Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          hUuYaQKVgHKLFc3Axqeo6cWNn/kwUbG0a8iX0v8ExBo=
Subject key identifier:   32:43:26:56:D9:2A:0D:F9:08:B4:D9:60:F8:B0:3B:61:1E:8C:09:91
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019768BBAF822822980B93200665E7A68080
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0C6C
Signing time:             Fri 13 Jun 2025 10:00:19 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:19 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:19 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: dWLiBImIFCgVAMcbhpkGK9z2BRivm/PRRA1t/lMHrTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:af:82:28:22:98:0b:93:20:06:65:e7:a6:80:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Jun 13 10:00:19 2025 GMT
            Not After : Jun 14 10:00:19 2025 GMT
        Subject: CN=32432656d92a0df908b4d960f8b03b611e8c0991
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:07:c5:1f:9c:01:ed:14:41:a9:7f:db:e3:f5:
                    26:48:11:b1:c5:2f:d9:06:7f:0c:f2:b3:b2:7e:3c:
                    f7:c2:99:79:1a:65:f2:d2:fa:ca:fb:b9:17:81:15:
                    f0:ab:f2:98:a3:37:0f:75:48:d8:dd:af:0a:50:4f:
                    38:47:6b:62:44:96:87:62:f4:a2:88:ef:46:98:88:
                    c2:31:9e:2f:bd:8b:4e:83:7e:05:d8:da:2a:9d:8e:
                    b2:3c:9c:07:97:ef:d8:64:be:46:13:05:3a:a3:d0:
                    ec:32:b8:9f:4f:05:bd:ca:c2:da:bf:35:e8:39:bc:
                    64:ab:82:39:26:57:a1:71:3f:7a:bc:39:6a:e2:4d:
                    35:7d:64:8a:91:be:5a:11:ea:0c:6c:25:5b:8c:5d:
                    6c:6f:80:27:c0:c3:ca:2c:8a:d7:64:ca:cc:99:c6:
                    1f:3c:dc:93:51:e5:0e:81:27:4d:37:1e:8d:0a:68:
                    f6:7c:e0:4b:36:4e:1b:22:47:dd:57:16:4b:c0:7b:
                    96:ed:ee:b1:59:d9:60:83:4c:ff:21:59:fc:6a:97:
                    cd:97:a4:3c:7f:9b:91:6e:86:64:88:c4:28:61:30:
                    b9:ce:b8:78:b6:cf:33:2f:42:38:b4:0b:1d:2b:e3:
                    54:42:ee:55:e0:37:ac:33:6f:9c:39:be:00:32:df:
                    99:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:43:26:56:D9:2A:0D:F9:08:B4:D9:60:F8:B0:3B:61:1E:8C:09:91
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:b7:6b:ff:b8:4b:79:48:d2:3b:84:12:1c:a4:9d:6b:8b:bc:
         c3:91:26:09:48:7e:54:b3:33:c3:a9:bd:07:bd:f6:51:b6:73:
         5e:3a:38:6d:40:35:91:8c:79:d1:b6:f9:39:37:ce:65:9a:e0:
         22:f6:79:0e:f5:c0:b5:46:37:e1:09:1e:52:40:2e:fe:ad:fc:
         67:79:eb:fb:15:3c:78:18:ed:63:90:f5:32:5e:66:59:c4:9f:
         7a:0b:67:c9:bb:e0:c6:5a:b2:19:7d:63:cf:1d:f4:f9:74:e6:
         a7:50:5a:4b:c3:3d:47:25:6f:4b:a4:96:cd:15:2d:0b:9f:3e:
         8b:1a:21:13:d8:f6:cc:40:f5:20:d1:26:94:79:31:2a:06:19:
         b8:cd:b8:18:fb:23:09:88:ff:9c:fa:29:70:96:83:9e:be:69:
         5a:3c:79:11:10:c8:b1:29:cf:e9:f6:38:9f:ae:f0:21:68:53:
         c1:02:84:bc:85:6d:da:3d:b4:4d:05:c0:49:c4:49:c3:2a:c0:
         33:a8:06:2b:c0:b0:27:2d:3e:03:03:a4:b4:1d:9c:8d:b1:58:
         a4:98:06:38:3d:53:c5:4b:e8:9c:61:ac:b2:f2:3d:c4:66:a8:
         8b:85:25:30:70:fe:4d:e3:a4:83:27:79:c2:a4:4f:d3:c0:b8:
         b3:cc:c5:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou6+CKCKYC5MgBmXnpoCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUwNjEzMTAwMDE5WhcNMjUwNjE0MTAwMDE5WjAzMTEwLwYDVQQD
EygzMjQzMjY1NmQ5MmEwZGY5MDhiNGQ5NjBmOGIwM2I2MTFlOGMwOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQfFH5wB7RRBqX/b4/UmSBGxxS/Z
Bn8M8rOyfjz3wpl5GmXy0vrK+7kXgRXwq/KYozcPdUjY3a8KUE84R2tiRJaHYvSi
iO9GmIjCMZ4vvYtOg34F2NoqnY6yPJwHl+/YZL5GEwU6o9DsMrifTwW9ysLavzXo
Obxkq4I5JlehcT96vDlq4k01fWSKkb5aEeoMbCVbjF1sb4AnwMPKLIrXZMrMmcYf
PNyTUeUOgSdNNx6NCmj2fOBLNk4bIkfdVxZLwHuW7e6xWdlgg0z/IVn8apfNl6Q8
f5uRboZkiMQoYTC5zrh4ts8zL0I4tAsdK+NUQu5V4DesM2+cOb4AMt+ZfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJDJlbZKg35CLTZYPiwO2EejAmRMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdrdr/7hL
eUjSO4QSHKSda4u8w5EmCUh+VLMzw6m9B732UbZzXjo4bUA1kYx50bb5OTfOZZrg
IvZ5DvXAtUY34QkeUkAu/q38Z3nr+xU8eBjtY5D1Ml5mWcSfegtnybvgxlqyGX1j
zx30+XTmp1BaS8M9RyVvS6SWzRUtC58+ixohE9j2zED1INEmlHkxKgYZuM24GPsj
CYj/nPopcJaDnr5pWjx5ERDIsSnP6fY4n67wIWhTwQKEvIVt2j20TQXAScRJwyrA
M6gGK8CwJy0+AwOktB2cjbFYpJgGOD1TxUvonGGssvI9xGaoi4UlMHD+TeOkgyd5
wqRP08C4s8zFDw==
-----END CERTIFICATE-----