Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          lZ1LtxJhcHup+g3GDudWqGGFhuw+8eJhFOsitVjWyv4=
Subject key identifier:   1E:48:FD:F9:F1:B7:07:2D:C2:B4:EB:E2:0A:F2:3F:21:2E:DE:97:81
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       01976960F07E80333AC6A20E3071B1B7D5C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A6A
Signing time:             Fri 13 Jun 2025 13:00:50 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:50 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:50 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: PW+N1+vjqFotSf4Z1z8VRBz3bAPTk4JS4L1z23zcBfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:f0:7e:80:33:3a:c6:a2:0e:30:71:b1:b7:d5:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Jun 13 13:00:50 2025 GMT
            Not After : Jun 14 13:00:50 2025 GMT
        Subject: CN=1e48fdf9f1b7072dc2b4ebe20af23f212ede9781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:24:b3:12:25:d5:15:3a:93:ae:97:da:42:f1:
                    2d:f4:b6:2c:12:b0:d1:bf:ec:b3:a3:c5:b9:68:c2:
                    5d:73:9e:86:88:6a:cd:93:43:17:41:73:a1:78:db:
                    26:14:19:82:aa:24:b0:24:5c:66:a6:36:6a:56:7f:
                    0f:40:23:45:47:c3:77:68:2b:8f:e1:c6:5e:00:36:
                    2d:41:dd:e4:65:a1:72:e1:ce:9e:b0:d0:23:e7:aa:
                    dd:46:d2:c6:60:2e:d1:ae:fb:5a:3b:8c:18:9e:3a:
                    0c:6f:e7:31:12:c6:2f:11:1b:df:13:b6:a7:f7:20:
                    81:7f:66:a2:b7:45:b7:f1:b3:65:f6:a2:7c:8c:e7:
                    8f:a4:04:92:37:d7:7f:3a:95:c1:d4:90:be:4e:4a:
                    fd:b5:a0:70:f9:3a:ae:e4:62:cd:08:b0:b2:cb:98:
                    53:81:f3:eb:9d:55:4b:48:2c:c1:73:a3:6f:e5:b1:
                    40:63:55:0a:6c:33:2e:dc:7e:5d:34:7b:4d:2f:ff:
                    c8:92:75:b8:f3:1b:66:af:a0:81:a4:d5:91:a5:e5:
                    f5:b5:44:7e:29:ab:0e:de:fe:95:83:51:9c:24:9f:
                    0a:ab:76:9e:51:f3:32:29:79:e2:55:cf:7c:e7:59:
                    e7:0f:2a:9d:b3:0b:4c:97:93:20:d2:74:7a:1c:cc:
                    5d:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:48:FD:F9:F1:B7:07:2D:C2:B4:EB:E2:0A:F2:3F:21:2E:DE:97:81
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:0d:ed:ec:ae:df:fd:31:cd:f4:8f:81:3f:3d:97:23:65:ab:
         c1:74:7c:8b:ce:36:cc:7a:1c:0c:5f:df:f3:c3:cf:bf:45:c7:
         97:4f:38:4a:54:a7:a4:ad:28:58:48:a5:a4:d7:94:4a:66:d7:
         1b:58:1a:bc:ca:57:df:3f:e5:e8:22:74:ef:b4:1a:81:45:f2:
         bb:a3:74:ea:45:9a:63:92:4a:90:dd:1b:e7:12:6c:79:41:ee:
         30:8d:98:10:0e:42:c4:46:19:63:98:79:75:72:19:b1:4f:3c:
         ce:e6:28:13:37:78:75:91:b5:27:7a:11:3a:c8:6e:01:ee:6c:
         eb:15:b1:cc:68:9c:42:61:7a:f6:d7:bd:27:2c:c2:fc:f5:72:
         4a:3e:48:c9:11:7f:b4:0c:0b:0d:bd:e8:0b:89:67:89:ed:f9:
         d9:ea:23:65:18:91:c8:ff:2a:0d:67:e6:46:53:13:15:ca:64:
         9d:34:8b:c1:79:a6:ad:c9:99:16:c5:21:9e:76:80:0a:99:2e:
         37:c2:0b:af:98:e1:db:9a:f4:77:8b:78:49:b3:3e:c2:01:8a:
         38:bd:6c:73:ae:e5:f6:f1:f9:bf:28:e8:2a:7a:72:6b:36:2f:
         9d:7b:67:88:91:de:04:3e:f2:74:3d:a2:3a:af:d9:b7:38:67:
         f2:86:69:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYPB+gDM6xqIOMHGxt9XAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNjEzMTMwMDUwWhcNMjUwNjE0MTMwMDUwWjAzMTEwLwYDVQQD
EygxZTQ4ZmRmOWYxYjcwNzJkYzJiNGViZTIwYWYyM2YyMTJlZGU5NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiSzEiXVFTqTrpfaQvEt9LYsErDR
v+yzo8W5aMJdc56GiGrNk0MXQXOheNsmFBmCqiSwJFxmpjZqVn8PQCNFR8N3aCuP
4cZeADYtQd3kZaFy4c6esNAj56rdRtLGYC7RrvtaO4wYnjoMb+cxEsYvERvfE7an
9yCBf2ait0W38bNl9qJ8jOePpASSN9d/OpXB1JC+Tkr9taBw+Tqu5GLNCLCyy5hT
gfPrnVVLSCzBc6Nv5bFAY1UKbDMu3H5dNHtNL//IknW48xtmr6CBpNWRpeX1tUR+
KasO3v6Vg1GcJJ8Kq3aeUfMyKXniVc9851nnDyqdswtMl5Mg0nR6HMxdrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5I/fnxtwctwrTr4gryPyEu3peBMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQ3t7K7f
/THN9I+BPz2XI2WrwXR8i842zHocDF/f88PPv0XHl084SlSnpK0oWEilpNeUSmbX
G1gavMpX3z/l6CJ077QagUXyu6N06kWaY5JKkN0b5xJseUHuMI2YEA5CxEYZY5h5
dXIZsU88zuYoEzd4dZG1J3oROshuAe5s6xWxzGicQmF69te9JyzC/PVySj5IyRF/
tAwLDb3oC4lnie352eojZRiRyP8qDWfmRlMTFcpknTSLwXmmrcmZFsUhnnaACpku
N8ILr5jh25r0d4t4SbM+wgGKOL1sc67l9vH5vyjoKnpyazYvnXtniJHeBD7ydD2i
Oq/Ztzhn8oZpRA==
-----END CERTIFICATE-----