Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          /4jNhOsED9mKP8fD3i5nuCY4vgflsVtSf4nbLvDGblY=
Subject key identifier:   E3:72:B2:91:F7:42:36:78:B5:9E:35:7E:B4:AA:EC:E3:76:DE:53:2A
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       01974C3231FD980EF38308FA04CA9074BF64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          32
Signing time:             Sat 07 Jun 2025 21:00:47 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:47 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:47 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: qC89zKySqKRG1FaUX67VD2i5NKOK8ZKfVIod+2Nmsf4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 21:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:32:31:fd:98:0e:f3:83:08:fa:04:ca:90:74:bf:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Jun  7 21:00:47 2025 GMT
            Not After : Jun  8 21:00:47 2025 GMT
        Subject: CN=e372b291f7423678b59e357eb4aaece376de532a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f2:59:8f:c3:17:09:5d:3e:16:cf:66:7f:1a:
                    80:99:29:03:ce:13:7b:af:78:4e:aa:12:14:59:86:
                    09:4a:98:30:e7:90:95:96:45:dd:7a:33:cd:51:d0:
                    73:5a:2b:d7:be:12:61:b8:84:76:32:1a:5c:8f:83:
                    27:13:ea:68:db:70:23:e2:36:39:e1:34:ab:12:6d:
                    02:ef:52:72:47:20:6a:c6:c4:d2:74:a5:75:de:e4:
                    5c:52:17:fd:9f:a4:14:cb:52:6a:ca:4e:31:42:b0:
                    47:90:bd:5d:86:0a:d3:f5:d8:49:27:5d:a8:1d:8c:
                    a5:a8:0d:fa:21:27:99:44:b9:3d:10:b3:78:a8:d6:
                    9d:d0:a1:ba:00:97:0b:70:cb:13:16:6a:36:2e:be:
                    6c:15:ce:be:c0:5e:ba:72:37:bf:f1:54:c1:9b:f3:
                    4b:4f:e9:29:25:9b:77:d9:ef:0d:19:f3:74:a4:69:
                    38:8f:8f:81:aa:10:2a:fe:9c:06:1b:2e:ba:f5:da:
                    1c:90:6b:db:e6:b6:9b:57:a3:d4:b9:be:7d:db:fb:
                    39:d1:d2:53:dd:46:a1:1b:3d:b7:34:91:d8:48:6e:
                    95:d6:b6:dc:fe:19:7b:16:3f:91:4e:50:d6:7d:8f:
                    59:f4:06:ce:34:8f:52:3e:b4:fc:f1:b7:fe:72:b0:
                    14:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:72:B2:91:F7:42:36:78:B5:9E:35:7E:B4:AA:EC:E3:76:DE:53:2A
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:3a:94:c8:af:0a:92:89:19:28:9c:49:f4:63:eb:54:b5:be:
         75:c9:a7:45:37:41:a8:69:e8:24:89:80:0d:7e:ae:3a:c6:de:
         d1:c6:67:a7:f0:03:87:68:1c:e6:ea:c9:2d:88:55:50:1c:0b:
         1d:92:13:2b:d0:ac:03:db:dc:f0:69:51:39:ff:bf:96:9d:37:
         71:e1:21:e1:b5:d4:13:e5:d0:6e:60:2e:8e:a0:72:70:67:55:
         68:cf:95:30:ef:fe:34:92:2c:e0:ba:b7:10:73:96:3e:f2:ad:
         7d:b7:4f:a4:57:ec:34:35:6d:af:d0:47:8a:9e:b0:46:c5:c7:
         88:84:14:a5:fc:38:7d:8c:0f:84:1a:2a:26:f7:28:17:f8:fe:
         04:24:5f:c6:01:3e:55:3b:f0:a6:ea:6a:8b:81:31:06:5c:0b:
         54:ab:a4:bb:a9:9d:fd:c2:fd:11:ca:f8:df:0c:56:85:33:f2:
         78:82:36:77:d5:60:c8:69:35:ca:3d:33:2e:5d:b6:7e:ec:95:
         7d:35:cf:18:8f:d7:3a:b0:14:89:d3:58:4a:ee:71:51:a1:e3:
         48:fc:9d:82:9f:b8:e3:bb:86:02:31:35:d0:de:9a:08:19:7d:
         39:83:30:5b:64:30:28:d8:56:8b:be:b6:15:46:25:e8:89:29:
         27:6a:7c:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMjH9mA7zgwj6BMqQdL9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjUwNjA3MjEwMDQ3WhcNMjUwNjA4MjEwMDQ3WjAzMTEwLwYDVQQD
EyhlMzcyYjI5MWY3NDIzNjc4YjU5ZTM1N2ViNGFhZWNlMzc2ZGU1MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/JZj8MXCV0+Fs9mfxqAmSkDzhN7
r3hOqhIUWYYJSpgw55CVlkXdejPNUdBzWivXvhJhuIR2Mhpcj4MnE+po23Aj4jY5
4TSrEm0C71JyRyBqxsTSdKV13uRcUhf9n6QUy1Jqyk4xQrBHkL1dhgrT9dhJJ12o
HYylqA36ISeZRLk9ELN4qNad0KG6AJcLcMsTFmo2Lr5sFc6+wF66cje/8VTBm/NL
T+kpJZt32e8NGfN0pGk4j4+BqhAq/pwGGy669dockGvb5rabV6PUub592/s50dJT
3UahGz23NJHYSG6V1rbc/hl7Fj+RTlDWfY9Z9AbONI9SPrT88bf+crAUjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONyspH3QjZ4tZ41frSq7ON23lMqMB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTqUyK8K
kokZKJxJ9GPrVLW+dcmnRTdBqGnoJImADX6uOsbe0cZnp/ADh2gc5urJLYhVUBwL
HZITK9CsA9vc8GlROf+/lp03ceEh4bXUE+XQbmAujqBycGdVaM+VMO/+NJIs4Lq3
EHOWPvKtfbdPpFfsNDVtr9BHip6wRsXHiIQUpfw4fYwPhBoqJvcoF/j+BCRfxgE+
VTvwpupqi4ExBlwLVKuku6md/cL9Ecr43wxWhTPyeII2d9VgyGk1yj0zLl22fuyV
fTXPGI/XOrAUidNYSu5xUaHjSPydgp+447uGAjE10N6aCBl9OYMwW2QwKNhWi762
FUYl6IkpJ2p8VQ==
-----END CERTIFICATE-----