Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          Dn4oMC6URg+adG/JGYNl5/34hQbTl53oqLRjN1WaZNw=
Subject key identifier:   70:22:B1:C3:D4:D0:6D:4F:8D:18:2F:FD:D5:E9:F2:22:DD:31:A5:0B
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       0199228CF2566947771D4DE7F5B30BAD42A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          08F6
Signing time:             Sun 07 Sep 2025 05:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:26 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: GR5E87C49VNq99N8Q9EOUO8oRUmxxjCayHId4PDpCog=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:f2:56:69:47:77:1d:4d:e7:f5:b3:0b:ad:42:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Sep  7 05:01:26 2025 GMT
            Not After : Sep  8 05:01:26 2025 GMT
        Subject: CN=7022b1c3d4d06d4f8d182ffdd5e9f222dd31a50b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7a:37:dd:7b:f6:6c:b7:96:35:32:cd:03:d4:
                    67:41:68:a8:ba:31:c1:5a:d1:c9:1b:49:0f:89:9a:
                    e2:b8:95:ba:9f:6f:18:1b:a2:57:f4:48:74:87:b0:
                    d7:64:bc:6d:03:36:63:68:af:9e:3a:fd:fb:40:b4:
                    0f:02:e9:64:23:b0:c4:0d:da:3e:09:ed:a8:14:bd:
                    89:89:cd:d6:ce:5f:9e:ab:61:b8:61:fd:3d:00:2e:
                    f7:c8:c3:69:b1:2f:de:bc:91:93:a6:76:90:66:27:
                    d4:cf:10:61:e9:d8:89:ed:79:6a:08:6e:dc:28:f7:
                    4d:f6:ec:ac:8a:43:a8:08:46:97:2c:2c:c1:38:16:
                    db:3b:39:c3:eb:96:32:e7:e4:f3:96:e6:40:a5:19:
                    10:bd:29:0f:7c:61:6d:38:da:d7:90:29:e0:e2:12:
                    ad:d5:0b:70:b8:5c:ac:12:f8:de:d3:5b:f2:f0:e8:
                    05:fd:d1:4b:60:50:46:f1:ee:ea:cd:68:f2:c7:af:
                    f6:d5:fe:76:89:33:66:f3:aa:0a:cd:a1:92:ec:8b:
                    6e:92:1e:67:91:34:a8:14:e8:6b:a9:4d:47:5e:35:
                    cd:30:78:c4:e5:ad:c6:c4:b5:87:c8:c2:4d:70:d2:
                    bf:d7:21:b1:b2:63:90:79:dc:62:0c:49:e7:4f:4d:
                    cc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:22:B1:C3:D4:D0:6D:4F:8D:18:2F:FD:D5:E9:F2:22:DD:31:A5:0B
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:44:1f:fc:2a:fc:71:7f:7f:7d:c3:c5:8d:b5:34:42:91:5b:
         cb:69:3e:15:f9:26:19:54:cb:a6:7f:98:7a:2f:47:20:1c:a1:
         26:2c:2a:05:63:e7:84:46:3f:24:92:ef:84:e1:1e:11:e2:5c:
         30:c6:d9:ea:ab:d8:f7:05:0c:f9:76:11:68:07:22:f6:93:c5:
         98:87:4e:ce:bf:14:93:82:04:ca:a9:39:de:cf:ff:6f:b4:e0:
         6a:02:0f:2c:3a:2d:12:e7:fa:09:c7:bb:69:9f:61:d3:0f:5a:
         c6:8a:46:c4:6a:3c:26:57:07:41:4e:1e:fd:9d:09:d6:5e:94:
         3c:61:38:e8:59:30:68:e6:dc:3b:a8:b8:96:e1:5b:48:66:e5:
         b9:18:c4:35:c9:5a:d2:52:29:44:6a:52:84:bd:66:fe:be:ce:
         4e:91:1f:a9:8a:c5:1e:65:0b:33:21:87:44:95:f8:ae:e5:39:
         67:78:b0:27:f4:87:af:63:bc:f2:68:49:dd:df:a0:a3:f7:5c:
         5c:91:7c:67:5a:4d:33:32:76:e8:f9:c5:ca:1c:ab:8b:3b:b9:
         eb:8a:64:c3:f8:02:b7:63:9c:ae:a1:44:01:c6:0a:70:f5:f9:
         08:df:8c:10:13:0a:bc:12:6f:9e:e8:e4:99:db:92:5f:40:6e:
         86:2f:8a:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijPJWaUd3HU3n9bMLrUKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjUwOTA3MDUwMTI2WhcNMjUwOTA4MDUwMTI2WjAzMTEwLwYDVQQD
Eyg3MDIyYjFjM2Q0ZDA2ZDRmOGQxODJmZmRkNWU5ZjIyMmRkMzFhNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Xo33Xv2bLeWNTLNA9RnQWioujHB
WtHJG0kPiZriuJW6n28YG6JX9Eh0h7DXZLxtAzZjaK+eOv37QLQPAulkI7DEDdo+
Ce2oFL2Jic3Wzl+eq2G4Yf09AC73yMNpsS/evJGTpnaQZifUzxBh6diJ7XlqCG7c
KPdN9uysikOoCEaXLCzBOBbbOznD65Yy5+TzluZApRkQvSkPfGFtONrXkCng4hKt
1QtwuFysEvje01vy8OgF/dFLYFBG8e7qzWjyx6/21f52iTNm86oKzaGS7Itukh5n
kTSoFOhrqU1HXjXNMHjE5a3GxLWHyMJNcNK/1yGxsmOQedxiDEnnT03McQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAiscPU0G1PjRgv/dXp8iLdMaULMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUkQf/Cr8
cX9/fcPFjbU0QpFby2k+FfkmGVTLpn+Yei9HIByhJiwqBWPnhEY/JJLvhOEeEeJc
MMbZ6qvY9wUM+XYRaAci9pPFmIdOzr8Uk4IEyqk53s//b7TgagIPLDotEuf6Cce7
aZ9h0w9axopGxGo8JlcHQU4e/Z0J1l6UPGE46FkwaObcO6i4luFbSGbluRjENcla
0lIpRGpShL1m/r7OTpEfqYrFHmULMyGHRJX4ruU5Z3iwJ/SHr2O88mhJ3d+go/dc
XJF8Z1pNMzJ26PnFyhyrizu564pkw/gCt2OcrqFEAcYKcPX5CN+MEBMKvBJvnujk
mduSX0Buhi+KCw==
-----END CERTIFICATE-----