Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          zcBN5/O8jRnfZnfEtzIsd8ljyMTuA3c9dIzpk1XKTnE=
Subject key identifier:   D1:76:2B:FF:F1:08:26:34:B9:AD:43:EB:DB:E4:FD:66:9D:8C:64:97
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       0197493161C11AF846EF38F742B084CEE08F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          080B
Signing time:             Sat 07 Jun 2025 07:01:02 +0000
Manifest this update:     Sat 07 Jun 2025 07:01:02 +0000
Manifest next update:     Sun 08 Jun 2025 07:01:02 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: A9gHSSRB8AKpKHYwau4KEj1pITY7dMNG6YGufLZ/pXQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:61:c1:1a:f8:46:ef:38:f7:42:b0:84:ce:e0:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Jun  7 07:01:02 2025 GMT
            Not After : Jun  8 07:01:02 2025 GMT
        Subject: CN=d1762bfff1082634b9ad43ebdbe4fd669d8c6497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c9:27:f3:9c:45:f5:fc:52:db:2d:6d:20:da:
                    13:33:14:2b:0d:83:9b:72:fe:6a:2a:a7:47:c8:d1:
                    c2:29:4c:1f:62:88:1d:c1:a1:36:8d:b9:e9:f3:81:
                    8e:70:88:39:6d:0c:d4:d1:41:74:da:82:47:72:93:
                    80:c5:31:38:01:d0:93:2d:1c:23:2f:41:c3:c9:25:
                    bc:a3:70:56:00:44:53:27:6a:74:a7:e3:05:dc:dc:
                    5b:95:8f:ec:b9:4a:5c:5b:db:7a:ae:e6:cf:fb:6a:
                    54:b3:b6:2e:6f:b8:4e:b9:65:d3:2d:7f:95:10:9c:
                    84:44:ab:b4:c8:f8:48:50:0b:06:2b:38:5a:ae:01:
                    fc:73:66:69:35:58:81:9d:3e:ea:5d:78:cf:63:de:
                    d0:07:22:e6:7a:60:a0:6b:91:e8:9f:90:0a:f0:74:
                    fb:90:66:9c:22:cc:b0:a2:d7:7f:1f:b2:77:20:9e:
                    77:c3:cd:c9:8b:62:c5:6e:fb:9b:c4:47:7d:22:e8:
                    e8:36:5d:75:73:6f:89:47:ac:66:01:e1:6a:15:80:
                    9a:e1:7a:29:c2:e1:db:23:20:94:d7:07:1a:ac:52:
                    1f:58:0b:6d:fe:a2:a9:c5:cf:0b:0b:ef:f4:67:11:
                    65:02:f9:9c:ae:f6:41:76:05:e5:a1:ad:c9:7a:00:
                    3b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:76:2B:FF:F1:08:26:34:B9:AD:43:EB:DB:E4:FD:66:9D:8C:64:97
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:02:f7:e4:ec:89:5c:8d:86:06:8f:dc:1b:df:12:a3:32:a2:
         c3:53:19:91:ac:2f:1b:94:2d:3f:ca:3c:b2:d8:bd:97:32:bd:
         5c:06:89:51:7c:aa:37:fc:6c:4f:03:1e:8d:af:b7:40:8a:fb:
         e4:2b:f4:0c:e9:6a:91:f1:87:38:58:e7:f2:40:fc:dd:5c:7e:
         a1:27:4b:06:b7:b7:ab:30:73:31:db:2f:13:5d:d6:58:d3:2c:
         f5:61:67:8a:8d:e7:49:79:a0:58:60:fe:17:62:55:0e:13:6e:
         61:60:45:9e:cc:56:31:ff:e0:64:45:48:1c:b2:b3:c8:de:c2:
         39:90:87:53:f9:a7:be:e8:42:89:90:5a:bf:00:44:c2:e3:b3:
         1a:65:33:34:e8:60:7e:18:54:27:21:79:58:83:46:9d:0a:b8:
         76:8a:2d:4a:1d:7a:57:20:e3:67:cd:10:b8:91:3f:47:51:61:
         70:41:db:d5:8d:a3:17:e3:03:c2:bf:37:07:8e:0a:37:ef:49:
         90:9f:0c:ec:5f:4a:21:34:bc:74:91:8a:b3:7c:c7:05:0e:7a:
         88:e5:7d:7f:6e:18:85:77:0f:ce:40:b0:3e:86:f9:ae:0a:1a:
         ee:35:35:cb:3b:2b:87:a9:ec:f1:45:2b:60:6d:85:f9:0c:dd:
         36:9f:37:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMWHBGvhG7zj3QrCEzuCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjUwNjA3MDcwMTAyWhcNMjUwNjA4MDcwMTAyWjAzMTEwLwYDVQQD
EyhkMTc2MmJmZmYxMDgyNjM0YjlhZDQzZWJkYmU0ZmQ2NjlkOGM2NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMkn85xF9fxS2y1tINoTMxQrDYOb
cv5qKqdHyNHCKUwfYogdwaE2jbnp84GOcIg5bQzU0UF02oJHcpOAxTE4AdCTLRwj
L0HDySW8o3BWAERTJ2p0p+MF3NxblY/suUpcW9t6rubP+2pUs7Yub7hOuWXTLX+V
EJyERKu0yPhIUAsGKzhargH8c2ZpNViBnT7qXXjPY97QByLmemCga5Hon5AK8HT7
kGacIsywotd/H7J3IJ53w83Ji2LFbvubxEd9IujoNl11c2+JR6xmAeFqFYCa4Xop
wuHbIyCU1wcarFIfWAtt/qKpxc8LC+/0ZxFlAvmcrvZBdgXloa3JegA7JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNF2K//xCCY0ua1D69vk/WadjGSXMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQL35OyJ
XI2GBo/cG98SozKiw1MZkawvG5QtP8o8sti9lzK9XAaJUXyqN/xsTwMeja+3QIr7
5Cv0DOlqkfGHOFjn8kD83Vx+oSdLBre3qzBzMdsvE13WWNMs9WFnio3nSXmgWGD+
F2JVDhNuYWBFnsxWMf/gZEVIHLKzyN7COZCHU/mnvuhCiZBavwBEwuOzGmUzNOhg
fhhUJyF5WINGnQq4dootSh16VyDjZ80QuJE/R1FhcEHb1Y2jF+MDwr83B44KN+9J
kJ8M7F9KITS8dJGKs3zHBQ56iOV9f24YhXcPzkCwPob5rgoa7jU1yzsrh6ns8UUr
YG2F+QzdNp83qw==
-----END CERTIFICATE-----