Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          Q+DQbItucdUon3amU/Tg2biKovzzk8xFJBaLiCGwh3o=
Subject key identifier:   0B:A8:3A:72:A6:FD:C1:50:A8:31:BE:35:B9:F4:49:06:08:B8:EF:2C
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       01974A7A9F7EEDEBE37ADE95712DD69EB977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          157A
Signing time:             Sat 07 Jun 2025 13:00:39 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:39 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:39 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: XFoNEtyQ8NfGdod7hm5oXEuna01jPGCLl+3+IBs83NU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:9f:7e:ed:eb:e3:7a:de:95:71:2d:d6:9e:b9:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Jun  7 13:00:39 2025 GMT
            Not After : Jun  8 13:00:39 2025 GMT
        Subject: CN=0ba83a72a6fdc150a831be35b9f4490608b8ef2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1f:c6:3e:a1:28:e8:d3:51:38:e6:de:69:d4:
                    c9:cb:1a:0b:ad:8c:ec:44:60:d7:62:6e:e1:fc:37:
                    bd:9d:60:f2:b0:11:6a:4d:48:65:fe:75:f0:2c:dd:
                    72:cb:9d:ae:3e:af:ee:2e:85:0d:0e:32:65:6b:0e:
                    19:89:22:de:84:36:98:f0:75:95:ba:cc:11:22:71:
                    78:ab:10:c9:51:da:c4:72:6d:17:e9:b7:93:1b:5d:
                    81:96:c8:f6:4d:b3:47:52:ff:00:32:7d:f3:39:c8:
                    73:ed:b0:cd:22:0e:b6:82:c0:f3:af:60:47:ba:60:
                    6c:75:b9:55:ab:86:f8:98:1d:b9:3d:ab:6e:77:15:
                    a2:fe:49:f6:89:c9:ee:d3:65:e5:72:a1:ce:49:16:
                    51:5b:c8:3d:d9:8e:aa:e7:b2:53:b4:3a:e1:13:36:
                    62:02:87:b5:6d:81:a3:06:a4:27:be:2c:22:38:19:
                    2a:87:ee:09:5c:5f:c3:5a:cc:e2:11:b6:f0:ef:c0:
                    06:72:23:19:3a:76:13:27:92:5a:30:57:cb:67:3f:
                    e8:8c:48:60:e3:a6:76:7e:45:ad:14:e5:14:cb:a3:
                    bc:6b:af:75:ac:58:4b:8d:45:99:42:db:ac:94:65:
                    a3:4d:b2:ef:b1:8b:4e:ba:f8:12:6f:06:bd:be:86:
                    49:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:A8:3A:72:A6:FD:C1:50:A8:31:BE:35:B9:F4:49:06:08:B8:EF:2C
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:c0:9e:08:df:2b:fc:67:70:d5:60:db:11:f4:9a:53:48:8f:
         65:81:f7:56:7d:3a:1c:77:1e:6d:f3:3a:29:7a:96:b7:08:8e:
         c9:2b:d1:1b:9f:e6:17:a7:85:c5:f1:c4:0d:fe:73:25:9c:b9:
         06:6c:e2:52:08:e1:41:1e:65:cc:08:b4:e7:c5:16:e8:64:2b:
         33:1f:fd:71:29:53:a6:e2:9e:31:af:00:c1:e0:dd:c1:00:92:
         b4:8c:d9:44:d2:93:8f:1f:31:eb:e3:ff:39:1c:1c:9e:54:41:
         01:2c:9b:e1:8f:7e:f1:40:f3:52:79:b4:f1:e5:fb:4b:45:ce:
         1f:cb:8e:a9:b5:a5:3c:9a:b0:66:de:94:ba:46:e0:e0:6d:39:
         8e:a8:e3:9f:20:ba:c7:bd:af:b6:9a:06:ac:a5:bd:60:f6:78:
         5f:f8:e6:70:0a:98:d8:0e:59:fd:eb:9a:cb:5d:6c:58:dc:b7:
         91:7f:1b:02:a0:60:24:cc:64:b8:50:2b:9a:5c:22:fc:f7:33:
         66:a1:73:b8:b1:c3:85:45:a8:2a:ae:39:13:47:df:43:96:c2:
         01:0d:e3:bf:07:f3:ef:81:12:26:59:79:ac:44:40:2b:e9:02:
         28:39:40:5b:bc:a6:85:cd:9e:ea:aa:f3:eb:aa:3f:45:87:94:
         09:98:7d:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKep9+7evjet6VcS3Wnrl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUwNjA3MTMwMDM5WhcNMjUwNjA4MTMwMDM5WjAzMTEwLwYDVQQD
EygwYmE4M2E3MmE2ZmRjMTUwYTgzMWJlMzViOWY0NDkwNjA4YjhlZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh/GPqEo6NNROObeadTJyxoLrYzs
RGDXYm7h/De9nWDysBFqTUhl/nXwLN1yy52uPq/uLoUNDjJlaw4ZiSLehDaY8HWV
uswRInF4qxDJUdrEcm0X6beTG12Blsj2TbNHUv8AMn3zOchz7bDNIg62gsDzr2BH
umBsdblVq4b4mB25PatudxWi/kn2icnu02XlcqHOSRZRW8g92Y6q57JTtDrhEzZi
Aoe1bYGjBqQnviwiOBkqh+4JXF/DWsziEbbw78AGciMZOnYTJ5JaMFfLZz/ojEhg
46Z2fkWtFOUUy6O8a691rFhLjUWZQtuslGWjTbLvsYtOuvgSbwa9voZJ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAuoOnKm/cFQqDG+Nbn0SQYIuO8sMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWcCeCN8r
/Gdw1WDbEfSaU0iPZYH3Vn06HHcebfM6KXqWtwiOySvRG5/mF6eFxfHEDf5zJZy5
BmziUgjhQR5lzAi058UW6GQrMx/9cSlTpuKeMa8AweDdwQCStIzZRNKTjx8x6+P/
ORwcnlRBASyb4Y9+8UDzUnm08eX7S0XOH8uOqbWlPJqwZt6Uukbg4G05jqjjnyC6
x72vtpoGrKW9YPZ4X/jmcAqY2A5Z/euay11sWNy3kX8bAqBgJMxkuFArmlwi/Pcz
ZqFzuLHDhUWoKq45E0ffQ5bCAQ3jvwfz74ESJll5rERAK+kCKDlAW7ymhc2e6qrz
66o/RYeUCZh9Dw==
-----END CERTIFICATE-----