Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          GyEkKcQDpTt6klK5CEKpBLyogZZALm8NCxYZJkEkOtc=
Subject key identifier:   75:A8:1F:08:A8:2B:0A:99:FA:6E:8B:78:D0:43:0C:0B:E1:A4:67:CB
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       0197D097F2393DF6065EAB949BFE29E81226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          0847
Signing time:             Thu 03 Jul 2025 14:01:48 +0000
Manifest this update:     Thu 03 Jul 2025 14:01:48 +0000
Manifest next update:     Fri 04 Jul 2025 14:01:48 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: hB2W2rBuwdjXF4FWfKg087QF5YWN68ZXwICJhvozrlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 14:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:d0:97:f2:39:3d:f6:06:5e:ab:94:9b:fe:29:e8:12:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Jul  3 14:01:48 2025 GMT
            Not After : Jul  4 14:01:48 2025 GMT
        Subject: CN=75a81f08a82b0a99fa6e8b78d0430c0be1a467cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:68:c3:44:87:bc:24:57:60:c6:53:c8:1e:6c:
                    19:b5:34:c2:a6:6c:7d:4b:a4:0e:d2:2c:fd:f8:28:
                    72:ad:00:54:c4:a2:8b:3f:07:75:42:74:0b:4d:e4:
                    b2:1a:18:bc:eb:7c:c5:e3:35:d1:8d:d6:ad:50:6e:
                    8e:33:10:ab:5e:05:17:fc:86:90:4a:91:bf:38:32:
                    29:97:82:92:aa:3d:a8:3c:77:36:4d:fb:ff:fd:33:
                    bb:da:16:6b:df:d9:e5:87:fb:52:27:6b:57:25:31:
                    fb:4b:0b:f0:ad:f9:b5:ca:ac:8e:5d:a0:b5:5b:28:
                    b9:fb:46:0a:cc:b7:54:78:2e:c0:45:cf:4e:cf:7b:
                    56:67:4c:57:2d:3b:42:20:de:51:bb:5f:dd:76:63:
                    71:e1:b2:a4:d3:b2:54:ea:48:ee:91:95:9b:4c:a7:
                    83:ba:e8:57:9d:bb:44:4c:62:b8:d2:25:62:38:bb:
                    17:a0:2c:a0:26:65:88:ca:29:8b:c7:b0:4b:c0:a5:
                    21:29:65:52:99:31:dd:d8:12:ab:96:b6:82:2a:13:
                    08:2a:a4:52:c5:27:a2:13:e8:a2:e4:6a:d9:28:d2:
                    bc:37:42:a6:12:f9:4e:26:e6:3f:28:1c:fd:f1:99:
                    52:20:9c:a4:ea:a9:ba:9c:f9:ab:fb:a5:62:ff:51:
                    53:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A8:1F:08:A8:2B:0A:99:FA:6E:8B:78:D0:43:0C:0B:E1:A4:67:CB
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c2:3f:c5:67:f6:62:ff:d5:d6:5c:f6:5a:98:d4:79:03:53:
         43:3b:4e:43:76:32:71:26:fb:35:3c:17:b1:0e:0c:e6:5e:7f:
         2d:92:90:f5:f9:c7:fc:eb:c2:1c:5e:7f:5f:1a:fc:c4:72:a8:
         29:d6:78:d3:ba:db:ad:3f:35:eb:8f:48:f6:3d:f7:28:f2:4a:
         e7:49:6e:ef:39:57:db:b6:a5:9c:60:8d:0b:9a:b3:53:43:88:
         83:52:07:92:20:d5:ee:3f:e0:39:61:05:37:bb:df:c1:51:42:
         cd:95:b6:c8:23:a9:ab:c0:9c:16:db:0e:6b:5f:3e:b0:f2:cf:
         0a:b2:b2:f1:ba:b8:f0:83:01:f2:15:fb:dc:ec:d9:e8:13:5b:
         58:ca:31:00:1d:e1:62:17:33:17:93:af:c2:f1:ee:42:ad:9d:
         7a:9f:d1:65:05:b7:46:17:0f:f3:53:c9:00:0b:b5:10:22:3a:
         92:00:34:82:a1:02:60:22:65:94:92:32:fb:98:cc:ab:9a:90:
         b4:28:3a:d6:af:60:0d:46:1f:94:7f:d5:08:61:b6:99:eb:eb:
         87:5e:7e:14:bd:0e:b5:a6:3d:26:d0:a3:0d:9a:91:26:32:46:
         3c:98:06:d6:8d:8c:21:ff:4c:5c:5e:ed:44:c5:51:50:b7:ef:
         c7:7e:b4:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfQl/I5PfYGXquUm/4p6BImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjUwNzAzMTQwMTQ4WhcNMjUwNzA0MTQwMTQ4WjAzMTEwLwYDVQQD
Eyg3NWE4MWYwOGE4MmIwYTk5ZmE2ZThiNzhkMDQzMGMwYmUxYTQ2N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmjDRIe8JFdgxlPIHmwZtTTCpmx9
S6QO0iz9+ChyrQBUxKKLPwd1QnQLTeSyGhi863zF4zXRjdatUG6OMxCrXgUX/IaQ
SpG/ODIpl4KSqj2oPHc2Tfv//TO72hZr39nlh/tSJ2tXJTH7Swvwrfm1yqyOXaC1
Wyi5+0YKzLdUeC7ARc9Oz3tWZ0xXLTtCIN5Ru1/ddmNx4bKk07JU6kjukZWbTKeD
uuhXnbtETGK40iViOLsXoCygJmWIyimLx7BLwKUhKWVSmTHd2BKrlraCKhMIKqRS
xSeiE+ii5GrZKNK8N0KmEvlOJuY/KBz98ZlSIJyk6qm6nPmr+6Vi/1FTLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWoHwioKwqZ+m6LeNBDDAvhpGfLMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8I/xWf2
Yv/V1lz2WpjUeQNTQztOQ3YycSb7NTwXsQ4M5l5/LZKQ9fnH/OvCHF5/Xxr8xHKo
KdZ407rbrT81649I9j33KPJK50lu7zlX27alnGCNC5qzU0OIg1IHkiDV7j/gOWEF
N7vfwVFCzZW2yCOpq8CcFtsOa18+sPLPCrKy8bq48IMB8hX73OzZ6BNbWMoxAB3h
YhczF5OvwvHuQq2dep/RZQW3RhcP81PJAAu1ECI6kgA0gqECYCJllJIy+5jMq5qQ
tCg61q9gDUYflH/VCGG2mevrh15+FL0OtaY9JtCjDZqRJjJGPJgG1o2MIf9MXF7t
RMVRULfvx3605Q==
-----END CERTIFICATE-----