Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          fS+6Gu2loOKUqMYJp+wHZy0riEsgyWbeqYR/5gGpb34=
Subject key identifier:   47:B5:47:28:A7:43:0F:41:AA:27:F9:4B:55:D2:C4:99:27:0D:55:90
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       0197488CACF8FE964D2C6819503106A213A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          08EC
Signing time:             Sat 07 Jun 2025 04:01:08 +0000
Manifest this update:     Sat 07 Jun 2025 04:01:08 +0000
Manifest next update:     Sun 08 Jun 2025 04:01:08 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: 0lNJEo0skYOdkpthlRdFM4pC/8v/Sk2NCN6asffb7yY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:ac:f8:fe:96:4d:2c:68:19:50:31:06:a2:13:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Jun  7 04:01:08 2025 GMT
            Not After : Jun  8 04:01:08 2025 GMT
        Subject: CN=47b54728a7430f41aa27f94b55d2c499270d5590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:9a:89:75:15:85:09:de:30:1b:47:cd:e5:ca:
                    5a:ba:8a:d7:0e:81:fa:e8:da:10:d8:62:4e:a7:39:
                    38:ff:26:99:ca:40:fa:c4:f3:72:10:3f:e1:8f:78:
                    25:31:67:b3:c1:f9:a1:2f:af:46:c5:11:73:d1:76:
                    3f:ec:10:e7:d3:92:0b:3c:83:5d:4b:fd:f5:a8:86:
                    f0:eb:98:b9:85:d0:f6:ad:03:8d:d5:1f:57:8a:a2:
                    8e:23:2f:7f:6b:fb:7d:ea:10:a2:39:12:92:ad:e7:
                    cd:92:0e:c7:78:2d:c4:af:eb:ed:65:9a:70:7c:ba:
                    db:d3:08:df:19:b6:48:94:9e:f9:2a:2f:51:1b:8c:
                    50:13:35:bd:59:37:bf:e7:ff:1b:63:73:96:6c:44:
                    b1:05:66:e5:b3:5e:81:cf:1d:36:4c:eb:3c:70:fd:
                    28:e2:b0:5d:49:a5:81:36:0a:5e:0c:8d:78:0c:e3:
                    44:c0:8a:60:97:75:38:bf:d6:ec:1a:f9:c5:36:f3:
                    8b:96:5b:08:c5:61:a7:97:43:9a:e2:49:43:f7:4a:
                    c5:87:d1:63:d6:97:fe:e4:76:75:1f:40:01:fb:8f:
                    28:62:cc:c3:df:e1:54:92:18:42:4f:66:38:80:d9:
                    fb:c9:37:2a:e4:33:df:fb:d1:17:7c:95:ba:43:27:
                    7a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B5:47:28:A7:43:0F:41:AA:27:F9:4B:55:D2:C4:99:27:0D:55:90
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:41:a5:9a:36:c7:15:79:26:79:91:89:5f:9e:3e:67:90:65:
         cc:90:98:40:29:92:fd:97:14:cc:0f:f5:b9:b6:14:18:e2:2a:
         7d:d6:6b:52:4e:66:c4:6e:d8:02:96:3f:38:d5:a8:45:e3:48:
         8e:e7:4d:6f:53:fa:b0:6c:36:a0:18:70:7e:1a:b7:84:e2:65:
         9c:6a:38:55:6c:63:6e:cf:0f:37:40:34:70:4c:42:54:76:15:
         d6:cd:61:de:87:5f:dd:62:12:25:30:43:af:a0:3b:88:35:02:
         39:e3:9e:be:61:59:ca:0d:04:dc:43:0f:2b:79:8b:f6:ef:7d:
         e7:db:7a:c4:31:2d:92:b9:89:95:d6:72:b7:b8:d8:ec:e5:f7:
         eb:51:94:cf:cf:c9:88:b1:e9:70:f3:f3:1c:55:eb:82:33:89:
         86:ef:b6:a6:60:04:b0:2c:e9:c3:3e:49:cd:e7:1c:58:b6:9b:
         5a:99:49:34:6f:bb:4e:31:37:54:c8:d4:8a:67:5d:6c:31:43:
         63:08:74:f7:1b:13:dc:f0:28:06:36:3d:44:77:98:dc:16:e0:
         37:e6:8b:72:87:95:ae:7d:d5:4d:c0:73:45:bd:63:48:cf:56:
         79:bf:b4:78:4e:5a:85:5b:4b:8c:af:be:84:ed:53:a0:a5:ad:
         a6:48:79:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjKz4/pZNLGgZUDEGohOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwNjA3MDQwMTA4WhcNMjUwNjA4MDQwMTA4WjAzMTEwLwYDVQQD
Eyg0N2I1NDcyOGE3NDMwZjQxYWEyN2Y5NGI1NWQyYzQ5OTI3MGQ1NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZqJdRWFCd4wG0fN5cpauorXDoH6
6NoQ2GJOpzk4/yaZykD6xPNyED/hj3glMWezwfmhL69GxRFz0XY/7BDn05ILPINd
S/31qIbw65i5hdD2rQON1R9XiqKOIy9/a/t96hCiORKSrefNkg7HeC3Er+vtZZpw
fLrb0wjfGbZIlJ75Ki9RG4xQEzW9WTe/5/8bY3OWbESxBWbls16Bzx02TOs8cP0o
4rBdSaWBNgpeDI14DONEwIpgl3U4v9bsGvnFNvOLllsIxWGnl0Oa4klD90rFh9Fj
1pf+5HZ1H0AB+48oYszD3+FUkhhCT2Y4gNn7yTcq5DPf+9EXfJW6Qyd6jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe1RyinQw9Bqif5S1XSxJknDVWQMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS0GlmjbH
FXkmeZGJX54+Z5BlzJCYQCmS/ZcUzA/1ubYUGOIqfdZrUk5mxG7YApY/ONWoReNI
judNb1P6sGw2oBhwfhq3hOJlnGo4VWxjbs8PN0A0cExCVHYV1s1h3odf3WISJTBD
r6A7iDUCOeOevmFZyg0E3EMPK3mL9u9959t6xDEtkrmJldZyt7jY7OX361GUz8/J
iLHpcPPzHFXrgjOJhu+2pmAEsCzpwz5JzeccWLabWplJNG+7TjE3VMjUimddbDFD
Ywh09xsT3PAoBjY9RHeY3BbgN+aLcoeVrn3VTcBzRb1jSM9Web+0eE5ahVtLjK++
hO1ToKWtpkh5+A==
-----END CERTIFICATE-----