Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          qz+Iixj/btAzW88apUKfPcNGG+Xfnwvn2cEBR6lJSwQ=
Subject key identifier:   3A:7E:EC:14:26:60:2A:B9:1D:3C:92:30:07:B3:D5:A8:3F:A6:B1:48
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       01974CD795AA4ACE42871DF34EE013CDAF04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0925
Signing time:             Sun 08 Jun 2025 00:01:26 +0000
Manifest this update:     Sun 08 Jun 2025 00:01:26 +0000
Manifest next update:     Mon 09 Jun 2025 00:01:26 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: 9RSENv10MsC+aJEWSr+9VNrH5nQOqNTyBfqfaBKiOfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 00:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:95:aa:4a:ce:42:87:1d:f3:4e:e0:13:cd:af:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Jun  8 00:01:26 2025 GMT
            Not After : Jun  9 00:01:26 2025 GMT
        Subject: CN=3a7eec1426602ab91d3c923007b3d5a83fa6b148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:dc:dd:4a:7b:29:8b:cd:db:16:c5:c1:8d:53:
                    36:d0:1e:95:00:74:df:91:ec:50:d3:2c:dc:20:40:
                    96:db:88:7d:7a:f4:c9:ca:7a:53:c8:ba:ce:58:8d:
                    f2:51:d3:98:30:6b:86:bf:37:04:54:56:d2:55:bf:
                    55:ca:fc:d4:96:18:e2:d0:1f:22:94:98:3f:03:2c:
                    78:30:81:24:d5:3e:ee:b6:53:7d:0e:00:a1:ba:1d:
                    70:06:b5:d2:c1:54:76:f3:30:0e:13:9e:c7:81:81:
                    22:16:d4:f8:83:31:5b:cf:4f:a4:a8:9d:9e:21:a2:
                    99:f4:74:5c:7b:8b:e4:68:6d:71:5c:9d:e7:f6:03:
                    ea:57:21:16:64:cc:24:e1:5c:54:2e:86:55:ff:02:
                    29:af:76:65:f9:2c:53:ce:76:09:1f:d5:2b:ad:42:
                    c6:94:ac:f0:0c:e9:02:af:1b:90:ed:49:1c:90:7f:
                    4f:d1:9b:0d:42:f7:bb:8e:bb:db:b0:4b:eb:86:a2:
                    36:f9:54:5d:89:97:85:44:9b:d5:4a:0f:6c:7d:54:
                    53:e8:98:3e:fe:70:b8:ef:08:6c:85:48:d9:12:8d:
                    cf:dc:be:d2:f5:27:5b:03:40:ec:0d:cb:fc:bb:72:
                    37:ed:45:0b:02:06:25:c1:c7:2f:11:1b:ae:ef:82:
                    b7:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:7E:EC:14:26:60:2A:B9:1D:3C:92:30:07:B3:D5:A8:3F:A6:B1:48
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:5b:1f:3f:37:fd:fa:c2:0e:06:e3:dd:6f:29:8f:2e:dc:d7:
         e5:e7:dd:1c:8c:4d:37:dc:3a:d5:61:80:2d:20:87:ab:b3:30:
         c1:56:9e:fc:2c:a1:83:e2:eb:54:e9:c2:11:e6:b8:f9:b2:c7:
         ae:e3:c6:db:d4:e4:bc:5d:06:ad:10:d4:a3:9e:12:1b:a8:fe:
         8a:ac:a6:d4:cd:a6:fc:22:fd:66:7c:21:29:18:28:7d:15:63:
         ee:a9:57:5a:04:24:5a:80:03:4c:3d:e9:3d:29:4e:94:74:15:
         7b:90:fa:ea:1e:22:18:04:04:c8:22:3b:83:ba:bd:84:f6:3c:
         15:ba:4f:cf:2d:47:d0:18:90:77:40:ae:93:0a:ea:50:27:fa:
         d4:dd:9c:8f:d9:5d:96:9b:93:14:64:dd:5e:b9:6b:9e:63:d3:
         ba:f4:fb:6a:88:fe:9e:a3:f5:5a:6f:0d:c0:ad:7b:eb:88:81:
         7d:b2:22:32:fb:1c:50:c3:04:32:75:a9:91:3c:b4:78:5f:cc:
         03:06:d2:34:b4:fd:9f:21:cd:11:82:73:3b:e8:12:b6:4e:2a:
         dc:e3:03:c0:07:f6:34:b9:3a:c9:0f:4a:49:e2:ab:a9:8c:63:
         0a:40:e1:40:8a:be:0f:07:60:39:c1:ac:0f:ad:fd:b7:53:b8:
         aa:98:fd:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM15WqSs5Chx3zTuATza8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUwNjA4MDAwMTI2WhcNMjUwNjA5MDAwMTI2WjAzMTEwLwYDVQQD
EygzYTdlZWMxNDI2NjAyYWI5MWQzYzkyMzAwN2IzZDVhODNmYTZiMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9zdSnspi83bFsXBjVM20B6VAHTf
kexQ0yzcIECW24h9evTJynpTyLrOWI3yUdOYMGuGvzcEVFbSVb9VyvzUlhji0B8i
lJg/Ayx4MIEk1T7utlN9DgChuh1wBrXSwVR28zAOE57HgYEiFtT4gzFbz0+kqJ2e
IaKZ9HRce4vkaG1xXJ3n9gPqVyEWZMwk4VxULoZV/wIpr3Zl+SxTznYJH9UrrULG
lKzwDOkCrxuQ7UkckH9P0ZsNQve7jrvbsEvrhqI2+VRdiZeFRJvVSg9sfVRT6Jg+
/nC47whshUjZEo3P3L7S9SdbA0DsDcv8u3I37UULAgYlwccvERuu74K34QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDp+7BQmYCq5HTySMAez1ag/prFIMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh1sfPzf9
+sIOBuPdbymPLtzX5efdHIxNN9w61WGALSCHq7MwwVae/Cyhg+LrVOnCEea4+bLH
ruPG29TkvF0GrRDUo54SG6j+iqym1M2m/CL9ZnwhKRgofRVj7qlXWgQkWoADTD3p
PSlOlHQVe5D66h4iGAQEyCI7g7q9hPY8FbpPzy1H0BiQd0CukwrqUCf61N2cj9ld
lpuTFGTdXrlrnmPTuvT7aoj+nqP1Wm8NwK1764iBfbIiMvscUMMEMnWpkTy0eF/M
AwbSNLT9nyHNEYJzO+gStk4q3OMDwAf2NLk6yQ9KSeKrqYxjCkDhQIq+DwdgOcGs
D639t1O4qpj9Pw==
-----END CERTIFICATE-----