Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          EJJ8BxNB4CI1hABVN6k0OZd1Va8AqpqrH+PL11vUb0Q=
Subject key identifier:   6F:FE:EE:AF:53:0A:DD:35:3E:78:F9:E0:09:61:51:E1:58:2B:78:EE
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       01975234DB7CA4E3425362B7B90F92673D0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          09F7
Signing time:             Mon 09 Jun 2025 01:01:25 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:25 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:25 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: VTuMUYxOmQC9sv1V05SlRgFePqw9iONgOrBRabHVLaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:db:7c:a4:e3:42:53:62:b7:b9:0f:92:67:3d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Jun  9 01:01:25 2025 GMT
            Not After : Jun 10 01:01:25 2025 GMT
        Subject: CN=6ffeeeaf530add353e78f9e0096151e1582b78ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0f:3b:c1:0c:02:7f:b3:4a:42:4a:f3:85:63:
                    04:e5:9f:a0:19:90:bc:3a:e0:a2:2f:48:bc:52:40:
                    f6:f2:cc:1f:cd:f0:90:56:9e:a0:cc:60:40:6e:2e:
                    4a:19:c3:0f:03:27:c0:ab:dc:f3:49:09:03:28:33:
                    19:9a:00:2d:08:fc:36:7f:59:9e:f9:6a:3e:b6:fb:
                    bb:82:0d:fe:19:69:95:f0:53:ea:7e:a3:04:78:23:
                    79:ed:d5:5c:4e:2d:a1:53:23:1c:85:ad:51:e9:1a:
                    31:d3:a3:2f:68:c5:0a:bd:f4:72:8f:6e:f1:d7:88:
                    46:db:c4:ef:af:75:2e:48:a4:14:56:8f:60:7d:08:
                    df:b2:bb:41:71:40:da:c6:e9:7a:17:1d:fe:67:be:
                    c7:96:f2:b6:fa:92:9e:72:0b:72:1f:ba:c8:77:2f:
                    a1:b7:ad:e9:9c:07:0e:34:92:2b:e6:b0:71:99:73:
                    ed:94:37:ee:de:08:85:55:04:7f:64:e8:9a:15:66:
                    90:19:e6:f6:e7:f4:da:4e:b7:a2:19:86:a0:df:0f:
                    f6:99:62:7a:6b:8f:3f:84:0b:b9:ab:d7:26:0d:27:
                    bd:64:e8:58:40:e9:77:58:52:5c:f6:7e:07:e7:64:
                    b1:e1:f4:d0:b9:45:dc:ce:7a:b3:c9:99:bd:03:b8:
                    2c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:FE:EE:AF:53:0A:DD:35:3E:78:F9:E0:09:61:51:E1:58:2B:78:EE
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:77:38:5f:6b:a1:dd:cb:bb:12:3c:88:ca:65:70:16:0f:37:
         05:93:54:8d:b3:a7:85:dd:da:5e:54:5f:b8:9d:de:22:33:37:
         47:28:c8:dd:9c:0a:18:28:de:02:1e:57:b4:24:57:81:b4:5c:
         49:26:50:aa:41:ce:f1:99:1f:47:34:ce:9c:db:aa:61:7d:5e:
         f2:1c:90:da:d4:b0:49:d2:3d:6f:2f:f5:eb:fd:84:e6:43:af:
         01:5e:34:18:02:e8:73:34:ba:5f:7b:3e:5c:e6:b7:c5:c9:e8:
         22:dc:ec:6b:e5:31:ff:80:0e:44:4e:a5:8e:18:be:5f:28:1a:
         50:7e:a6:d6:8b:ff:79:33:d9:0f:e3:44:1c:d4:48:93:69:2b:
         b5:52:35:b8:ea:d7:cf:c7:6e:f8:2a:a9:fc:49:ba:20:bd:f5:
         a1:58:89:fb:13:30:42:4c:05:c2:23:a4:52:2d:ea:d2:55:ca:
         f8:32:92:6f:84:92:2b:6b:68:a8:0a:dc:41:72:9f:33:c8:77:
         e1:54:d7:1b:2e:81:69:34:09:d8:f2:d1:dc:a0:1d:fc:42:39:
         b2:47:ca:5c:31:79:b5:84:9d:c9:d9:5c:b2:58:bc:10:67:e2:
         2c:0d:27:39:99:2a:cb:b1:34:d9:75:e8:e4:49:16:cd:46:1a:
         81:35:7b:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNNt8pONCU2K3uQ+SZz0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwNjA5MDEwMTI1WhcNMjUwNjEwMDEwMTI1WjAzMTEwLwYDVQQD
Eyg2ZmZlZWVhZjUzMGFkZDM1M2U3OGY5ZTAwOTYxNTFlMTU4MmI3OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q87wQwCf7NKQkrzhWME5Z+gGZC8
OuCiL0i8UkD28swfzfCQVp6gzGBAbi5KGcMPAyfAq9zzSQkDKDMZmgAtCPw2f1me
+Wo+tvu7gg3+GWmV8FPqfqMEeCN57dVcTi2hUyMcha1R6Rox06MvaMUKvfRyj27x
14hG28Tvr3UuSKQUVo9gfQjfsrtBcUDaxul6Fx3+Z77HlvK2+pKecgtyH7rIdy+h
t63pnAcONJIr5rBxmXPtlDfu3giFVQR/ZOiaFWaQGeb25/TaTreiGYag3w/2mWJ6
a48/hAu5q9cmDSe9ZOhYQOl3WFJc9n4H52Sx4fTQuUXcznqzyZm9A7gsgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/+7q9TCt01Pnj54AlhUeFYK3juMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN3c4X2uh
3cu7EjyIymVwFg83BZNUjbOnhd3aXlRfuJ3eIjM3RyjI3ZwKGCjeAh5XtCRXgbRc
SSZQqkHO8ZkfRzTOnNuqYX1e8hyQ2tSwSdI9by/16/2E5kOvAV40GALoczS6X3s+
XOa3xcnoItzsa+Ux/4AORE6ljhi+XygaUH6m1ov/eTPZD+NEHNRIk2krtVI1uOrX
z8du+Cqp/Em6IL31oViJ+xMwQkwFwiOkUi3q0lXK+DKSb4SSK2toqArcQXKfM8h3
4VTXGy6BaTQJ2PLR3KAd/EI5skfKXDF5tYSdydlcsli8EGfiLA0nOZkqy7E02XXo
5EkWzUYagTV7zw==
-----END CERTIFICATE-----