Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          X68C2w0HfP7qNTQ2TExkjfeMeSc/RyIXe6MTQ9XuVq8=
Subject key identifier:   BB:A4:D2:14:F6:F9:44:54:CD:BE:7D:21:4C:7B:31:C9:50:9E:06:72
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019749D5F7B106B091DB3746C9C45C3D0BDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          03B2
Signing time:             Sat 07 Jun 2025 10:00:48 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:48 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:48 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: 5Olute5NwEAFBMlWDiyVfZgPptiiZZybmblVQWnOyGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:f7:b1:06:b0:91:db:37:46:c9:c4:5c:3d:0b:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Jun  7 10:00:48 2025 GMT
            Not After : Jun  8 10:00:48 2025 GMT
        Subject: CN=bba4d214f6f94454cdbe7d214c7b31c9509e0672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:5c:39:cf:4c:19:fd:28:e5:d3:15:2e:5b:cc:
                    b6:6d:32:7c:1f:72:69:28:74:16:d9:b2:5b:79:b1:
                    1b:48:74:37:87:c1:91:38:84:e8:13:bf:f4:b9:fc:
                    a6:69:d1:7d:da:de:a3:2f:e3:0c:34:a3:cc:9a:25:
                    c4:7a:64:67:c3:2c:f4:05:1a:f9:4e:f2:64:6d:23:
                    df:0f:7d:0b:ce:5f:8b:dd:49:23:6e:b1:1e:f9:6c:
                    a5:ff:dc:01:7c:b8:22:a3:ac:66:b6:13:b1:c4:3b:
                    cd:07:92:2b:16:6c:05:8a:c0:c9:f1:c4:6e:07:9f:
                    2f:61:2f:74:d5:36:5a:ae:1e:e3:bb:ec:9d:e3:dd:
                    f1:3e:51:fd:00:11:da:63:5b:94:68:5e:a5:e2:5e:
                    02:91:be:a7:c5:56:cb:e2:44:ff:9c:43:31:4a:8b:
                    6d:5a:d4:1d:86:ee:96:b8:f0:b7:5b:84:cc:87:4f:
                    72:c7:8c:3f:dc:12:0d:4b:d0:f8:24:1b:b0:8f:e8:
                    1c:51:20:d5:28:fc:cc:5a:3c:3a:32:11:7d:00:2e:
                    6b:91:14:c9:22:86:92:0f:d3:3c:b9:de:32:c7:b7:
                    0a:dd:34:62:ee:a5:7c:55:25:a0:2f:32:51:b0:d6:
                    3b:f4:2f:70:7f:76:16:22:9e:40:68:7c:68:a7:6b:
                    3c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A4:D2:14:F6:F9:44:54:CD:BE:7D:21:4C:7B:31:C9:50:9E:06:72
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:27:5c:c9:15:d6:bf:61:a9:bc:8b:62:f7:31:e7:38:03:d8:
         64:37:dd:e0:f6:76:2b:64:73:0b:54:85:38:6f:a1:84:f8:2f:
         e7:bb:94:05:f7:e0:8c:84:84:d2:08:22:b2:62:fe:fb:7f:3b:
         5e:ae:77:82:33:71:ff:a4:c1:73:92:d1:89:2a:be:02:69:8d:
         65:9c:70:b5:b4:c9:4b:62:8b:38:c9:d7:d3:5d:84:be:49:9b:
         03:32:96:49:ba:ee:1c:70:2a:53:e0:7c:4b:e1:f0:1e:74:6e:
         9e:9b:41:4d:6a:15:07:64:42:b9:c6:67:3b:48:a5:30:ba:18:
         12:d9:d7:b0:4d:d4:7c:a8:aa:96:a7:fb:0e:95:97:e7:08:54:
         2a:2d:4b:8c:19:62:90:46:2d:3d:18:e5:61:d7:d0:88:83:4a:
         ae:59:0e:5d:1c:c7:95:7d:70:c7:25:4a:df:a4:dd:85:54:ea:
         9a:a6:0d:11:ea:e0:2f:53:2e:5e:b9:f1:c0:1f:e8:0b:09:dc:
         96:a0:09:b6:7e:a7:3d:6e:7f:5f:47:2d:6d:9c:ea:c1:36:ae:
         dd:e3:92:66:14:25:49:e5:76:74:a7:db:64:70:05:8c:0e:ad:
         48:19:65:2e:f0:71:50:52:ce:bb:9c:69:42:bd:18:b6:4b:8c:
         be:68:55:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1fexBrCR2zdGycRcPQveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwNjA3MTAwMDQ4WhcNMjUwNjA4MTAwMDQ4WjAzMTEwLwYDVQQD
EyhiYmE0ZDIxNGY2Zjk0NDU0Y2RiZTdkMjE0YzdiMzFjOTUwOWUwNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllw5z0wZ/Sjl0xUuW8y2bTJ8H3Jp
KHQW2bJbebEbSHQ3h8GROIToE7/0ufymadF92t6jL+MMNKPMmiXEemRnwyz0BRr5
TvJkbSPfD30Lzl+L3UkjbrEe+Wyl/9wBfLgio6xmthOxxDvNB5IrFmwFisDJ8cRu
B58vYS901TZarh7ju+yd493xPlH9ABHaY1uUaF6l4l4Ckb6nxVbL4kT/nEMxSott
WtQdhu6WuPC3W4TMh09yx4w/3BINS9D4JBuwj+gcUSDVKPzMWjw6MhF9AC5rkRTJ
IoaSD9M8ud4yx7cK3TRi7qV8VSWgLzJRsNY79C9wf3YWIp5AaHxop2s84QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuk0hT2+URUzb59IUx7MclQngZyMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnidcyRXW
v2GpvIti9zHnOAPYZDfd4PZ2K2RzC1SFOG+hhPgv57uUBffgjISE0ggismL++387
Xq53gjNx/6TBc5LRiSq+AmmNZZxwtbTJS2KLOMnX012EvkmbAzKWSbruHHAqU+B8
S+HwHnRunptBTWoVB2RCucZnO0ilMLoYEtnXsE3UfKiqlqf7DpWX5whUKi1LjBli
kEYtPRjlYdfQiINKrlkOXRzHlX1wxyVK36TdhVTqmqYNEergL1MuXrnxwB/oCwnc
lqAJtn6nPW5/X0ctbZzqwTau3eOSZhQlSeV2dKfbZHAFjA6tSBllLvBxUFLOu5xp
Qr0YtkuMvmhVNw==
-----END CERTIFICATE-----