53:8f:
                    c5:56:a7:80:85:ee:d9:bf:b1:37:ac:85:92:b8:2f:
                    04:ca:01:85:2b:bf:1d:9b:3a:ee:fe:78:3d:3d:68:
                    a7:f6:19:71:60:9f:01:c0:f7:44:15:a3:2c:ca:23:
                    0c:ea:fc:8d:9a:15:91:d2:62:79:6c:5d:83:9a:ec:
                    45:a1:f0:63:27:38:04:41:76:7f:1e:2d:12:9d:90:
                    b4:94:c3:3a:0e:82:10:f5:e7:38:01:08:44:ba:09:
                    01:98:3a:52:1e:a5:42:ab:15:d6:7f:7a:db:d2:7a:
                    8e:ec:91:40:bd:5f:65:e4:6b:24:ef:19:24:52:53:
                    f6:d1:0d:6b:0b:81:b4:84:d2:d2:77:85:c3:72:01:
                    b7:1c:a6:9d:1e:b1:d7:4a:55:8a:b7:59:5d:c1:89:
                    a4:ed:ea:c1:ba:f8:36:a6:38:47:08:de:25:35:a3:
                    97:05:44:bc:27:57:b8:7a:5e:af:63:d7:4e:60:3b:
                    2d:6d:17:46:c1:68:e3:09:da:d3:70:73:49:21:3d:
                    23:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:36:63:A9:9C:24:3D:EA:46:FD:1B:97:1F:12:FA:E7:C3:AF:F6:7B
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:9c:65:1c:d9:45:f6:2f:5e:6a:6b:8a:6a:c6:74:6c:72:aa:
         3f:f4:c9:6d:76:60:7c:a7:48:6d:52:8e:6b:2d:30:f2:ce:7c:
         c8:1d:5b:99:52:b3:e7:ec:27:90:32:62:52:b8:1b:b1:97:fb:
         d9:fe:21:58:d5:0f:35:19:f8:5d:85:8a:ef:4b:fb:6d:92:13:
         49:0d:e8:9f:0d:e3:f2:43:4f:49:85:d0:a4:79:95:f6:47:4e:
         19:24:e9:02:2e:e1:2c:8d:ab:56:9a:8c:8b:20:d8:0f:54:55:
         e7:95:8b:09:15:10:a6:ce:f8:17:a4:c0:4e:2d:19:30:26:bf:
         2a:88:88:57:29:4b:67:b7:b0:54:00:04:0a:7a:5c:88:55:6a:
         82:7c:d2:a8:9e:d0:9b:82:8d:ea:6e:55:2c:40:26:4e:00:89:
         99:5d:f5:08:71:a2:da:de:95:dc:a0:36:ff:85:94:1a:f5:f5:
         36:e4:3e:47:3a:d8:e4:36:0d:db:ce:b3:3f:99:95:e6:cc:9a:
         e1:cc:c0:3a:1e:ab:e1:e9:bc:73:de:f8:da:bb:7e:80:df:4f:
         79:3e:f3:10:1e:70:3b:2a:a2:a8:62:f7:b3:64:1d:07:ba:ac:
         e7:ac:be:e8:65:e4:cb:2f:e4:8d:4c:c5:de:13:3e:35:39:0b:
         4d:cb:a4:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnc2LxWkhpl9K9lu7A/F8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNjEzMDQwMTQ0WhcNMjUwNjE0MDQwMTQ0WjAzMTEwLwYDVQQD
EygwMTM2NjNhOTljMjQzZGVhNDZmZDFiOTcxZjEyZmFlN2MzYWZmNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1RLdEdnZX6AOPltoOoJvGSzRE6u
tF3L4ERFfXLHLdSnmvSCynV8KFAAhlBLoi9y8mnLI4jdQ2wwU4/FVqeAhe7Zv7E3
rIWSuC8EygGFK78dmzru/ng9PWin9hlxYJ8BwPdEFaMsyiMM6vyNmhWR0mJ5bF2D
muxFofBjJzgEQXZ/Hi0SnZC0lMM6DoIQ9ec4AQhEugkBmDpSHqVCqxXWf3rb0nqO
7JFAvV9l5Gsk7xkkUlP20Q1rC4G0hNLSd4XDcgG3HKadHrHXSlWKt1ldwYmk7erB
uvg2pjhHCN4lNaOXBUS8J1e4el6vY9dOYDstbRdGwWjjCdrTcHNJIT0jzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAE2Y6mcJD3qRv0blx8S+ufDr/Z7MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAZxlHNlF
9i9eamuKasZ0bHKqP/TJbXZgfKdIbVKOay0w8s58yB1bmVKz5+wnkDJiUrgbsZf7
2f4hWNUPNRn4XYWK70v7bZITSQ3onw3j8kNPSYXQpHmV9kdOGSTpAi7hLI2rVpqM
iyDYD1RV55WLCRUQps74F6TATi0ZMCa/KoiIVylLZ7ewVAAECnpciFVqgnzSqJ7Q
m4KN6m5VLEAmTgCJmV31CHGi2t6V3KA2/4WUGvX1NuQ+RzrY5DYN286zP5mV5sya
4czAOh6r4em8c9742rt+gN9PeT7zEB5wOyqiqGL3s2QdB7qs56y+6GXkyy/kjUzF
3hM+NTkLTcukkQ==
-----END CERTIFICATE-----