Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          Hvfouxl2mWdEVIIGxSxK/jdNC9gm62I75sLFbos8r7s=
Subject key identifier:   EE:2E:36:42:B3:AF:E7:51:B8:CC:2A:DD:56:41:13:E0:E0:F6:86:D3
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019761A7EA81F561CBDD6697A9F199CFF3AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A66
Signing time:             Thu 12 Jun 2025 01:01:23 +0000
Manifest this update:     Thu 12 Jun 2025 01:01:23 +0000
Manifest next update:     Fri 13 Jun 2025 01:01:23 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: Fk0dCXiWZQAxIL0NflvVxWqXX0hsaSdrxkJ4YEliB8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:a7:ea:81:f5:61:cb:dd:66:97:a9:f1:99:cf:f3:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Jun 12 01:01:23 2025 GMT
            Not After : Jun 13 01:01:23 2025 GMT
        Subject: CN=ee2e3642b3afe751b8cc2add564113e0e0f686d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0c:85:0e:ce:4c:c0:4c:46:2e:a8:93:a7:f2:
                    95:8d:ff:06:b9:84:85:20:f2:fc:fc:85:67:44:b1:
                    da:a9:95:03:83:eb:cc:10:5d:f9:ca:3f:4d:b4:61:
                    77:3c:8a:de:ae:8c:6a:0c:9f:8e:c6:d7:30:d8:39:
                    fb:2e:04:59:c4:fe:98:1a:d0:e6:c9:7a:d7:ff:3b:
                    d8:a0:ac:b9:57:01:17:16:86:da:7c:1b:08:39:74:
                    ef:1c:61:c2:84:ee:26:9c:e3:28:87:b0:13:8d:2a:
                    9c:11:cf:c1:36:0d:7b:ce:5f:cd:88:52:ae:94:fa:
                    e0:0a:9a:2c:e9:1f:3d:a7:2f:aa:e4:dc:e1:a8:f1:
                    bd:f1:87:86:e1:84:a1:7d:b7:f9:bc:83:56:64:ab:
                    c0:f1:89:f6:62:69:0e:a5:41:df:bf:1f:bf:a9:93:
                    86:0b:cb:49:bc:60:93:38:dd:46:23:f7:1f:3f:42:
                    6d:c5:20:24:57:fd:05:0b:ed:77:10:4c:06:f1:25:
                    59:12:22:35:93:87:26:9e:b4:ba:11:51:e0:62:da:
                    5b:be:cb:c6:ce:57:5d:69:35:97:45:42:57:f9:89:
                    ef:95:15:07:3b:d3:f8:07:97:d2:59:26:bb:02:50:
                    21:2e:0e:b2:59:76:f0:d2:5f:35:bb:1a:76:42:49:
                    2e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:2E:36:42:B3:AF:E7:51:B8:CC:2A:DD:56:41:13:E0:E0:F6:86:D3
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:2b:88:a3:af:de:ed:30:12:03:10:3b:4b:9c:c3:e6:5c:27:
         bb:a6:86:8a:74:41:eb:0a:ac:4b:cb:4b:42:af:50:73:44:e2:
         ae:04:b3:ec:72:c3:71:b0:a2:5d:40:90:7a:12:d7:92:a6:1e:
         02:ed:5b:11:fd:d2:98:3b:ff:0d:7f:5d:5d:10:8f:9b:d5:eb:
         c6:76:5b:79:95:64:c5:7c:0e:8b:e3:9f:3f:48:22:6e:f4:05:
         5e:d3:60:c5:be:ac:86:b5:c9:81:72:d2:23:8f:95:fd:f8:ab:
         59:d6:e3:db:a2:c5:f0:58:8d:e7:29:82:44:64:7a:42:61:4b:
         2e:ee:0a:88:f0:3f:d7:fb:db:d4:ea:ea:c5:d9:e0:31:ef:f4:
         b4:dd:fe:84:32:eb:bd:31:0e:be:07:2e:72:0a:a2:10:d2:8f:
         04:e2:78:55:2b:06:3b:56:28:5e:81:1f:ee:33:72:ab:06:23:
         f8:57:34:45:45:d1:d6:29:d1:94:a4:6c:0a:71:91:2e:24:ad:
         d0:6b:71:d9:ab:86:28:80:b0:16:04:a3:fc:a0:94:f7:1e:5e:
         cb:ad:3b:41:33:bd:92:f1:fa:df:a8:8a:71:08:e8:85:12:d2:
         e3:09:38:64:14:55:48:b1:0f:2f:5d:6b:f6:94:cc:f1:06:8a:
         1e:38:b9:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhp+qB9WHL3WaXqfGZz/OqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNjEyMDEwMTIzWhcNMjUwNjEzMDEwMTIzWjAzMTEwLwYDVQQD
EyhlZTJlMzY0MmIzYWZlNzUxYjhjYzJhZGQ1NjQxMTNlMGUwZjY4NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugyFDs5MwExGLqiTp/KVjf8GuYSF
IPL8/IVnRLHaqZUDg+vMEF35yj9NtGF3PIreroxqDJ+Oxtcw2Dn7LgRZxP6YGtDm
yXrX/zvYoKy5VwEXFobafBsIOXTvHGHChO4mnOMoh7ATjSqcEc/BNg17zl/NiFKu
lPrgCpos6R89py+q5NzhqPG98YeG4YShfbf5vINWZKvA8Yn2YmkOpUHfvx+/qZOG
C8tJvGCTON1GI/cfP0JtxSAkV/0FC+13EEwG8SVZEiI1k4cmnrS6EVHgYtpbvsvG
zlddaTWXRUJX+YnvlRUHO9P4B5fSWSa7AlAhLg6yWXbw0l81uxp2QkkubwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO4uNkKzr+dRuMwq3VZBE+Dg9obTMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSuIo6/e
7TASAxA7S5zD5lwnu6aGinRB6wqsS8tLQq9Qc0TirgSz7HLDcbCiXUCQehLXkqYe
Au1bEf3SmDv/DX9dXRCPm9XrxnZbeZVkxXwOi+OfP0gibvQFXtNgxb6shrXJgXLS
I4+V/firWdbj26LF8FiN5ymCRGR6QmFLLu4KiPA/1/vb1OrqxdngMe/0tN3+hDLr
vTEOvgcucgqiENKPBOJ4VSsGO1YoXoEf7jNyqwYj+Fc0RUXR1inRlKRsCnGRLiSt
0Gtx2auGKICwFgSj/KCU9x5ey607QTO9kvH636iKcQjohRLS4wk4ZBRVSLEPL11r
9pTM8QaKHji5rQ==
-----END CERTIFICATE-----