Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          UldmGEWgfTxVnZaNpaOf0yBRaB33fAYfh+dfOIVkTnI=
Subject key identifier:   C6:3F:D3:40:0A:FF:E2:32:DB:CA:8C:73:1E:BA:A7:96:75:60:49:8A
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       01964F6D20BF6CC045C9615008BE89C57468
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          086B
Signing time:             Sat 19 Apr 2025 19:01:13 +0000
Manifest this update:     Sat 19 Apr 2025 19:01:13 +0000
Manifest next update:     Sun 20 Apr 2025 19:01:13 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: eGr5X5Dmh/hEdwxk6tohpA4UMpOdb95D7llvc0p7z9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:6d:20:bf:6c:c0:45:c9:61:50:08:be:89:c5:74:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Apr 19 19:01:13 2025 GMT
            Not After : Apr 20 19:01:13 2025 GMT
        Subject: CN=c63fd3400affe232dbca8c731ebaa7967560498a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:60:2a:5c:ef:0b:f3:fc:55:ef:ea:8a:b7:e7:
                    ba:e7:d0:81:cd:f2:05:ba:2d:e7:57:a1:32:3d:2e:
                    ea:d1:b6:4f:8d:69:b3:b8:68:45:3f:7a:1e:d2:cc:
                    67:c5:ec:78:a6:f5:b2:82:68:93:74:4e:dd:6e:a5:
                    1b:39:d4:2d:8c:09:b8:7a:74:3a:50:9a:0d:c2:14:
                    1c:fa:76:f2:82:9e:d4:68:22:3b:37:e6:6d:85:3b:
                    a1:a8:82:c6:75:29:7d:6c:08:ca:51:60:93:c1:82:
                    47:16:64:14:22:1c:ef:cb:fe:68:ae:f6:03:d5:62:
                    ea:01:fb:27:28:81:16:b3:b7:27:b0:6b:3e:ce:e6:
                    9a:07:37:85:1c:74:1f:e2:0d:43:a3:f8:c8:27:53:
                    b1:f3:9e:a7:95:a9:96:b6:75:43:37:2a:82:88:cb:
                    25:eb:e0:e9:6e:59:07:c7:0c:b3:b6:0b:e8:ff:c4:
                    1f:00:02:17:75:b7:e7:c6:1b:38:44:fd:ab:67:72:
                    de:c9:06:e6:2b:cd:a0:ff:34:fe:43:ee:5b:d6:64:
                    87:c2:56:c1:f2:1c:ce:ee:82:c9:fd:57:4f:d9:0d:
                    0e:7c:73:8a:52:84:0c:e6:c2:d7:22:79:1d:df:7e:
                    f8:07:b7:73:7f:a8:e2:87:e5:48:26:bf:41:14:d4:
                    99:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3F:D3:40:0A:FF:E2:32:DB:CA:8C:73:1E:BA:A7:96:75:60:49:8A
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:4a:53:fb:bc:81:f6:85:3f:b6:5b:7d:3d:60:86:6a:c0:68:
         76:e6:5d:06:2f:40:ad:86:28:a2:3a:dc:ef:c6:d8:54:64:cc:
         2a:bd:c7:aa:60:56:f0:78:ee:a1:ac:80:53:5d:ae:98:61:34:
         08:3d:86:ed:cf:43:16:35:10:5d:2b:ad:48:f2:2e:24:50:84:
         36:76:3f:fe:95:bd:3c:c3:71:a3:74:e6:80:52:8b:0f:3a:a3:
         8e:fb:41:05:69:72:7c:4d:00:a9:2f:da:55:79:0d:b2:a1:2e:
         72:fe:b3:c4:89:00:2d:a7:9e:be:23:58:4c:c1:a4:70:f1:dc:
         e1:7c:35:24:8d:dd:c9:85:0a:e7:c8:5f:58:dd:49:4a:f0:ab:
         fc:de:f7:ac:c3:e6:29:c9:a4:7f:ba:37:18:18:57:12:6d:07:
         af:52:62:2f:b9:43:66:11:7a:21:90:fb:68:cc:c5:e7:8b:30:
         87:a0:2c:9f:75:87:ef:76:83:d2:e0:39:ca:10:c6:d6:69:5e:
         cb:00:21:1d:c1:27:73:db:20:53:ab:c5:fe:3c:05:2c:96:ac:
         54:29:99:ac:5e:ee:20:b8:a5:f9:b1:d3:b7:91:61:d6:bd:ed:
         d3:40:8d:24:da:e2:63:db:fe:b1:75:ae:77:32:d9:a4:15:2f:
         76:42:27:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZPbSC/bMBFyWFQCL6JxXRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwNDE5MTkwMTEzWhcNMjUwNDIwMTkwMTEzWjAzMTEwLwYDVQQD
EyhjNjNmZDM0MDBhZmZlMjMyZGJjYThjNzMxZWJhYTc5Njc1NjA0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2AqXO8L8/xV7+qKt+e659CBzfIF
ui3nV6EyPS7q0bZPjWmzuGhFP3oe0sxnxex4pvWygmiTdE7dbqUbOdQtjAm4enQ6
UJoNwhQc+nbygp7UaCI7N+ZthTuhqILGdSl9bAjKUWCTwYJHFmQUIhzvy/5orvYD
1WLqAfsnKIEWs7cnsGs+zuaaBzeFHHQf4g1Do/jIJ1Ox856nlamWtnVDNyqCiMsl
6+DpblkHxwyztgvo/8QfAAIXdbfnxhs4RP2rZ3LeyQbmK82g/zT+Q+5b1mSHwlbB
8hzO7oLJ/VdP2Q0OfHOKUoQM5sLXInkd3374B7dzf6jih+VIJr9BFNSZKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMY/00AK/+Iy28qMcx66p5Z1YEmKMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0pT+7yB
9oU/tlt9PWCGasBoduZdBi9ArYYoojrc78bYVGTMKr3HqmBW8HjuoayAU12umGE0
CD2G7c9DFjUQXSutSPIuJFCENnY//pW9PMNxo3TmgFKLDzqjjvtBBWlyfE0AqS/a
VXkNsqEucv6zxIkALaeeviNYTMGkcPHc4Xw1JI3dyYUK58hfWN1JSvCr/N73rMPm
Kcmkf7o3GBhXEm0Hr1JiL7lDZhF6IZD7aMzF54swh6Asn3WH73aD0uA5yhDG1mle
ywAhHcEnc9sgU6vF/jwFLJasVCmZrF7uILil+bHTt5Fh1r3t00CNJNriY9v+sXWu
dzLZpBUvdkInYw==
-----END CERTIFICATE-----