Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          iJtY1YobPwkUPQjrLkn0+CE4Tgyq9oVpFkfnyRgoYCI=
Subject key identifier:   57:4C:11:64:0E:86:21:7C:4F:9B:5E:8B:84:7C:99:A4:40:29:C1:80
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       01992367C53F863CDAAF8CDD1C1439E77EE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          1154
Signing time:             Sun 07 Sep 2025 09:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 09:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 09:00:27 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: nu7a9ZAVxmHZI6UcxMR00zOIitkLRgTk6ggFYgIvpm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:67:c5:3f:86:3c:da:af:8c:dd:1c:14:39:e7:7e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Sep  7 09:00:27 2025 GMT
            Not After : Sep  8 09:00:27 2025 GMT
        Subject: CN=574c11640e86217c4f9b5e8b847c99a44029c180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:23:44:76:9e:8d:89:c7:8f:67:28:56:14:e8:
                    de:4a:1f:66:36:19:3d:11:51:39:3b:72:c5:4b:d3:
                    e1:68:f1:f3:5c:7b:1c:49:f4:de:d3:0c:30:ad:d8:
                    8e:45:65:05:f8:f5:11:d2:4b:f4:c2:d8:b7:47:a7:
                    d1:9f:fb:17:47:d6:46:39:2c:73:fb:8a:01:b3:7c:
                    94:4b:a7:91:6b:6a:5d:20:61:4a:fd:91:2c:ef:cf:
                    a1:a9:fc:f0:68:45:3c:24:84:48:2d:dd:df:e6:23:
                    92:0c:7b:e1:8a:24:74:10:19:65:d1:6d:18:82:f3:
                    37:d0:29:be:39:c0:e2:52:36:c1:d0:2b:fa:09:65:
                    a4:0f:d2:28:ba:36:27:d0:27:e0:1c:fd:26:07:5b:
                    85:de:86:f7:9f:d9:ce:62:46:44:4e:57:94:f4:c5:
                    2f:a6:97:06:94:d0:1d:4b:d5:47:46:03:e5:fb:b3:
                    2a:d3:d6:8a:35:be:4d:df:9b:32:07:6f:d8:14:fc:
                    6f:f4:c7:5a:91:19:f7:66:b8:b4:89:8f:ab:06:16:
                    19:21:46:6d:b0:62:69:23:f8:12:5e:04:af:a5:f2:
                    18:04:0e:56:0a:66:23:19:30:f8:f7:2e:33:8a:1a:
                    7d:5d:ac:53:0a:b6:88:70:68:6f:0d:5a:1a:72:1f:
                    df:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:4C:11:64:0E:86:21:7C:4F:9B:5E:8B:84:7C:99:A4:40:29:C1:80
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:07:a5:85:12:a1:54:f3:75:de:1f:10:c1:60:c0:45:bf:b9:
         99:6c:a0:cf:65:40:f8:88:95:4a:7a:0e:11:4b:1a:b5:94:4e:
         0a:d3:50:30:39:c3:06:02:00:e5:64:3a:da:16:ad:3c:8a:f9:
         96:90:c4:a4:8e:d1:28:37:b4:12:16:4a:b2:f0:4d:35:db:e8:
         7d:90:77:77:20:2b:b5:41:57:2a:b1:3c:c8:44:03:a7:fe:43:
         de:3f:69:22:c1:47:e9:42:4b:0d:06:cf:90:90:4d:75:97:7d:
         94:90:82:fd:41:1e:4e:d6:a4:61:d1:fa:d5:09:01:85:b9:6b:
         f1:88:91:dd:3a:80:51:52:10:79:67:dd:10:6b:68:32:4b:70:
         b6:0b:75:81:fd:1b:79:16:0c:7b:8d:81:14:a9:09:a8:16:cf:
         e5:da:5e:16:01:d6:92:c8:97:68:b4:66:1d:f0:d5:96:00:6d:
         26:4d:6f:43:81:db:5e:ed:87:13:41:6d:21:65:72:a3:ce:1b:
         4b:8b:7e:69:93:0b:0e:38:84:6b:73:af:57:b9:9c:4c:e0:fc:
         e2:27:d1:9f:d1:80:42:ff:93:29:bc:56:5f:b2:91:f6:48:2c:
         d0:2f:1f:d1:b9:c5:fc:87:c4:33:ef:08:71:2e:0d:c2:d0:d1:
         e4:84:0f:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjZ8U/hjzar4zdHBQ5537mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUwOTA3MDkwMDI3WhcNMjUwOTA4MDkwMDI3WjAzMTEwLwYDVQQD
Eyg1NzRjMTE2NDBlODYyMTdjNGY5YjVlOGI4NDdjOTlhNDQwMjljMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniNEdp6NicePZyhWFOjeSh9mNhk9
EVE5O3LFS9PhaPHzXHscSfTe0wwwrdiORWUF+PUR0kv0wti3R6fRn/sXR9ZGOSxz
+4oBs3yUS6eRa2pdIGFK/ZEs78+hqfzwaEU8JIRILd3f5iOSDHvhiiR0EBll0W0Y
gvM30Cm+OcDiUjbB0Cv6CWWkD9IoujYn0CfgHP0mB1uF3ob3n9nOYkZETleU9MUv
ppcGlNAdS9VHRgPl+7Mq09aKNb5N35syB2/YFPxv9MdakRn3Zri0iY+rBhYZIUZt
sGJpI/gSXgSvpfIYBA5WCmYjGTD49y4zihp9XaxTCraIcGhvDVoach/fywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdMEWQOhiF8T5tei4R8maRAKcGAMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgelhRKh
VPN13h8QwWDARb+5mWygz2VA+IiVSnoOEUsatZROCtNQMDnDBgIA5WQ62hatPIr5
lpDEpI7RKDe0EhZKsvBNNdvofZB3dyArtUFXKrE8yEQDp/5D3j9pIsFH6UJLDQbP
kJBNdZd9lJCC/UEeTtakYdH61QkBhblr8YiR3TqAUVIQeWfdEGtoMktwtgt1gf0b
eRYMe42BFKkJqBbP5dpeFgHWksiXaLRmHfDVlgBtJk1vQ4HbXu2HE0FtIWVyo84b
S4t+aZMLDjiEa3OvV7mcTOD84ifRn9GAQv+TKbxWX7KR9kgs0C8f0bnF/IfEM+8I
cS4NwtDR5IQPBQ==
-----END CERTIFICATE-----