Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          Xka6C6QczdN5xFG5oQUzQci16PuQQSYecsZHrU+IpGU=
Subject key identifier:   42:D9:62:CD:45:69:B4:7B:00:A1:9E:67:0B:0A:CD:14:A3:E9:06:DD
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019761023450C5718F87E1694663FE646C4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0C68
Signing time:             Wed 11 Jun 2025 22:00:23 +0000
Manifest this update:     Wed 11 Jun 2025 22:00:23 +0000
Manifest next update:     Thu 12 Jun 2025 22:00:23 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: XpAsdByb6juGff7sGCzcuTuQxJfCfpm/XtjSmdVAQc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:02:34:50:c5:71:8f:87:e1:69:46:63:fe:64:6c:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Jun 11 22:00:23 2025 GMT
            Not After : Jun 12 22:00:23 2025 GMT
        Subject: CN=42d962cd4569b47b00a19e670b0acd14a3e906dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0e:00:59:f7:64:6a:14:3a:5b:84:6f:8d:e2:
                    ea:d4:e0:92:ce:bd:8d:dd:4e:08:88:90:fe:0f:83:
                    c8:a0:dc:cc:ab:92:1e:99:3b:25:2e:7b:6a:6f:4c:
                    89:bc:64:2d:10:6f:cb:34:6e:c0:08:b1:af:c1:44:
                    4e:81:dc:c1:97:16:9c:a9:7d:08:c0:9c:9c:d2:7e:
                    31:d7:fe:2a:da:f3:f5:96:01:3f:b3:eb:82:9a:9c:
                    34:cc:41:d7:2b:08:b7:bf:95:86:ff:e6:a9:b5:10:
                    5e:b0:68:f3:41:51:6f:d7:22:bf:4b:c6:54:4b:f6:
                    5b:fc:5c:10:04:48:6e:d3:6c:79:b1:97:d1:3b:b4:
                    7c:2e:14:42:fe:bf:9e:f7:8d:81:eb:54:04:43:87:
                    ca:e5:e4:e1:9e:fd:ca:e8:ad:1f:c8:22:4d:08:8d:
                    43:4b:58:04:28:97:a3:2a:1c:e7:6c:02:87:4e:6f:
                    75:00:39:e0:2b:55:65:80:39:af:07:d3:51:34:af:
                    18:1e:db:4e:b2:aa:ba:d8:23:65:47:76:87:9a:ef:
                    f3:6b:93:71:8f:f4:55:23:f3:1c:6e:39:ca:46:9b:
                    79:a7:1c:c8:4c:00:c7:83:39:d8:49:f8:e5:0c:5a:
                    9f:a9:6f:ab:e6:ff:11:43:2d:e4:60:30:86:a7:8f:
                    14:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D9:62:CD:45:69:B4:7B:00:A1:9E:67:0B:0A:CD:14:A3:E9:06:DD
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:c7:c9:b1:ce:67:59:d0:a4:44:11:b6:b1:03:5e:14:26:86:
         b2:06:09:58:57:1f:90:ee:46:86:e9:43:98:a4:a7:3a:33:b0:
         51:aa:a9:98:03:d7:e2:35:95:5a:59:e8:1f:62:3b:cf:f1:1a:
         32:de:5d:eb:79:16:59:ca:c3:f3:d9:18:3e:3d:db:d3:22:11:
         4d:9c:78:ef:8b:eb:33:aa:9d:83:51:f3:cd:7d:77:ab:3a:f6:
         f4:75:6d:f0:f3:06:64:28:1b:39:01:41:67:e1:c5:33:3a:50:
         3d:ea:a4:e5:45:03:a2:f7:41:01:c4:c1:14:07:3a:bd:68:e6:
         12:3b:e1:86:4d:b5:3a:63:9a:5e:38:b2:5f:32:a6:8c:5c:3a:
         aa:99:6f:9a:01:d5:9c:9c:08:3a:41:a9:11:76:d0:20:3d:17:
         99:c1:dd:d4:eb:b2:02:0f:74:71:c2:7f:a0:02:05:d2:51:61:
         fd:f1:80:12:dc:35:a9:48:8c:9a:5a:b9:2f:e8:35:32:e4:01:
         b0:82:a2:c5:40:29:75:92:cf:c5:a0:9e:3d:71:65:65:43:7e:
         ba:fc:c4:7d:48:18:c4:33:71:9f:df:b2:4b:1e:74:9f:b8:e5:
         13:41:08:3a:b0:c2:45:4a:00:29:f1:39:9b:d6:a2:e3:40:35:
         d2:e3:6a:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhAjRQxXGPh+FpRmP+ZGxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUwNjExMjIwMDIzWhcNMjUwNjEyMjIwMDIzWjAzMTEwLwYDVQQD
Eyg0MmQ5NjJjZDQ1NjliNDdiMDBhMTllNjcwYjBhY2QxNGEzZTkwNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw4AWfdkahQ6W4RvjeLq1OCSzr2N
3U4IiJD+D4PIoNzMq5IemTslLntqb0yJvGQtEG/LNG7ACLGvwUROgdzBlxacqX0I
wJyc0n4x1/4q2vP1lgE/s+uCmpw0zEHXKwi3v5WG/+aptRBesGjzQVFv1yK/S8ZU
S/Zb/FwQBEhu02x5sZfRO7R8LhRC/r+e942B61QEQ4fK5eThnv3K6K0fyCJNCI1D
S1gEKJejKhznbAKHTm91ADngK1VlgDmvB9NRNK8YHttOsqq62CNlR3aHmu/za5Nx
j/RVI/McbjnKRpt5pxzITADHgznYSfjlDFqfqW+r5v8RQy3kYDCGp48U4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELZYs1FabR7AKGeZwsKzRSj6QbdMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMfJsc5n
WdCkRBG2sQNeFCaGsgYJWFcfkO5GhulDmKSnOjOwUaqpmAPX4jWVWlnoH2I7z/Ea
Mt5d63kWWcrD89kYPj3b0yIRTZx474vrM6qdg1HzzX13qzr29HVt8PMGZCgbOQFB
Z+HFMzpQPeqk5UUDovdBAcTBFAc6vWjmEjvhhk21OmOaXjiyXzKmjFw6qplvmgHV
nJwIOkGpEXbQID0XmcHd1OuyAg90ccJ/oAIF0lFh/fGAEtw1qUiMmlq5L+g1MuQB
sIKixUApdZLPxaCePXFlZUN+uvzEfUgYxDNxn9+ySx50n7jlE0EIOrDCRUoAKfE5
m9ai40A10uNqpA==
-----END CERTIFICATE-----