Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
File:                     r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json)
Hash identifier:          riIbnt6ZwrFMLTEVNz3mdIyeXx20ZNAp+6vBRESjwsI=
Subject key identifier:   1A:62:41:A8:A8:56:FC:02:18:79:C0:64:12:5D:A8:66:8C:4E:87:65
Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
Certificate issuer:       /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Certificate serial:       019923A0A46FBBCA707D8DF357420D2EEB87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
Manifest number:          0B67
Signing time:             Sun 07 Sep 2025 10:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:34 +0000
Files and hashes:         1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: sJKfdbnHA/uAk2DBtFK57ByoGVScl6bvTT+d9rLIAiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:a4:6f:bb:ca:70:7d:8d:f3:57:42:0d:2e:eb:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
        Validity
            Not Before: Sep  7 10:02:34 2025 GMT
            Not After : Sep  8 10:02:34 2025 GMT
        Subject: CN=1a6241a8a856fc021879c064125da8668c4e8765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ec:77:ae:fd:b3:b6:df:ec:d6:cf:72:ae:36:
                    e0:a7:fa:90:41:07:e5:53:15:36:fe:1c:60:fa:a9:
                    30:3d:c8:33:fb:fe:4c:cd:48:f4:fc:4f:78:9e:26:
                    c5:29:e4:d0:08:56:e7:db:35:fb:d4:ca:49:77:4f:
                    8d:8c:88:3c:1a:f6:2e:e6:ce:10:b0:30:b9:9b:15:
                    64:ea:59:8e:61:5d:d0:25:e1:0a:d0:67:1f:c8:02:
                    ef:05:3e:34:30:08:20:1d:88:fd:cc:1a:a1:50:21:
                    0c:61:a9:2b:88:3b:79:cb:fe:2a:fa:ed:f3:35:b6:
                    d9:0d:85:4a:fb:aa:dc:cf:1a:ac:2d:00:32:20:7a:
                    a5:25:d6:5a:a0:8d:b8:53:ba:99:b6:e6:05:00:4f:
                    4e:cc:e5:93:ee:b4:8c:e2:e1:a1:33:58:4e:c0:65:
                    55:b7:bb:9b:43:1f:83:3e:39:e9:48:83:20:f4:12:
                    fc:6e:96:da:7f:70:89:f4:db:5a:c6:5b:82:4e:b9:
                    3a:43:12:ef:f7:06:83:29:5d:94:ec:13:1c:26:4e:
                    51:ac:0a:2b:d5:a2:ef:08:1f:cc:72:9f:95:3c:09:
                    e0:7f:37:2c:a6:11:32:fd:e0:c2:af:b0:b2:f6:50:
                    2b:43:1e:3c:42:3e:4d:69:e5:04:b4:08:56:9b:27:
                    74:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:62:41:A8:A8:56:FC:02:18:79:C0:64:12:5D:A8:66:8C:4E:87:65
            X509v3 Authority Key Identifier:
                keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:55:55:27:b8:01:d1:e8:e1:95:1d:2d:8d:71:43:c4:68:e0:
         ad:8d:45:e2:4d:0c:b6:5b:a4:f2:f4:23:ab:ab:9a:62:59:7b:
         6c:d9:ef:4a:cf:c4:cd:53:02:ed:46:43:97:e9:47:92:7b:82:
         03:e8:72:1c:5c:68:16:00:b2:e5:d6:26:9f:48:13:eb:e3:a1:
         27:76:47:57:2a:df:1d:cd:c3:46:5e:73:22:a1:9f:a5:3f:8c:
         48:88:98:b9:13:ba:f6:d0:42:58:b0:81:0f:87:e1:1a:f6:8e:
         1f:7f:0a:bb:32:de:41:3f:21:48:0f:fe:d5:b7:90:08:20:0b:
         19:3f:2a:0c:03:66:1f:98:6f:35:9f:ac:39:a6:19:d9:d9:c3:
         4c:63:f5:75:21:29:a3:0c:dd:ed:25:b4:b6:8d:37:37:5d:d0:
         0e:57:75:c0:2a:5d:83:09:63:b0:6f:98:67:87:f7:34:4c:d5:
         9e:93:ee:42:e9:53:4a:07:4f:8c:0c:ca:88:f7:a1:62:87:44:
         92:89:0d:9f:a8:59:a4:c7:0f:46:b6:86:b0:19:c6:b5:fc:2b:
         82:05:4d:06:a6:d4:99:e0:16:2f:22:f5:85:b1:67:dd:21:5d:
         19:f2:1f:25:10:29:2c:44:1f:d3:90:64:79:8b:fd:78:63:8f:
         07:8d:87:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoKRvu8pwfY3zV0INLuuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx
NWM5MTAwHhcNMjUwOTA3MTAwMjM0WhcNMjUwOTA4MTAwMjM0WjAzMTEwLwYDVQQD
EygxYTYyNDFhOGE4NTZmYzAyMTg3OWMwNjQxMjVkYTg2NjhjNGU4NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+x3rv2ztt/s1s9yrjbgp/qQQQfl
UxU2/hxg+qkwPcgz+/5MzUj0/E94nibFKeTQCFbn2zX71MpJd0+NjIg8GvYu5s4Q
sDC5mxVk6lmOYV3QJeEK0GcfyALvBT40MAggHYj9zBqhUCEMYakriDt5y/4q+u3z
NbbZDYVK+6rczxqsLQAyIHqlJdZaoI24U7qZtuYFAE9OzOWT7rSM4uGhM1hOwGVV
t7ubQx+DPjnpSIMg9BL8bpbaf3CJ9NtaxluCTrk6QxLv9waDKV2U7BMcJk5RrAor
1aLvCB/Mcp+VPAngfzcsphEy/eDCr7Cy9lArQx48Qj5NaeUEtAhWmyd0ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpiQaioVvwCGHnAZBJdqGaMTodlMB8GA1UdIwQY
MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt
YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx
LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgVVVJ7gB
0ejhlR0tjXFDxGjgrY1F4k0Mtluk8vQjq6uaYll7bNnvSs/EzVMC7UZDl+lHknuC
A+hyHFxoFgCy5dYmn0gT6+OhJ3ZHVyrfHc3DRl5zIqGfpT+MSIiYuRO69tBCWLCB
D4fhGvaOH38KuzLeQT8hSA/+1beQCCALGT8qDANmH5hvNZ+sOaYZ2dnDTGP1dSEp
owzd7SW0to03N13QDld1wCpdgwljsG+YZ4f3NEzVnpPuQulTSgdPjAzKiPehYodE
kokNn6hZpMcPRraGsBnGtfwrggVNBqbUmeAWLyL1hbFn3SFdGfIfJRApLEQf05Bk
eYv9eGOPB42HRA==
-----END CERTIFICATE-----