Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          6b5h9u8LtJs3Lb/LVrv0bDRjXCZo4ukZa4rMO7GHDCg=
Subject key identifier:   39:B1:4C:D6:AE:66:C1:CE:4C:FD:DF:61:C2:EF:80:A8:3E:EC:C8:28
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       01974A7AAD5240A0188F4E883801BCE00F93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 13:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:43 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: kD745wqWbFOg8Zkt99bCYE350Nbt91wdUm7Si98zDX0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:ad:52:40:a0:18:8f:4e:88:38:01:bc:e0:0f:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Jun  7 13:00:43 2025 GMT
            Not After : Jun  8 13:00:43 2025 GMT
        Subject: CN=39b14cd6ae66c1ce4cfddf61c2ef80a83eecc828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d1:61:0e:e7:f9:6d:af:c2:5f:10:7c:f1:bb:
                    4c:30:04:86:d4:a1:dd:0e:ef:7d:0d:20:b7:21:d2:
                    6b:32:7b:d5:3f:8b:3f:92:b8:27:ac:6b:12:56:8d:
                    ea:2b:5d:a3:b7:c0:09:17:b6:97:cb:70:c8:cb:01:
                    85:96:d1:8b:31:37:68:bb:76:a4:20:d8:1f:bb:cb:
                    73:ab:ec:c2:4b:33:2b:72:28:cc:a3:32:f0:1e:43:
                    29:eb:f8:e0:e7:5d:cd:67:75:fb:8e:08:20:70:b4:
                    49:6a:27:97:4c:7a:7b:23:56:df:ba:f4:91:62:2f:
                    ab:79:25:96:07:aa:c9:41:5f:ca:63:c0:c6:3e:df:
                    19:0a:19:2a:36:fb:13:a4:3f:eb:52:3d:33:bf:70:
                    ec:ba:85:00:00:10:d1:99:6e:67:82:87:89:01:a6:
                    4a:e9:54:72:49:8b:56:ce:b4:1e:72:58:79:1c:10:
                    b6:d9:1f:c7:9e:fc:b2:26:27:97:7a:d6:4f:7f:54:
                    69:51:ff:a4:02:9f:ba:70:f1:35:85:72:7b:a9:62:
                    64:f2:16:8a:9b:3f:71:d1:2f:35:f3:95:5d:f8:b1:
                    ca:da:9b:9d:9d:07:7a:63:f3:e6:3f:1c:2f:3f:56:
                    e9:01:e6:93:95:27:ee:0b:a5:49:6a:60:d8:64:c2:
                    e2:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B1:4C:D6:AE:66:C1:CE:4C:FD:DF:61:C2:EF:80:A8:3E:EC:C8:28
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:49:b0:16:cb:ec:fd:a1:44:44:4b:0e:76:dd:c0:e7:8d:05:
         3b:36:f7:0c:9e:ce:44:2e:e9:60:cd:c3:80:9f:6b:f9:fd:bf:
         7b:bc:6a:72:c5:3f:13:cf:10:af:f9:89:38:90:d5:33:67:d2:
         98:99:88:5a:3d:89:d7:eb:d8:3d:d8:fb:f2:7d:ac:d4:40:8b:
         d2:8f:ab:9d:4f:89:8a:04:6e:b7:51:71:a0:3c:57:95:93:bc:
         ae:d7:f1:81:46:37:66:15:c1:7d:24:b9:3c:5d:1d:7b:56:ea:
         28:07:18:83:2e:8c:1b:e4:93:66:85:76:8c:f2:2c:79:43:04:
         3e:ee:19:ef:81:89:a8:47:3b:83:7f:cd:67:ed:03:f3:37:17:
         22:75:29:23:5c:bb:bc:be:a5:43:75:eb:f2:31:eb:55:86:fb:
         2f:fd:d8:5c:85:81:d4:84:13:58:b3:8b:6a:eb:ab:c6:4e:0f:
         6a:d9:b5:ab:9a:20:7c:a6:ae:b6:21:31:62:1f:3b:60:3b:cb:
         cb:70:f0:f1:78:56:62:21:f3:b3:4c:58:46:11:3a:59:af:50:
         55:4f:94:bb:dd:49:39:70:6d:c3:de:54:42:9c:d6:b2:b4:d4:
         ea:f6:63:ee:dd:db:76:07:68:4c:64:e6:49:ce:6e:ab:82:b3:
         1f:36:0a:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeq1SQKAYj06IOAG84A+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUwNjA3MTMwMDQzWhcNMjUwNjA4MTMwMDQzWjAzMTEwLwYDVQQD
EygzOWIxNGNkNmFlNjZjMWNlNGNmZGRmNjFjMmVmODBhODNlZWNjODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtFhDuf5ba/CXxB88btMMASG1KHd
Du99DSC3IdJrMnvVP4s/krgnrGsSVo3qK12jt8AJF7aXy3DIywGFltGLMTdou3ak
INgfu8tzq+zCSzMrcijMozLwHkMp6/jg513NZ3X7jgggcLRJaieXTHp7I1bfuvSR
Yi+reSWWB6rJQV/KY8DGPt8ZChkqNvsTpD/rUj0zv3DsuoUAABDRmW5ngoeJAaZK
6VRySYtWzrQeclh5HBC22R/HnvyyJieXetZPf1RpUf+kAp+6cPE1hXJ7qWJk8haK
mz9x0S8185Vd+LHK2pudnQd6Y/PmPxwvP1bpAeaTlSfuC6VJamDYZMLiMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmxTNauZsHOTP3fYcLvgKg+7MgoMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0EmwFsvs
/aFEREsOdt3A540FOzb3DJ7ORC7pYM3DgJ9r+f2/e7xqcsU/E88Qr/mJOJDVM2fS
mJmIWj2J1+vYPdj78n2s1ECL0o+rnU+JigRut1FxoDxXlZO8rtfxgUY3ZhXBfSS5
PF0de1bqKAcYgy6MG+STZoV2jPIseUMEPu4Z74GJqEc7g3/NZ+0D8zcXInUpI1y7
vL6lQ3Xr8jHrVYb7L/3YXIWB1IQTWLOLauurxk4Patm1q5ogfKautiExYh87YDvL
y3Dw8XhWYiHzs0xYRhE6Wa9QVU+Uu91JOXBtw95UQpzWsrTU6vZj7t3bdgdoTGTm
Sc5uq4KzHzYK0A==
-----END CERTIFICATE-----