Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          fCHsN1vOIcvpgjXtDqrb7GhuN8aP9puStc2K4cYDsPw=
Subject key identifier:   0D:D4:AA:DA:84:E4:D1:1C:9E:9D:86:81:AA:4A:5B:C6:15:94:29:4E
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       0197499EDCB2C805178580ED17280C623F9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          04C8
Signing time:             Sat 07 Jun 2025 09:00:37 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:37 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:37 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: B3nBSqcXTdSfjuZ7hpkDj3hKQQ+Vbf2RYfQoSrceSEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9e:dc:b2:c8:05:17:85:80:ed:17:28:0c:62:3f:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Jun  7 09:00:37 2025 GMT
            Not After : Jun  8 09:00:37 2025 GMT
        Subject: CN=0dd4aada84e4d11c9e9d8681aa4a5bc61594294e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:21:a8:2b:77:4f:75:2d:db:cf:b2:74:2b:dd:
                    dd:e4:36:d3:30:29:9b:f4:d3:c3:17:dd:8b:d3:be:
                    38:42:25:f7:40:86:7f:f6:a9:10:31:74:a1:9b:50:
                    5f:8c:81:cf:2d:22:26:28:7e:cd:e2:b1:83:bf:e0:
                    be:68:20:70:ae:77:b7:b0:60:25:d6:76:17:b3:eb:
                    9d:a7:7f:4e:12:8c:bd:6e:23:19:56:68:f8:83:91:
                    2d:cf:16:9b:37:b4:fe:f1:8e:3c:16:c1:82:e0:7e:
                    d3:68:13:a1:fd:d2:a9:3f:3c:46:44:2b:f5:09:c8:
                    55:d5:96:46:91:24:ee:63:0f:1f:68:99:5f:ea:06:
                    8e:24:ac:d5:f2:d7:1a:42:b3:da:6b:74:d5:a5:05:
                    7f:c9:61:36:49:2a:e4:58:36:cd:a7:5a:64:4e:a7:
                    2c:76:cd:53:aa:de:99:2a:e3:48:65:31:71:78:46:
                    71:44:73:18:29:91:10:0f:11:ed:37:5d:0c:a2:3b:
                    87:57:a8:3a:66:60:f9:82:47:44:bc:73:d1:b7:80:
                    d3:b3:34:6b:bd:65:f6:a1:46:6e:28:f6:b7:d6:3b:
                    09:63:f0:a8:6d:41:22:67:73:2f:d5:9c:f1:30:3a:
                    70:d9:57:93:bc:c1:49:27:a4:e2:93:f0:91:94:2c:
                    5c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:D4:AA:DA:84:E4:D1:1C:9E:9D:86:81:AA:4A:5B:C6:15:94:29:4E
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:83:ba:03:5f:56:8d:4e:42:92:f3:68:4f:c4:76:72:05:e7:
         01:04:e3:27:87:8d:68:15:d3:10:dd:fb:80:7d:ef:1d:a2:96:
         4d:77:07:4a:0f:71:82:6f:27:07:e5:3d:d9:2d:05:03:b3:ee:
         d9:b8:00:b4:9f:3f:f5:37:b4:b6:ca:8e:5a:1c:22:35:3e:65:
         a0:71:10:91:f6:9f:2d:ba:25:54:dd:74:51:68:ee:40:88:50:
         55:f5:96:5a:52:05:4a:0e:28:b2:cf:8e:41:1d:54:5c:9a:5f:
         8f:df:21:aa:0d:f9:d2:4b:54:94:c8:42:4e:ed:72:06:95:ff:
         85:c4:bf:79:04:5a:3d:9b:e1:a4:be:80:5a:81:36:db:bb:8f:
         85:df:5d:6f:5c:32:af:61:31:96:37:33:b2:cd:72:d8:ea:51:
         47:e9:7f:9d:eb:b4:b6:db:e9:1e:2b:fd:cd:ad:d0:8c:bb:a0:
         ef:d4:98:a1:72:ed:1e:3e:21:d2:64:97:49:97:79:aa:93:fa:
         97:a5:f1:7d:81:61:94:46:da:8b:c5:3a:68:79:c6:5e:1e:be:
         d9:9b:8a:b5:63:15:54:22:9e:d2:c1:79:0c:85:5b:c1:10:1e:
         0e:22:f7:2c:6a:db:c3:22:af:1b:19:12:eb:f3:63:dc:b5:bc:
         d5:01:81:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJntyyyAUXhYDtFygMYj+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUwNjA3MDkwMDM3WhcNMjUwNjA4MDkwMDM3WjAzMTEwLwYDVQQD
EygwZGQ0YWFkYTg0ZTRkMTFjOWU5ZDg2ODFhYTRhNWJjNjE1OTQyOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CGoK3dPdS3bz7J0K93d5DbTMCmb
9NPDF92L0744QiX3QIZ/9qkQMXShm1BfjIHPLSImKH7N4rGDv+C+aCBwrne3sGAl
1nYXs+udp39OEoy9biMZVmj4g5EtzxabN7T+8Y48FsGC4H7TaBOh/dKpPzxGRCv1
CchV1ZZGkSTuYw8faJlf6gaOJKzV8tcaQrPaa3TVpQV/yWE2SSrkWDbNp1pkTqcs
ds1Tqt6ZKuNIZTFxeEZxRHMYKZEQDxHtN10MojuHV6g6ZmD5gkdEvHPRt4DTszRr
vWX2oUZuKPa31jsJY/CobUEiZ3Mv1ZzxMDpw2VeTvMFJJ6Tik/CRlCxcBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3UqtqE5NEcnp2GgapKW8YVlClOMB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIO6A19W
jU5CkvNoT8R2cgXnAQTjJ4eNaBXTEN37gH3vHaKWTXcHSg9xgm8nB+U92S0FA7Pu
2bgAtJ8/9Te0tsqOWhwiNT5loHEQkfafLbolVN10UWjuQIhQVfWWWlIFSg4oss+O
QR1UXJpfj98hqg350ktUlMhCTu1yBpX/hcS/eQRaPZvhpL6AWoE227uPhd9db1wy
r2Exljczss1y2OpRR+l/neu0ttvpHiv9za3QjLug79SYoXLtHj4h0mSXSZd5qpP6
l6XxfYFhlEbai8U6aHnGXh6+2ZuKtWMVVCKe0sF5DIVbwRAeDiL3LGrbwyKvGxkS
6/Nj3LW81QGBIw==
-----END CERTIFICATE-----