Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          ZzIp5WoQosbTEKxiYAwRP7M/WIvvxza011uLD/s2Kfc=
Subject key identifier:   5F:25:00:69:8E:C8:7E:E3:CF:FD:EA:2F:96:A9:14:5A:F9:9A:C5:DB
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019748FA234E41851DA98EFC22B61661BE20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          054D
Signing time:             Sat 07 Jun 2025 06:00:41 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:41 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:41 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: fN8i7v1oGT+ZZYJfScLq7Ry2g295tuAFBQvc3OmiOuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:23:4e:41:85:1d:a9:8e:fc:22:b6:16:61:be:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Jun  7 06:00:41 2025 GMT
            Not After : Jun  8 06:00:41 2025 GMT
        Subject: CN=5f2500698ec87ee3cffdea2f96a9145af99ac5db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8e:d1:19:be:8b:c4:e8:cd:d9:f8:a5:25:d9:
                    03:0e:89:04:3a:11:e8:bf:43:15:22:bc:65:c4:f7:
                    38:68:00:4f:b6:c9:76:78:3c:26:2c:64:0c:d9:10:
                    82:49:6d:5a:bd:80:93:6d:66:84:00:d4:fd:5c:54:
                    7b:73:c0:66:35:d8:7f:27:07:b2:4a:db:38:a4:c8:
                    ba:ea:4c:30:39:c3:02:9b:43:c4:b7:4d:83:bf:6d:
                    b9:0d:7f:db:e2:e9:f1:c0:4d:19:81:1b:ce:c0:64:
                    1d:f2:76:e3:b8:e9:2b:12:f6:5b:23:de:a0:e9:9b:
                    ba:0e:ab:b7:44:88:5f:b5:bc:bb:3a:1a:07:87:b5:
                    1a:5d:43:ab:d4:2b:43:35:50:22:d1:eb:32:ad:b2:
                    22:cf:3e:42:87:07:e2:56:33:34:51:4d:34:87:49:
                    3f:10:bc:a9:26:cf:f9:f9:54:0d:44:3a:f4:32:ee:
                    7f:79:3d:d7:80:05:cd:c2:f4:f2:28:4a:f3:55:85:
                    e7:51:56:26:03:ff:4e:d9:2d:c2:1f:56:98:8f:7d:
                    05:2e:8a:51:85:96:67:71:ce:de:3a:d5:13:ef:39:
                    4e:96:51:df:46:25:28:db:53:0a:1a:86:8d:c9:cf:
                    f4:04:d2:5d:ff:3c:c9:e7:ba:ef:34:6f:ae:d4:34:
                    e7:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:25:00:69:8E:C8:7E:E3:CF:FD:EA:2F:96:A9:14:5A:F9:9A:C5:DB
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:45:5f:5b:78:26:f5:ab:ad:cf:87:72:5e:ba:8c:eb:da:98:
         cd:2b:da:7f:5b:98:42:c8:05:b1:2f:ef:1a:8f:98:77:bf:9d:
         a7:7e:a6:49:1a:8f:1b:dd:31:19:31:e6:5c:4f:59:fd:06:26:
         7f:a2:9d:21:51:81:7b:33:1d:54:32:74:2c:52:2b:ae:c1:04:
         a5:d1:b3:03:e4:b0:86:14:42:77:a1:9b:7d:df:f2:d2:83:db:
         5a:42:9d:1f:54:6f:1f:89:4a:c9:a5:41:74:2f:bb:a2:09:36:
         db:49:d8:d6:f2:0c:96:ba:07:03:a7:75:99:f2:57:e1:81:9f:
         58:ce:02:66:b4:a1:29:bf:9f:56:82:09:79:b5:60:23:3d:83:
         91:3e:ca:d2:c3:1c:c9:51:f7:4f:72:27:fb:49:49:8c:ce:d1:
         cc:cf:11:e2:1f:38:c5:ad:9a:b8:71:cf:74:8f:f1:2e:1b:49:
         e3:9d:fd:f8:4b:b8:e5:d9:46:78:f1:4c:24:87:8d:78:b5:45:
         c4:61:0c:e3:6b:3f:64:b5:8a:28:72:5a:4d:22:d3:06:73:60:
         c9:45:96:5c:af:00:1c:6f:3d:ee:bf:d7:bd:0f:2a:bb:a7:95:
         30:d0:1e:f8:92:cd:60:af:11:e4:6f:b0:a9:78:b7:96:6b:4f:
         7a:67:2b:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+iNOQYUdqY78IrYWYb4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNjA3MDYwMDQxWhcNMjUwNjA4MDYwMDQxWjAzMTEwLwYDVQQD
Eyg1ZjI1MDA2OThlYzg3ZWUzY2ZmZGVhMmY5NmE5MTQ1YWY5OWFjNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI7RGb6LxOjN2filJdkDDokEOhHo
v0MVIrxlxPc4aABPtsl2eDwmLGQM2RCCSW1avYCTbWaEANT9XFR7c8BmNdh/Jwey
Sts4pMi66kwwOcMCm0PEt02Dv225DX/b4unxwE0ZgRvOwGQd8nbjuOkrEvZbI96g
6Zu6Dqu3RIhftby7OhoHh7UaXUOr1CtDNVAi0esyrbIizz5ChwfiVjM0UU00h0k/
ELypJs/5+VQNRDr0Mu5/eT3XgAXNwvTyKErzVYXnUVYmA/9O2S3CH1aYj30FLopR
hZZncc7eOtUT7zlOllHfRiUo21MKGoaNyc/0BNJd/zzJ57rvNG+u1DTnaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8lAGmOyH7jz/3qL5apFFr5msXbMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsEVfW3gm
9autz4dyXrqM69qYzSvaf1uYQsgFsS/vGo+Yd7+dp36mSRqPG90xGTHmXE9Z/QYm
f6KdIVGBezMdVDJ0LFIrrsEEpdGzA+SwhhRCd6Gbfd/y0oPbWkKdH1RvH4lKyaVB
dC+7ogk220nY1vIMlroHA6d1mfJX4YGfWM4CZrShKb+fVoIJebVgIz2DkT7K0sMc
yVH3T3In+0lJjM7RzM8R4h84xa2auHHPdI/xLhtJ4539+Eu45dlGePFMJIeNeLVF
xGEM42s/ZLWKKHJaTSLTBnNgyUWWXK8AHG897r/XvQ8qu6eVMNAe+JLNYK8R5G+w
qXi3lmtPemcrSQ==
-----END CERTIFICATE-----