Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          hoDJBs/yXsQg/wcz5ZOyNYuLzW6kUCZ31cYCIWfsIhM=
Subject key identifier:   66:64:FC:D8:3F:8F:C4:F1:56:00:0C:58:23:97:3C:AB:F5:1F:33:40
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       0197474296AE4701EE66ADC8EA45539C1767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          0660
Signing time:             Fri 06 Jun 2025 22:00:35 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:35 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:35 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: tOffPYKu5K7U6Kbqz6Sf//nPhuiSfTOq6ZNrQzXKOoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:96:ae:47:01:ee:66:ad:c8:ea:45:53:9c:17:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Jun  6 22:00:35 2025 GMT
            Not After : Jun  7 22:00:35 2025 GMT
        Subject: CN=6664fcd83f8fc4f156000c5823973cabf51f3340
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:94:0b:b0:ce:1b:52:08:ef:5b:e9:93:c6:ac:
                    db:1f:2a:38:c6:5c:7d:34:2d:17:41:5f:69:c0:70:
                    5b:b4:2f:79:63:81:1b:45:a4:79:7a:b3:36:a4:61:
                    c1:c1:cf:99:0d:c3:94:91:eb:6e:dc:c0:18:7f:19:
                    80:f8:f2:d3:7d:79:88:b0:60:c6:50:50:cc:74:44:
                    e0:cd:a9:1c:10:03:58:17:02:dd:6f:a2:c6:8b:3e:
                    27:d6:42:b5:fb:4c:a1:d2:d2:b3:b8:01:ed:90:2b:
                    f8:a3:12:9b:4d:22:96:36:97:6b:c0:e9:e8:b8:24:
                    d4:a4:22:85:32:41:6c:3a:d4:1f:6f:e0:62:dd:04:
                    44:cf:b8:4b:24:bf:1c:78:03:b7:6d:8e:cf:28:e8:
                    4d:a8:70:05:aa:8b:2a:24:87:81:93:ac:de:8e:c5:
                    94:2e:12:d8:69:22:37:cb:c9:c5:cb:27:22:c0:6c:
                    fd:30:c8:e5:76:78:f7:6e:73:7e:43:76:78:c0:4b:
                    fa:d3:04:e7:49:52:c1:de:d1:d8:cd:ee:e2:fe:4c:
                    5f:ee:9d:ec:d5:91:18:43:ca:70:da:1a:ca:ed:45:
                    fb:5a:e5:b3:db:3b:fc:bb:c2:2d:09:a6:29:03:ed:
                    0b:18:95:37:bd:d7:6c:67:0f:d5:d4:09:b4:91:ee:
                    7c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:64:FC:D8:3F:8F:C4:F1:56:00:0C:58:23:97:3C:AB:F5:1F:33:40
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:c7:93:8e:6d:3b:06:cc:6f:76:0f:f7:07:14:f0:07:0f:0e:
         80:89:db:00:4d:45:8e:52:e7:9f:2d:1f:67:df:89:73:2c:a3:
         96:ef:c8:d8:05:a2:67:e0:e4:c4:cb:34:0a:22:f8:6a:21:bb:
         0a:ac:79:dd:d1:d8:0f:5b:a2:a7:c0:96:d5:44:d6:fa:14:e6:
         c1:77:97:3d:4d:63:a8:9e:ee:f1:71:00:e9:7c:c0:60:3e:da:
         aa:af:7e:27:3e:23:37:75:b1:d5:f9:30:3f:34:68:20:9c:ca:
         7f:ec:70:49:e8:1c:9f:19:1f:db:98:8f:ed:cf:a9:01:e1:33:
         a5:f3:00:83:9a:4b:ab:3c:2b:60:ba:c8:9f:c9:dc:85:e7:a8:
         9e:76:2f:62:0d:c9:df:c0:8a:8b:b5:5a:bb:39:b4:78:bc:7c:
         ab:e0:18:66:36:85:c3:00:66:39:03:56:d5:6e:6a:b3:1f:55:
         aa:55:0e:f2:a9:50:59:1d:c7:21:a0:84:9a:40:0f:8d:2e:f1:
         13:10:22:c3:3d:a1:45:4d:06:48:2d:32:c9:c0:26:6e:a9:f5:
         f1:34:28:ef:62:01:a6:0f:bd:18:3a:e4:68:5f:21:63:64:1a:
         cf:e7:00:63:03:5a:81:fc:c0:2d:bc:93:67:3c:5c:37:e5:7e:
         7c:9c:13:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQpauRwHuZq3I6kVTnBdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUwNjA2MjIwMDM1WhcNMjUwNjA3MjIwMDM1WjAzMTEwLwYDVQQD
Eyg2NjY0ZmNkODNmOGZjNGYxNTYwMDBjNTgyMzk3M2NhYmY1MWYzMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJQLsM4bUgjvW+mTxqzbHyo4xlx9
NC0XQV9pwHBbtC95Y4EbRaR5erM2pGHBwc+ZDcOUketu3MAYfxmA+PLTfXmIsGDG
UFDMdETgzakcEANYFwLdb6LGiz4n1kK1+0yh0tKzuAHtkCv4oxKbTSKWNpdrwOno
uCTUpCKFMkFsOtQfb+Bi3QREz7hLJL8ceAO3bY7PKOhNqHAFqosqJIeBk6zejsWU
LhLYaSI3y8nFyyciwGz9MMjldnj3bnN+Q3Z4wEv60wTnSVLB3tHYze7i/kxf7p3s
1ZEYQ8pw2hrK7UX7WuWz2zv8u8ItCaYpA+0LGJU3vddsZw/V1Am0ke58ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZk/Ng/j8TxVgAMWCOXPKv1HzNAMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASceTjm07
Bsxvdg/3BxTwBw8OgInbAE1FjlLnny0fZ9+Jcyyjlu/I2AWiZ+DkxMs0CiL4aiG7
Cqx53dHYD1uip8CW1UTW+hTmwXeXPU1jqJ7u8XEA6XzAYD7aqq9+Jz4jN3Wx1fkw
PzRoIJzKf+xwSegcnxkf25iP7c+pAeEzpfMAg5pLqzwrYLrIn8ncheeonnYvYg3J
38CKi7Vauzm0eLx8q+AYZjaFwwBmOQNW1W5qsx9VqlUO8qlQWR3HIaCEmkAPjS7x
ExAiwz2hRU0GSC0yycAmbqn18TQo72IBpg+9GDrkaF8hY2Qaz+cAYwNagfzALbyT
ZzxcN+V+fJwTFQ==
-----END CERTIFICATE-----