Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
File:                     hRRRk1wYRkb4aHgjivsKDVqwut4.mft (raw, json)
Hash identifier:          TMjVPMoYi9wEtBRfQ8IHJulkoJWiA/PFJDFJv0GwFpo=
Subject key identifier:   62:FB:33:D8:9B:C9:7B:7C:9D:03:9A:F2:49:19:83:11:6F:0D:1A:12
Authority key identifier: 85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE
Certificate issuer:       /CN=851451935c184646f86878238afb0a0d5ab0bade
Certificate serial:       0199239EB9EF376B09195188E77BC1F5FD29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
Manifest number:          21
Signing time:             Sun 07 Sep 2025 10:00:28 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:28 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:28 +0000
Files and hashes:         1: hRRRk1wYRkb4aHgjivsKDVqwut4.crl (hash: 8npAsg9wzTNlfXTrLCkwjP8u3CSlwIdpqnLK0YoE4Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:b9:ef:37:6b:09:19:51:88:e7:7b:c1:f5:fd:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851451935c184646f86878238afb0a0d5ab0bade
        Validity
            Not Before: Sep  7 10:00:28 2025 GMT
            Not After : Sep  8 10:00:28 2025 GMT
        Subject: CN=62fb33d89bc97b7c9d039af2491983116f0d1a12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f4:38:df:db:f7:45:26:11:20:e4:0b:f0:28:
                    1a:1f:e5:90:f5:4d:99:ab:29:ae:63:0a:5d:da:e6:
                    c4:18:93:dc:fc:87:b8:6f:67:0a:35:b0:ef:15:23:
                    c0:65:e1:09:75:6f:2b:3a:b7:cc:54:74:61:43:18:
                    51:84:b1:26:d9:a3:e5:99:aa:0f:ac:49:2e:cb:ba:
                    0a:81:1a:c8:52:1b:1a:b3:33:8e:c8:9c:ee:88:e1:
                    c3:d2:df:f7:30:57:ca:c5:94:ee:8f:74:4f:9c:76:
                    25:11:1d:a5:a3:17:69:58:2f:95:87:63:68:b9:19:
                    ea:ca:66:06:75:6d:58:60:83:2f:af:fc:83:f5:b9:
                    e8:54:fb:7c:cd:8d:e7:fa:d4:e0:6f:c3:c9:45:c2:
                    b6:94:c8:6c:bf:9c:b4:cd:49:bd:51:06:87:79:1c:
                    6c:6d:43:c8:e2:7b:fc:7a:33:10:a0:5f:ab:28:7c:
                    8c:5f:a5:b3:b2:1d:21:01:d8:3b:a7:3c:31:83:f8:
                    44:ff:ad:2a:8c:25:9a:6e:9f:0d:71:6f:8e:2e:ad:
                    91:c7:f5:33:16:12:fd:71:6f:58:14:73:5b:3e:ce:
                    07:7f:34:a7:a1:ba:49:67:dd:ad:26:76:05:db:62:
                    6b:0f:c5:2a:45:3f:c3:e1:fd:0f:b2:10:b9:a4:3f:
                    19:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:FB:33:D8:9B:C9:7B:7C:9D:03:9A:F2:49:19:83:11:6F:0D:1A:12
            X509v3 Authority Key Identifier:
                keyid:85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:16:20:cd:4c:7c:4a:f2:3c:f1:b2:9e:34:78:89:c5:5b:5f:
         05:a6:70:c2:af:b0:f1:f1:41:0f:89:b9:19:d3:00:bd:14:5b:
         e0:38:28:fe:79:27:69:fd:16:d7:56:6e:a6:fc:0b:78:76:be:
         02:ec:21:68:2c:6e:f2:b3:06:e3:42:42:75:8a:f6:e1:fc:5d:
         57:bd:a9:ef:80:ca:d2:c2:e4:b2:0c:6c:f7:54:12:f3:8e:52:
         d4:5d:19:57:9b:f0:ea:66:e2:38:9c:89:94:9d:49:58:77:ec:
         8d:cf:5d:ff:28:fd:30:10:2d:2b:b1:3f:39:b9:3d:1c:e7:9c:
         5a:6a:61:1a:07:15:db:52:c2:04:14:72:81:e8:20:b1:62:2d:
         3e:b8:1e:75:a0:10:c5:46:cb:4d:80:8b:fb:bf:24:12:fd:e0:
         e3:57:09:7e:96:fc:20:a1:f1:da:3e:36:4f:99:5d:54:67:dd:
         d7:ae:83:29:71:13:21:ec:17:5b:02:16:76:94:4e:79:18:89:
         2e:06:cf:ea:31:9c:de:4b:32:bf:28:70:f3:5b:5c:e3:2f:fc:
         c5:49:3e:18:36:4f:17:8f:12:8b:ea:3d:8e:fc:d3:d5:16:d6:
         19:2d:22:4f:76:81:6f:82:3c:5f:f2:38:c4:34:b2:32:7b:dd:
         ff:c9:1b:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnrnvN2sJGVGI53vB9f0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTQ1MTkzNWMxODQ2NDZmODY4NzgyMzhhZmIwYTBkNWFi
MGJhZGUwHhcNMjUwOTA3MTAwMDI4WhcNMjUwOTA4MTAwMDI4WjAzMTEwLwYDVQQD
Eyg2MmZiMzNkODliYzk3YjdjOWQwMzlhZjI0OTE5ODMxMTZmMGQxYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPQ439v3RSYRIOQL8CgaH+WQ9U2Z
qymuYwpd2ubEGJPc/Ie4b2cKNbDvFSPAZeEJdW8rOrfMVHRhQxhRhLEm2aPlmaoP
rEkuy7oKgRrIUhsaszOOyJzuiOHD0t/3MFfKxZTuj3RPnHYlER2loxdpWC+Vh2No
uRnqymYGdW1YYIMvr/yD9bnoVPt8zY3n+tTgb8PJRcK2lMhsv5y0zUm9UQaHeRxs
bUPI4nv8ejMQoF+rKHyMX6Wzsh0hAdg7pzwxg/hE/60qjCWabp8NcW+OLq2Rx/Uz
FhL9cW9YFHNbPs4HfzSnobpJZ92tJnYF22JrD8UqRT/D4f0PshC5pD8ZiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGL7M9ibyXt8nQOa8kkZgxFvDRoSMB8GA1UdIwQY
MBaAFIUUUZNcGEZG+Gh4I4r7Cg1asLreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYt
NmRkNmE5YzU1ZjU3LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYtNmRkNmE5YzU1ZjU3
LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnBYgzUx8
SvI88bKeNHiJxVtfBaZwwq+w8fFBD4m5GdMAvRRb4Dgo/nknaf0W11ZupvwLeHa+
AuwhaCxu8rMG40JCdYr24fxdV72p74DK0sLksgxs91QS845S1F0ZV5vw6mbiOJyJ
lJ1JWHfsjc9d/yj9MBAtK7E/Obk9HOecWmphGgcV21LCBBRygeggsWItPrgedaAQ
xUbLTYCL+78kEv3g41cJfpb8IKHx2j42T5ldVGfd166DKXETIewXWwIWdpROeRiJ
LgbP6jGc3ksyvyhw81tc4y/8xUk+GDZPF48Si+o9jvzT1RbWGS0iT3aBb4I8X/I4
xDSyMnvd/8kbww==
-----END CERTIFICATE-----