Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File:                     rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier:          dUW13iz6zwYpEbcRl33JZ7/wsnOHiSiMxifR7QgkgBY=
Subject key identifier:   09:D3:F4:16:43:44:ED:44:EC:B8:26:B8:D0:E3:84:37:60:37:9A:A8
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer:       /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial:       019748FA9C9B7136FBDB6B848C2509999DFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number:          1138
Signing time:             Sat 07 Jun 2025 06:01:12 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:12 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:12 +0000
Files and hashes:         1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: OrqqbiNdU+w1ICScFIRNMX1X8jhtKlWuX5i1XGPrA/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:9c:9b:71:36:fb:db:6b:84:8c:25:09:99:9d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
        Validity
            Not Before: Jun  7 06:01:12 2025 GMT
            Not After : Jun  8 06:01:12 2025 GMT
        Subject: CN=09d3f4164344ed44ecb826b8d0e3843760379aa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:00:fc:f9:2c:1b:cf:14:d2:b4:12:18:d9:e8:
                    05:f7:ce:d7:34:d6:15:53:e6:a3:46:73:3a:2f:f2:
                    b6:5f:e3:16:99:62:c3:77:ad:6f:ea:6f:0b:53:c1:
                    7a:66:b7:09:ff:e0:a3:72:55:9c:09:05:7a:31:59:
                    bf:05:1f:c5:1e:08:56:e9:5d:46:4d:08:79:bf:fc:
                    32:fd:8f:0b:42:5b:e1:cb:14:1f:bf:35:ad:74:51:
                    5b:a7:3e:a8:ac:7e:30:76:6a:aa:ac:be:fc:c6:13:
                    b8:64:20:ff:eb:2c:42:94:34:c5:ba:02:c3:f5:ab:
                    5d:67:48:7d:71:24:e4:1e:0d:b9:c3:21:c5:4c:85:
                    2a:4c:bc:89:ef:a3:7b:f1:a8:9e:2c:5d:3d:4d:ce:
                    d0:40:a5:c1:e0:9a:c8:4a:3a:05:ac:97:57:fa:3a:
                    e7:58:8c:f9:77:d6:a3:c1:b7:59:d6:82:a5:aa:46:
                    74:90:7f:cc:0b:dd:b9:72:d1:15:fe:85:c8:b5:71:
                    2b:cb:a2:fd:34:9c:e7:b3:02:93:16:a4:4c:40:72:
                    23:3b:9b:bd:23:27:5d:26:c7:cc:f4:c7:72:a2:18:
                    1e:56:12:cf:0a:d5:65:c4:00:5a:dd:31:31:16:75:
                    ba:08:85:1e:94:73:1a:33:73:53:bc:aa:d7:88:d8:
                    c7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D3:F4:16:43:44:ED:44:EC:B8:26:B8:D0:E3:84:37:60:37:9A:A8
            X509v3 Authority Key Identifier:
                keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:eb:a8:48:8d:93:1b:f6:22:58:ef:01:f7:49:19:51:df:e3:
         ac:ef:be:73:ce:8a:f9:19:5a:d5:c5:77:1d:50:48:f6:72:0b:
         e6:0d:c8:e8:88:21:2e:ec:36:be:1d:1b:8b:14:63:84:f4:e1:
         dc:6f:67:0e:97:ae:be:79:98:31:b4:37:f2:3e:d1:29:2b:37:
         d5:09:4a:43:b9:c9:03:1e:f0:57:db:9c:38:f1:f5:3c:8d:8d:
         fb:6e:90:2e:e8:de:5a:76:91:d4:e0:98:9e:d9:44:7f:3f:26:
         50:bf:28:37:df:4c:2f:91:f1:4f:a7:b8:fb:2c:f5:f1:30:01:
         43:bf:e9:94:e2:f9:97:fb:3e:06:f5:34:1c:ed:f1:fc:c0:d2:
         e4:1c:d9:6f:12:6b:f4:e3:9b:57:4b:86:52:27:b9:ae:eb:2c:
         b2:85:7f:4e:61:2b:48:9a:e8:69:6c:d2:66:ed:81:25:f3:f9:
         64:f0:cd:41:66:92:e5:10:47:21:0b:eb:ef:96:6d:46:6c:77:
         4b:db:8c:11:b0:12:35:df:58:e0:fd:bc:50:87:85:5a:9f:84:
         c8:5f:08:60:f1:d2:c2:3a:99:d4:e9:ff:80:73:82:3a:ee:6d:
         4c:86:2f:70:09:f2:38:aa:ce:08:77:5a:26:12:9d:6e:78:fd:
         c3:66:6e:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+pybcTb722uEjCUJmZ37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjUwNjA3MDYwMTEyWhcNMjUwNjA4MDYwMTEyWjAzMTEwLwYDVQQD
EygwOWQzZjQxNjQzNDRlZDQ0ZWNiODI2YjhkMGUzODQzNzYwMzc5YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgD8+SwbzxTStBIY2egF987XNNYV
U+ajRnM6L/K2X+MWmWLDd61v6m8LU8F6ZrcJ/+CjclWcCQV6MVm/BR/FHghW6V1G
TQh5v/wy/Y8LQlvhyxQfvzWtdFFbpz6orH4wdmqqrL78xhO4ZCD/6yxClDTFugLD
9atdZ0h9cSTkHg25wyHFTIUqTLyJ76N78aieLF09Tc7QQKXB4JrISjoFrJdX+jrn
WIz5d9ajwbdZ1oKlqkZ0kH/MC925ctEV/oXItXEry6L9NJznswKTFqRMQHIjO5u9
IyddJsfM9MdyohgeVhLPCtVlxABa3TExFnW6CIUelHMaM3NTvKrXiNjHfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnT9BZDRO1E7LgmuNDjhDdgN5qoMB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouuoSI2T
G/YiWO8B90kZUd/jrO++c86K+Rla1cV3HVBI9nIL5g3I6IghLuw2vh0bixRjhPTh
3G9nDpeuvnmYMbQ38j7RKSs31QlKQ7nJAx7wV9ucOPH1PI2N+26QLujeWnaR1OCY
ntlEfz8mUL8oN99ML5HxT6e4+yz18TABQ7/plOL5l/s+BvU0HO3x/MDS5BzZbxJr
9OObV0uGUie5russsoV/TmErSJroaWzSZu2BJfP5ZPDNQWaS5RBHIQvr75ZtRmx3
S9uMEbASNd9Y4P28UIeFWp+EyF8IYPHSwjqZ1On/gHOCOu5tTIYvcAnyOKrOCHda
JhKdbnj9w2Zu6A==
-----END CERTIFICATE-----