Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          0RdxAshY6ym9IjGoTG6koBPccUe+Touljxb5I1zvVIE=
Subject key identifier:   77:76:75:5D:D7:3D:69:C3:06:4D:81:C1:5D:25:5C:0B:B5:70:A7:9A
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       0197523487766A35E249BF360CB2AD0FF55F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          0866
Signing time:             Mon 09 Jun 2025 01:01:03 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:03 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:03 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: S6g535yZPAv8n769iVcDKKwjfPEuBC4f+T4m1efU96A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:87:76:6a:35:e2:49:bf:36:0c:b2:ad:0f:f5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: Jun  9 01:01:03 2025 GMT
            Not After : Jun 10 01:01:03 2025 GMT
        Subject: CN=7776755dd73d69c3064d81c15d255c0bb570a79a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2d:e5:3a:e3:b6:f4:f2:2d:f8:4f:15:59:00:
                    c1:82:08:26:c1:c7:1f:fa:25:b5:49:39:f9:02:00:
                    24:20:3b:43:ec:98:5d:30:6a:fe:aa:b0:5f:cc:5e:
                    5c:39:60:d0:6b:eb:6e:78:a1:9c:d4:84:11:ee:9a:
                    9d:5b:b6:e3:c5:91:c3:c4:41:3e:93:ac:28:f2:53:
                    ab:f4:9f:0a:ee:83:f3:e2:91:db:23:d3:4e:51:94:
                    6a:e0:82:95:ef:3c:10:90:1d:a4:92:cb:d4:18:38:
                    6b:37:fb:58:94:a3:c8:8e:bc:73:0f:1f:c0:f8:2f:
                    e0:ee:77:76:6b:6e:a7:b4:f5:ee:62:2f:97:05:56:
                    54:3c:d9:3f:fd:36:b6:42:3c:f0:5c:29:0f:8b:25:
                    ad:69:5d:a5:f4:42:9c:42:bd:ee:ce:dc:02:7b:26:
                    9e:e0:1e:83:9f:8a:bb:93:87:f5:56:1e:c1:6f:b4:
                    ac:5b:1e:2a:1c:02:0f:fe:fa:d8:f7:e3:0f:56:00:
                    49:af:76:da:f8:23:a1:4c:e1:9b:21:55:58:bc:60:
                    42:31:2c:f2:53:51:2d:cc:93:ec:39:06:eb:5f:c9:
                    df:db:34:10:2e:6d:b6:ee:cb:c5:4a:4d:c6:8f:b4:
                    e3:c5:fd:62:d4:c6:9a:8e:bf:c0:fa:4d:59:bb:42:
                    44:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:76:75:5D:D7:3D:69:C3:06:4D:81:C1:5D:25:5C:0B:B5:70:A7:9A
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:0f:ce:86:03:54:f0:4f:50:8b:43:88:b0:7d:13:1d:0c:2e:
         6b:14:f9:a9:b8:81:cf:7b:ff:5d:0f:08:ee:21:2f:7b:c5:d1:
         31:51:48:9f:72:cf:78:aa:23:bd:ed:3d:50:1e:c3:1f:be:cb:
         26:01:78:12:33:e7:98:05:5b:54:e6:cd:5f:d5:19:8c:f1:f2:
         1b:df:cb:38:77:e1:1a:39:5e:1a:73:23:c1:fa:ad:47:0f:ff:
         15:13:fb:62:fa:53:ee:54:ec:54:d2:0b:56:b0:89:83:2e:b6:
         d3:da:6d:4c:b8:f7:86:26:86:e7:4f:4e:3b:a4:d3:1d:11:c8:
         8f:2c:42:5a:6a:0f:6e:bc:21:10:b3:ba:20:4e:48:65:23:a3:
         35:14:b7:8d:54:48:3f:3a:95:e2:da:fc:f4:84:6c:66:ff:1b:
         d2:0e:1c:ee:fb:7b:48:48:c7:b1:47:1d:ff:19:7f:a5:92:1c:
         32:16:87:7c:2f:9f:34:fc:e2:42:a6:a5:15:90:3e:52:ed:85:
         00:a4:a0:e8:b8:9c:92:24:9b:d1:ae:38:48:a0:a2:a7:6f:1f:
         97:4c:18:28:9b:9e:7f:cf:07:ae:8a:42:d5:f3:3b:89:5b:81:
         92:6e:b9:0b:88:9b:00:01:9c:c3:73:82:ce:6f:92:32:a4:cf:
         88:01:42:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNId2ajXiSb82DLKtD/VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjUwNjA5MDEwMTAzWhcNMjUwNjEwMDEwMTAzWjAzMTEwLwYDVQQD
Eyg3Nzc2NzU1ZGQ3M2Q2OWMzMDY0ZDgxYzE1ZDI1NWMwYmI1NzBhNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC3lOuO29PIt+E8VWQDBgggmwccf
+iW1STn5AgAkIDtD7JhdMGr+qrBfzF5cOWDQa+tueKGc1IQR7pqdW7bjxZHDxEE+
k6wo8lOr9J8K7oPz4pHbI9NOUZRq4IKV7zwQkB2kksvUGDhrN/tYlKPIjrxzDx/A
+C/g7nd2a26ntPXuYi+XBVZUPNk//Ta2QjzwXCkPiyWtaV2l9EKcQr3uztwCeyae
4B6Dn4q7k4f1Vh7Bb7SsWx4qHAIP/vrY9+MPVgBJr3ba+COhTOGbIVVYvGBCMSzy
U1EtzJPsOQbrX8nf2zQQLm227svFSk3Gj7Tjxf1i1Maajr/A+k1Zu0JEiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd2dV3XPWnDBk2BwV0lXAu1cKeaMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABw/OhgNU
8E9Qi0OIsH0THQwuaxT5qbiBz3v/XQ8I7iEve8XRMVFIn3LPeKojve09UB7DH77L
JgF4EjPnmAVbVObNX9UZjPHyG9/LOHfhGjleGnMjwfqtRw//FRP7YvpT7lTsVNIL
VrCJgy6209ptTLj3hiaG509OO6TTHRHIjyxCWmoPbrwhELO6IE5IZSOjNRS3jVRI
PzqV4tr89IRsZv8b0g4c7vt7SEjHsUcd/xl/pZIcMhaHfC+fNPziQqalFZA+Uu2F
AKSg6LickiSb0a44SKCip28fl0wYKJuef88HropC1fM7iVuBkm65C4ibAAGcw3OC
zm+SMqTPiAFC+Q==
-----END CERTIFICATE-----