Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
File:                     hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft (raw, json)
Hash identifier:          i6CvrC/pnMVD7j6rOF6TgiLgD9yM/hdjmd0ra6cf+Ls=
Subject key identifier:   AB:76:4F:DD:89:8D:FA:61:6B:D0:EE:F6:08:36:62:E5:5C:A3:C7:A4
Authority key identifier: 85:4C:D3:BA:84:8A:FB:79:2F:2B:21:83:FA:62:DF:2D:52:08:29:BD
Certificate issuer:       /CN=854cd3ba848afb792f2b2183fa62df2d520829bd
Certificate serial:       019923D5B6D78DBB881A125ABD16A948C3DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
Manifest number:          80
Signing time:             Sun 07 Sep 2025 11:00:32 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:32 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:32 +0000
Files and hashes:         1: hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl (hash: brhihF/C/YSO8TmINNxEXc8FkZBySp5U79WRfs7+BxM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d5:b6:d7:8d:bb:88:1a:12:5a:bd:16:a9:48:c3:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=854cd3ba848afb792f2b2183fa62df2d520829bd
        Validity
            Not Before: Sep  7 11:00:32 2025 GMT
            Not After : Sep  8 11:00:32 2025 GMT
        Subject: CN=ab764fdd898dfa616bd0eef6083662e55ca3c7a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:32:b6:3b:dd:41:8e:9d:ed:a1:e3:e5:03:2e:
                    5d:b3:0d:c0:b4:03:60:e4:c6:34:0d:a1:ff:ea:e9:
                    c9:e0:bc:8f:3d:91:d6:0c:ff:67:48:3d:95:2c:30:
                    ca:25:c7:33:05:d8:e1:31:64:82:04:dc:b4:90:0d:
                    57:2e:63:39:60:7c:60:9b:db:28:1c:f7:51:5d:fd:
                    83:ee:da:e9:d7:32:5a:d2:5d:5c:b5:de:77:f9:57:
                    17:18:4a:3a:96:c4:8b:5a:af:1a:c0:b6:59:2a:67:
                    b5:42:0c:97:4d:b1:df:60:8a:4e:21:1c:46:f5:07:
                    fc:b6:06:8e:c3:0a:50:7d:85:a8:48:76:64:9c:cc:
                    c9:46:75:17:61:39:60:0f:4e:b9:50:75:f1:0d:dd:
                    2b:8c:cc:86:6c:dd:b4:ac:93:ce:60:be:c5:32:3f:
                    3d:97:74:4a:9a:1e:ca:07:0c:58:a6:14:57:9a:61:
                    70:9a:a7:92:55:bf:38:73:10:04:0c:cd:40:46:f3:
                    5b:8b:08:e7:c1:3a:ce:d2:53:b8:e2:78:5a:75:ca:
                    17:95:f9:92:ee:53:59:83:1b:15:86:ca:02:1d:f9:
                    a9:78:55:7e:a5:11:1f:b2:43:b7:89:f8:08:92:62:
                    8e:19:63:ea:c9:5a:1b:d5:29:a4:1d:4e:b9:60:8f:
                    b7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:76:4F:DD:89:8D:FA:61:6B:D0:EE:F6:08:36:62:E5:5C:A3:C7:A4
            X509v3 Authority Key Identifier:
                keyid:85:4C:D3:BA:84:8A:FB:79:2F:2B:21:83:FA:62:DF:2D:52:08:29:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:52:31:f6:6d:99:7e:6c:67:64:70:e7:14:97:95:81:e1:5c:
         8c:60:01:53:c2:c1:3f:b9:2c:34:d8:9a:7e:34:43:6e:a3:5c:
         dc:e2:f1:95:88:3a:a6:98:25:5a:af:ba:49:e8:7b:f8:6b:dd:
         b4:3e:64:67:a9:e4:3c:89:7f:d2:4e:98:92:8e:aa:e1:56:a2:
         74:a0:53:09:05:f0:5c:76:1b:50:30:d7:f8:37:ec:4d:a4:61:
         a2:51:38:52:06:e7:ba:31:de:d6:16:f1:63:15:c0:4b:76:13:
         35:fa:13:fe:d0:8a:52:f9:15:8b:ea:75:09:9a:79:8e:a8:c8:
         22:25:b9:e3:5a:6b:2b:f0:e8:d1:9d:e2:07:7f:48:d9:5c:25:
         2d:52:d4:e3:bd:d5:5a:ef:94:b4:87:83:66:97:5c:3e:36:49:
         b7:7a:48:07:55:12:2c:3d:9a:e0:11:e9:3a:f4:1d:60:1a:b8:
         28:35:cb:9c:42:60:b4:eb:1e:5d:61:ee:50:9a:b5:1d:11:95:
         97:fa:b5:50:d1:d5:9f:9b:0a:ed:50:ae:7b:a7:6e:f7:15:03:
         52:54:e5:12:cc:23:b1:f4:55:ea:37:09:03:53:12:56:c4:ee:
         fa:46:5f:20:06:69:ab:ba:40:cc:aa:8f:dd:c3:3d:f5:a6:43:
         e5:b6:63:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1bbXjbuIGhJavRapSMPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGNkM2JhODQ4YWZiNzkyZjJiMjE4M2ZhNjJkZjJkNTIw
ODI5YmQwHhcNMjUwOTA3MTEwMDMyWhcNMjUwOTA4MTEwMDMyWjAzMTEwLwYDVQQD
EyhhYjc2NGZkZDg5OGRmYTYxNmJkMGVlZjYwODM2NjJlNTVjYTNjN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDK2O91Bjp3toePlAy5dsw3AtANg
5MY0DaH/6unJ4LyPPZHWDP9nSD2VLDDKJcczBdjhMWSCBNy0kA1XLmM5YHxgm9so
HPdRXf2D7trp1zJa0l1ctd53+VcXGEo6lsSLWq8awLZZKme1QgyXTbHfYIpOIRxG
9Qf8tgaOwwpQfYWoSHZknMzJRnUXYTlgD065UHXxDd0rjMyGbN20rJPOYL7FMj89
l3RKmh7KBwxYphRXmmFwmqeSVb84cxAEDM1ARvNbiwjnwTrO0lO44nhadcoXlfmS
7lNZgxsVhsoCHfmpeFV+pREfskO3ifgIkmKOGWPqyVob1SmkHU65YI+3XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKt2T92Jjfpha9Du9gg2YuVco8ekMB8GA1UdIwQY
MBaAFIVM07qEivt5Lyshg/pi3y1SCCm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82OTZjYjUtOGVjYy00ZGY2LTk4MmMt
MGI3ZWYzOGE3Zjg3LzEvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82OTZjYjUtOGVjYy00ZGY2LTk4MmMtMGI3ZWYzOGE3Zjg3
LzEvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFIx9m2Z
fmxnZHDnFJeVgeFcjGABU8LBP7ksNNiafjRDbqNc3OLxlYg6ppglWq+6Seh7+Gvd
tD5kZ6nkPIl/0k6Yko6q4VaidKBTCQXwXHYbUDDX+DfsTaRholE4UgbnujHe1hbx
YxXAS3YTNfoT/tCKUvkVi+p1CZp5jqjIIiW541prK/Do0Z3iB39I2VwlLVLU473V
Wu+UtIeDZpdcPjZJt3pIB1USLD2a4BHpOvQdYBq4KDXLnEJgtOseXWHuUJq1HRGV
l/q1UNHVn5sK7VCue6du9xUDUlTlEswjsfRV6jcJA1MSVsTu+kZfIAZpq7pAzKqP
3cM99aZD5bZjPw==
-----END CERTIFICATE-----