Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
File:                     hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json)
Hash identifier:          /iDbZGM/ckompWwGFkt99irGHt6HlpANr3NJ+x5rjLc=
Subject key identifier:   90:70:F6:92:90:4A:A9:27:EE:E4:CC:CF:71:79:B2:E3:97:3C:69:DD
Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE
Certificate issuer:       /CN=8649aa4b328735536d27c168cdbf4ea177701dce
Certificate serial:       019749D5D28637FE4A90116FC6EF670081E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 10:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:39 +0000
Files and hashes:         1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: D1sUreTDN13d1eewxmtJAnek2cqJdG4o3spzfoz+ZTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:d2:86:37:fe:4a:90:11:6f:c6:ef:67:00:81:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce
        Validity
            Not Before: Jun  7 10:00:39 2025 GMT
            Not After : Jun  8 10:00:39 2025 GMT
        Subject: CN=9070f692904aa927eee4cccf7179b2e3973c69dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2d:2d:68:2b:aa:1f:f4:61:c9:ef:5b:41:e7:
                    d1:07:4d:c2:b3:14:ab:ce:22:29:26:77:a1:d9:35:
                    05:6c:b1:83:c3:31:4a:4e:75:52:5d:09:1e:ab:56:
                    f6:2a:cb:4a:fa:15:a5:eb:fe:ed:45:2a:59:88:04:
                    20:1d:82:d3:ca:3a:a8:b3:a2:7a:bb:74:f1:c3:22:
                    39:a3:d6:6c:1b:d9:6b:ec:1f:84:38:83:f4:a9:5d:
                    39:83:77:5e:80:24:b8:64:2b:e4:76:51:13:ff:ff:
                    2c:09:03:19:2a:12:7d:fd:cb:e6:30:88:11:86:3e:
                    bf:55:e8:2e:c4:93:bd:7b:f2:c8:3e:b2:ec:2b:48:
                    18:97:ba:a9:0f:c0:52:ad:40:87:6b:bc:12:81:a3:
                    d7:30:70:f8:c5:6e:78:66:a3:3c:d8:d7:04:cc:db:
                    d6:59:9d:84:b1:b7:c3:3e:bf:19:a5:93:0a:63:54:
                    e8:e7:3b:a4:66:a3:61:0e:9e:6a:b7:6e:4c:07:e8:
                    d4:0e:38:da:3f:09:32:93:ce:3c:51:b9:8a:29:5a:
                    b3:8e:4d:2f:2e:4b:83:fd:dd:b3:2c:23:49:84:c7:
                    43:aa:47:32:a3:eb:78:28:05:ce:9f:e0:6a:3b:27:
                    7f:24:a9:b1:b5:d2:e1:44:f3:99:47:2f:0a:2c:eb:
                    50:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:70:F6:92:90:4A:A9:27:EE:E4:CC:CF:71:79:B2:E3:97:3C:69:DD
            X509v3 Authority Key Identifier:
                keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:83:e5:d5:ee:5d:84:6a:a5:4e:e0:4e:77:af:d3:64:f5:e9:
         ff:06:04:3f:77:67:c8:df:48:d2:fb:03:4f:60:7f:17:f1:33:
         bc:f6:eb:95:b3:55:9a:b2:d5:36:72:45:c6:88:ba:18:e3:83:
         4c:f4:55:9f:fa:e0:f7:b6:ad:79:ed:94:94:0c:5e:04:22:ae:
         ec:72:94:4c:c1:9b:8c:e6:ed:ce:56:00:e7:6a:b8:eb:a9:d2:
         b7:d6:32:7c:dd:67:d3:27:49:21:7d:8b:8d:47:c6:ea:f5:8a:
         1e:98:42:c1:51:fd:4d:48:32:a3:29:e2:0e:51:cf:7c:12:f1:
         bd:5a:1a:6d:28:4a:53:09:de:14:26:a9:fc:38:e4:be:3a:d5:
         8f:f3:7d:70:68:f6:18:91:79:ba:42:3b:24:a0:f1:e2:4b:c4:
         44:03:df:17:b7:db:cb:c5:3c:c7:58:db:82:ef:35:99:e7:d1:
         da:20:5b:a8:12:84:ac:0b:12:83:ad:d2:2e:28:d1:29:ff:1f:
         42:af:81:3f:09:a0:d8:8a:dd:02:18:d7:15:9e:52:68:03:84:
         c5:27:7f:b6:be:d6:b5:11:ea:65:68:03:a9:b8:c7:c5:44:c4:
         b1:2f:39:ea:19:0b:0c:ed:f6:97:98:8b:e3:2a:2f:e0:b3:ce:
         97:06:74:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1dKGN/5KkBFvxu9nAIHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3
MDFkY2UwHhcNMjUwNjA3MTAwMDM5WhcNMjUwNjA4MTAwMDM5WjAzMTEwLwYDVQQD
Eyg5MDcwZjY5MjkwNGFhOTI3ZWVlNGNjY2Y3MTc5YjJlMzk3M2M2OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC0taCuqH/Rhye9bQefRB03CsxSr
ziIpJneh2TUFbLGDwzFKTnVSXQkeq1b2KstK+hWl6/7tRSpZiAQgHYLTyjqos6J6
u3TxwyI5o9ZsG9lr7B+EOIP0qV05g3degCS4ZCvkdlET//8sCQMZKhJ9/cvmMIgR
hj6/VeguxJO9e/LIPrLsK0gYl7qpD8BSrUCHa7wSgaPXMHD4xW54ZqM82NcEzNvW
WZ2EsbfDPr8ZpZMKY1To5zukZqNhDp5qt25MB+jUDjjaPwkyk848UbmKKVqzjk0v
LkuD/d2zLCNJhMdDqkcyo+t4KAXOn+BqOyd/JKmxtdLhRPOZRy8KLOtQmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBw9pKQSqkn7uTMz3F5suOXPGndMB8GA1UdIwQY
MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt
MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0
LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXoPl1e5d
hGqlTuBOd6/TZPXp/wYEP3dnyN9I0vsDT2B/F/EzvPbrlbNVmrLVNnJFxoi6GOOD
TPRVn/rg97atee2UlAxeBCKu7HKUTMGbjObtzlYA52q466nSt9YyfN1n0ydJIX2L
jUfG6vWKHphCwVH9TUgyoyniDlHPfBLxvVoabShKUwneFCap/DjkvjrVj/N9cGj2
GJF5ukI7JKDx4kvERAPfF7fby8U8x1jbgu81mefR2iBbqBKErAsSg63SLijRKf8f
Qq+BPwmg2IrdAhjXFZ5SaAOExSd/tr7WtRHqZWgDqbjHxUTEsS856hkLDO32l5iL
4yov4LPOlwZ0Ug==
-----END CERTIFICATE-----