Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          CFNF5UCftXaLzI14eO1ssQbbaKuHGXqVILGGlBT72Do=
Subject key identifier:   E4:B3:CC:DB:30:9E:9E:D8:55:45:1E:58:41:6C:36:BE:C0:1C:5B:1E
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019921B092B8692166BC6C3CE7A05A79EB09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          09E1
Signing time:             Sun 07 Sep 2025 01:00:43 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:43 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:43 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: PRmuew8vz26Sg3YuCN6yzg98TxhYQsbmNGyAgvq22DY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:92:b8:69:21:66:bc:6c:3c:e7:a0:5a:79:eb:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Sep  7 01:00:43 2025 GMT
            Not After : Sep  8 01:00:43 2025 GMT
        Subject: CN=e4b3ccdb309e9ed855451e58416c36bec01c5b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8f:a2:86:dd:e1:52:29:4b:2f:26:dc:f7:1c:
                    ec:5a:8b:1f:fd:51:0a:60:02:fd:24:f7:d8:0b:d8:
                    d7:7a:0f:c3:39:c4:75:5b:9e:96:e1:32:1b:07:b8:
                    07:54:e6:68:d9:07:ab:e9:64:e6:e5:8e:b1:92:f3:
                    1d:f7:3e:95:91:b9:44:0d:91:bb:69:03:a8:bf:e8:
                    f4:1f:1e:ac:87:5a:7a:11:70:d6:57:18:83:bc:9a:
                    7c:04:cf:2e:ba:ba:02:2a:cb:27:2e:a3:1a:01:10:
                    77:23:d9:ec:10:85:e1:8e:a4:81:92:a2:48:ce:38:
                    b3:b8:51:4b:38:d9:97:20:2d:1d:de:5a:d7:c6:99:
                    2d:f1:8f:ff:69:18:d9:f5:54:f1:2d:50:80:fe:11:
                    69:48:4e:68:7f:43:d2:ff:df:5b:b3:d4:23:cc:fb:
                    d5:fb:47:8f:6e:4c:5b:a1:53:53:a6:06:b0:f8:42:
                    1c:98:e9:e0:2a:09:4f:12:92:7b:c2:fb:07:c5:35:
                    3d:f7:94:65:56:b7:7a:a5:fb:b7:27:c4:51:ab:9e:
                    0b:b9:67:37:79:0a:e8:ff:77:85:cb:ab:6f:3d:c5:
                    76:82:05:a3:af:87:a9:a4:f2:c0:dd:d6:6a:b4:97:
                    45:32:f1:30:a4:47:a4:2e:f6:8b:21:1a:54:c7:74:
                    0e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B3:CC:DB:30:9E:9E:D8:55:45:1E:58:41:6C:36:BE:C0:1C:5B:1E
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:cc:31:00:a1:ac:50:c9:37:38:26:96:7e:9d:fe:6d:c9:c8:
         76:97:5f:29:c6:cc:57:b9:b1:d8:f1:cd:b7:fb:99:e6:89:75:
         ae:40:12:f3:16:ad:08:30:64:3a:6f:0a:38:a3:cb:33:d7:c0:
         6c:95:61:3c:78:8d:71:2c:7d:8b:99:e2:8d:1e:95:a3:b3:b4:
         2b:50:2b:a3:f4:de:14:80:12:9f:3e:1b:3a:f7:b6:d3:db:38:
         54:e0:9f:7b:75:c0:b8:3b:86:23:df:20:e1:8f:0b:e0:7d:3c:
         5e:d2:a4:bf:d3:3f:55:76:60:2e:3e:43:c7:10:7e:f6:87:d2:
         ed:5c:bf:bc:b1:eb:d4:97:79:68:80:77:c8:78:c4:61:f0:96:
         23:15:8e:47:c3:cd:e4:fc:1f:ec:a1:b3:18:a2:96:cb:41:0a:
         57:d4:5d:22:06:a4:4a:27:e3:42:37:c4:f8:90:8d:da:b4:60:
         81:8a:28:f6:3b:5d:2a:15:f7:f4:6b:fe:dc:22:a5:8c:a7:28:
         83:19:f2:42:d9:2f:7e:f5:03:20:88:95:f0:0c:21:05:e3:40:
         74:21:6d:7d:f6:db:3d:eb:ed:de:f8:fb:70:da:ac:f1:c7:1d:
         74:22:b8:2f:00:c1:f7:2e:36:6f:25:8e:89:d7:1c:2a:fc:76:
         b7:09:4c:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsJK4aSFmvGw856BaeesJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwOTA3MDEwMDQzWhcNMjUwOTA4MDEwMDQzWjAzMTEwLwYDVQQD
EyhlNGIzY2NkYjMwOWU5ZWQ4NTU0NTFlNTg0MTZjMzZiZWMwMWM1YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo+iht3hUilLLybc9xzsWosf/VEK
YAL9JPfYC9jXeg/DOcR1W56W4TIbB7gHVOZo2Qer6WTm5Y6xkvMd9z6VkblEDZG7
aQOov+j0Hx6sh1p6EXDWVxiDvJp8BM8uuroCKssnLqMaARB3I9nsEIXhjqSBkqJI
zjizuFFLONmXIC0d3lrXxpkt8Y//aRjZ9VTxLVCA/hFpSE5of0PS/99bs9QjzPvV
+0ePbkxboVNTpgaw+EIcmOngKglPEpJ7wvsHxTU995RlVrd6pfu3J8RRq54LuWc3
eQro/3eFy6tvPcV2ggWjr4eppPLA3dZqtJdFMvEwpEekLvaLIRpUx3QOmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSzzNswnp7YVUUeWEFsNr7AHFseMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC8wxAKGs
UMk3OCaWfp3+bcnIdpdfKcbMV7mx2PHNt/uZ5ol1rkAS8xatCDBkOm8KOKPLM9fA
bJVhPHiNcSx9i5nijR6Vo7O0K1Aro/TeFIASnz4bOve209s4VOCfe3XAuDuGI98g
4Y8L4H08XtKkv9M/VXZgLj5DxxB+9ofS7Vy/vLHr1Jd5aIB3yHjEYfCWIxWOR8PN
5Pwf7KGzGKKWy0EKV9RdIgakSifjQjfE+JCN2rRggYoo9jtdKhX39Gv+3CKljKco
gxnyQtkvfvUDIIiV8AwhBeNAdCFtffbbPevt3vj7cNqs8ccddCK4LwDB9y42byWO
idccKvx2twlMvg==
-----END CERTIFICATE-----