Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
File:                     hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json)
Hash identifier:          9n7NK30dl1Jhir6s7f4rxcf249MRccPaCnnh9Ocb6A8=
Subject key identifier:   37:0F:C7:E5:DD:3B:6E:FC:B0:23:5A:59:2C:DD:01:C0:DA:B8:B7:70
Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C
Certificate issuer:       /CN=869acd19e23a816644bad0e8a12b86e1288ad33c
Certificate serial:       01974E5813775EDD955F71DF171AEC461901
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
Manifest number:          0F68
Signing time:             Sun 08 Jun 2025 07:01:24 +0000
Manifest this update:     Sun 08 Jun 2025 07:01:24 +0000
Manifest next update:     Mon 09 Jun 2025 07:01:24 +0000
Files and hashes:         1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: CgWsizC4UolofCIwHyeK/Dd/6Viv+ShdNQLgMoVqKxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 07:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:58:13:77:5e:dd:95:5f:71:df:17:1a:ec:46:19:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c
        Validity
            Not Before: Jun  8 07:01:24 2025 GMT
            Not After : Jun  9 07:01:24 2025 GMT
        Subject: CN=370fc7e5dd3b6efcb0235a592cdd01c0dab8b770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a6:ca:33:5e:0d:cc:70:97:db:19:f3:64:d6:
                    81:4f:d3:3b:7e:17:b0:42:fe:25:99:b4:90:a7:13:
                    b5:4b:2c:be:57:f9:40:de:65:77:1e:81:2c:22:5b:
                    48:2b:2e:78:5b:17:d7:24:e8:20:ed:9e:a5:b2:fa:
                    99:95:18:76:62:e1:61:cd:46:cc:37:c9:09:34:d5:
                    36:50:b0:09:58:51:63:07:41:6e:c2:b8:28:4d:27:
                    c1:0f:9e:cf:d1:b6:c7:63:0f:3e:b7:6c:b6:2f:a2:
                    9b:db:2b:40:98:3b:b2:ff:c2:4d:04:46:a5:3b:22:
                    3c:56:22:36:cf:ab:be:59:1d:5c:9c:33:e8:a8:10:
                    33:d6:95:d9:6c:ea:b5:52:4b:de:81:1a:2a:91:2d:
                    25:35:bd:9c:0f:d8:db:02:7d:3c:26:54:84:71:46:
                    a2:bc:33:5c:57:42:aa:a9:95:9c:c7:d3:81:c4:d1:
                    98:f8:b1:86:89:84:73:5e:12:3b:d9:a9:96:e0:85:
                    b1:9a:fe:48:a5:3d:af:de:cb:32:ed:b3:e4:5e:9f:
                    69:a3:27:44:13:83:a2:53:e5:fe:cf:d9:58:55:36:
                    02:fb:0d:7c:ca:8d:83:fa:45:71:ae:a2:c0:7e:2e:
                    b4:68:65:78:6f:dc:8a:eb:36:dd:7d:d5:23:93:a6:
                    78:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:0F:C7:E5:DD:3B:6E:FC:B0:23:5A:59:2C:DD:01:C0:DA:B8:B7:70
            X509v3 Authority Key Identifier:
                keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:58:c0:c8:2b:ef:60:16:81:02:f5:fb:e2:63:4e:04:78:ef:
         e8:30:54:1a:e9:d1:d8:d9:79:86:5a:95:d3:01:b5:0c:87:ca:
         97:e7:27:9e:47:85:b2:a8:e8:ef:27:18:ae:c2:2c:15:2b:c2:
         8a:26:c2:c8:b3:e5:64:67:df:d0:c4:ad:83:33:d6:ec:cb:88:
         41:ce:62:de:30:7f:33:5e:5c:98:b4:b7:00:b3:bb:ef:59:26:
         9e:d3:04:16:a2:0c:2d:be:dc:4e:f3:1c:bc:94:f0:d5:22:31:
         8f:5e:bc:66:a6:48:d9:d8:fc:fb:83:18:dd:f9:df:2c:48:b1:
         3e:d4:6a:2a:86:96:3e:5b:d9:d3:9e:26:39:cc:8d:f5:35:b2:
         2a:c5:d8:a3:07:8a:2f:a8:a4:3d:20:84:02:7e:e4:ac:23:9d:
         2c:69:05:7f:82:01:0c:e9:ff:81:3e:1b:e1:7e:a5:10:99:38:
         a0:3a:e3:6b:fe:2b:ca:d6:b6:b5:85:62:c6:fa:6e:bc:d0:bd:
         03:6d:84:ff:09:e0:64:16:4b:9c:29:f0:4b:2e:6b:64:8c:9d:
         42:a2:28:76:eb:23:6d:d7:45:68:31:4a:c4:e2:df:fd:15:ad:
         0c:32:c0:92:b9:b4:f0:c0:c9:dd:7e:95:18:b5:21:62:9d:81:
         e4:ec:9a:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOWBN3Xt2VX3HfFxrsRhkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4
YWQzM2MwHhcNMjUwNjA4MDcwMTI0WhcNMjUwNjA5MDcwMTI0WjAzMTEwLwYDVQQD
EygzNzBmYzdlNWRkM2I2ZWZjYjAyMzVhNTkyY2RkMDFjMGRhYjhiNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqbKM14NzHCX2xnzZNaBT9M7fhew
Qv4lmbSQpxO1Syy+V/lA3mV3HoEsIltIKy54WxfXJOgg7Z6lsvqZlRh2YuFhzUbM
N8kJNNU2ULAJWFFjB0FuwrgoTSfBD57P0bbHYw8+t2y2L6Kb2ytAmDuy/8JNBEal
OyI8ViI2z6u+WR1cnDPoqBAz1pXZbOq1UkvegRoqkS0lNb2cD9jbAn08JlSEcUai
vDNcV0KqqZWcx9OBxNGY+LGGiYRzXhI72amW4IWxmv5IpT2v3ssy7bPkXp9poydE
E4OiU+X+z9lYVTYC+w18yo2D+kVxrqLAfi60aGV4b9yK6zbdfdUjk6Z4qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcPx+XdO278sCNaWSzdAcDauLdwMB8GA1UdIwQY
MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt
N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw
LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw1jAyCvv
YBaBAvX74mNOBHjv6DBUGunR2Nl5hlqV0wG1DIfKl+cnnkeFsqjo7ycYrsIsFSvC
iibCyLPlZGff0MStgzPW7MuIQc5i3jB/M15cmLS3ALO771kmntMEFqIMLb7cTvMc
vJTw1SIxj168ZqZI2dj8+4MY3fnfLEixPtRqKoaWPlvZ054mOcyN9TWyKsXYoweK
L6ikPSCEAn7krCOdLGkFf4IBDOn/gT4b4X6lEJk4oDrja/4ryta2tYVixvpuvNC9
A22E/wngZBZLnCnwSy5rZIydQqIodusjbddFaDFKxOLf/RWtDDLAkrm08MDJ3X6V
GLUhYp2B5OyaqA==
-----END CERTIFICATE-----