Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          YBSFYbBYZ41cqfdEQ/Yoc2P5l3ede/FL1r4+QruFBZU=
Subject key identifier:   68:3E:7B:FA:0C:72:5D:C8:3E:5D:1E:0D:FA:A9:31:95:EC:D2:45:7C
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       01974FD7F4E44AFAAD6A50555FD4027B9A8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          03B3
Signing time:             Sun 08 Jun 2025 14:00:42 +0000
Manifest this update:     Sun 08 Jun 2025 14:00:42 +0000
Manifest next update:     Mon 09 Jun 2025 14:00:42 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: V5OUcQlUA6Qo5gUb2mvjCRVYSa25iLunw1wKRP9FDOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4f:d7:f4:e4:4a:fa:ad:6a:50:55:5f:d4:02:7b:9a:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Jun  8 14:00:42 2025 GMT
            Not After : Jun  9 14:00:42 2025 GMT
        Subject: CN=683e7bfa0c725dc83e5d1e0dfaa93195ecd2457c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2d:12:14:19:60:26:63:01:f4:0b:0f:1b:a9:
                    a1:aa:06:7d:c7:9d:e0:63:fc:00:13:55:62:08:90:
                    15:b1:d1:74:06:1b:f7:88:c8:a8:7d:57:fe:ef:04:
                    b5:b8:3a:2a:e9:02:84:00:a4:a5:6b:f0:c5:f9:08:
                    b6:b7:f4:0b:97:80:45:8f:72:a9:10:0c:19:b5:e5:
                    21:59:bf:a8:93:a1:f7:d8:56:54:03:f4:eb:ca:cf:
                    55:c0:c8:fa:5a:a6:ee:c3:8c:1c:b0:b3:9e:59:c4:
                    3b:fa:d1:8a:4b:4b:67:f9:2f:77:af:47:01:33:8a:
                    23:db:e2:d6:09:b5:8b:c0:48:02:6d:c0:9a:b1:f6:
                    a4:f4:0d:d6:a9:d4:cb:fd:b7:79:33:cc:9b:4d:aa:
                    24:42:18:d2:65:99:ae:01:dd:80:2a:4a:37:df:cc:
                    4c:8f:e9:31:61:5e:48:c1:b8:47:45:78:9a:e0:ee:
                    01:b6:0c:c7:a6:64:3a:e0:5c:fd:67:fe:9a:95:73:
                    a0:d1:c9:ed:04:f0:36:46:16:c5:72:cf:da:e5:d5:
                    b6:e8:a4:78:c3:9a:f2:fc:36:4f:ab:c9:bd:27:ed:
                    6b:24:d5:95:f7:ce:73:3f:a4:0f:ca:e2:d8:b5:0d:
                    43:69:16:c5:3b:75:5b:a7:db:d4:4b:77:d0:09:6c:
                    95:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:3E:7B:FA:0C:72:5D:C8:3E:5D:1E:0D:FA:A9:31:95:EC:D2:45:7C
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:db:5f:44:c3:5d:ae:17:94:7f:98:da:c8:78:bf:bd:f3:8c:
         f7:47:7d:d0:9f:ee:3a:97:49:5e:d8:2b:54:bc:1b:56:2f:bc:
         fc:36:23:47:2f:b8:7e:a0:99:1d:c1:bc:88:90:bb:8e:9b:80:
         1c:8c:9d:71:24:d8:f7:00:c5:b7:d4:ba:2c:a4:19:75:bb:91:
         d7:7a:b6:a0:cc:6e:47:2a:af:55:39:4d:8e:a2:25:d5:7e:1a:
         73:13:fc:d4:46:88:08:d5:8f:0d:39:6a:59:ed:21:c3:2d:99:
         be:0f:9a:33:13:90:a9:76:f7:7a:f9:4b:e4:0d:d7:fe:83:7b:
         db:73:e9:a7:ea:43:09:e3:51:cf:f2:79:a2:d2:2b:8c:3f:76:
         18:24:49:76:aa:65:af:74:5a:a6:59:aa:76:c8:22:8b:10:b3:
         a0:ad:62:ba:75:63:42:bf:8b:86:9f:96:9c:ea:54:ed:e1:eb:
         ca:29:a8:cc:06:13:03:5a:ec:d7:d2:08:b0:5b:14:99:ef:e4:
         9e:34:60:d0:dc:b4:40:73:64:64:43:c8:f3:21:41:ac:55:03:
         70:b1:91:02:38:be:0b:c5:6a:b4:f0:47:d3:33:06:1b:23:5e:
         46:27:b7:96:67:09:b6:19:5f:91:93:49:e5:c0:a4:e5:53:8e:
         74:de:0f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdP1/TkSvqtalBVX9QCe5qLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjUwNjA4MTQwMDQyWhcNMjUwNjA5MTQwMDQyWjAzMTEwLwYDVQQD
Eyg2ODNlN2JmYTBjNzI1ZGM4M2U1ZDFlMGRmYWE5MzE5NWVjZDI0NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC0SFBlgJmMB9AsPG6mhqgZ9x53g
Y/wAE1ViCJAVsdF0Bhv3iMiofVf+7wS1uDoq6QKEAKSla/DF+Qi2t/QLl4BFj3Kp
EAwZteUhWb+ok6H32FZUA/Trys9VwMj6Wqbuw4wcsLOeWcQ7+tGKS0tn+S93r0cB
M4oj2+LWCbWLwEgCbcCasfak9A3WqdTL/bd5M8ybTaokQhjSZZmuAd2AKko338xM
j+kxYV5IwbhHRXia4O4BtgzHpmQ64Fz9Z/6alXOg0cntBPA2RhbFcs/a5dW26KR4
w5ry/DZPq8m9J+1rJNWV985zP6QPyuLYtQ1DaRbFO3Vbp9vUS3fQCWyVnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGg+e/oMcl3IPl0eDfqpMZXs0kV8MB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACdtfRMNd
rheUf5jayHi/vfOM90d90J/uOpdJXtgrVLwbVi+8/DYjRy+4fqCZHcG8iJC7jpuA
HIydcSTY9wDFt9S6LKQZdbuR13q2oMxuRyqvVTlNjqIl1X4acxP81EaICNWPDTlq
We0hwy2Zvg+aMxOQqXb3evlL5A3X/oN723Ppp+pDCeNRz/J5otIrjD92GCRJdqpl
r3RaplmqdsgiixCzoK1iunVjQr+Lhp+WnOpU7eHryimozAYTA1rs19IIsFsUme/k
njRg0Ny0QHNkZEPI8yFBrFUDcLGRAji+C8VqtPBH0zMGGyNeRie3lmcJthlfkZNJ
5cCk5VOOdN4Pvg==
-----END CERTIFICATE-----