Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          LTDPJe6CXLBRK4QmUR6WcIp9N9dTdyBbtyA0Iwt29Ac=
Subject key identifier:   67:1D:AF:5F:33:82:97:21:67:F8:D6:CB:A5:DD:4E:D7:D8:6E:61:C3
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       01974C694E14AA41D034E50DF8D87FD98F57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          0EC3
Signing time:             Sat 07 Jun 2025 22:00:59 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:59 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:59 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: RtyOrDrTeD6UWsTeIP8s/O6cSmXF4uwsStx/H85syjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:4e:14:aa:41:d0:34:e5:0d:f8:d8:7f:d9:8f:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Jun  7 22:00:59 2025 GMT
            Not After : Jun  8 22:00:59 2025 GMT
        Subject: CN=671daf5f3382972167f8d6cba5dd4ed7d86e61c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:c1:66:5b:da:d1:23:5e:03:70:fb:d7:b0:67:
                    80:d3:10:04:e1:60:13:1d:0a:54:b2:17:b9:19:a5:
                    aa:82:39:f1:3e:19:1a:f6:cc:ad:53:88:6b:6f:0e:
                    f3:f7:da:38:ad:74:94:22:fc:26:19:0f:a7:a0:95:
                    dd:1e:f1:60:b5:75:4d:16:bd:d6:f2:50:1d:e9:3c:
                    af:66:a7:82:be:1c:68:e8:79:b8:cf:8d:43:c1:10:
                    7e:1f:4f:c5:88:53:1d:2a:51:24:f7:9f:5a:7b:83:
                    27:26:47:1d:a4:2f:1a:6b:57:e6:cd:2e:a7:ca:27:
                    bf:fc:a0:22:26:05:d1:95:2e:5f:7b:73:f2:22:8a:
                    13:91:6c:6d:40:ec:ed:5f:05:e3:ec:3b:91:6c:79:
                    89:db:db:b8:be:23:60:94:7b:4c:f9:bc:b8:f3:e3:
                    33:ad:de:76:6c:1c:18:0f:7f:9e:ba:3a:f3:a9:10:
                    52:dd:aa:07:76:77:2b:c3:4a:17:02:7a:98:9a:e4:
                    54:52:87:1f:2c:f8:fc:13:fb:89:63:f7:4b:3a:20:
                    01:cc:ff:db:44:cd:7e:6f:8f:17:4b:15:9f:5f:9e:
                    c3:90:aa:39:85:f5:93:c4:88:a4:e5:5c:ee:e7:69:
                    85:94:a4:e0:32:6b:91:79:f7:e7:47:8d:33:e7:71:
                    0c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:1D:AF:5F:33:82:97:21:67:F8:D6:CB:A5:DD:4E:D7:D8:6E:61:C3
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:89:5d:80:45:30:f0:18:97:bd:ad:d0:a9:ea:3e:ca:ae:c0:
         ff:5e:45:fd:e3:9a:d4:73:8d:45:d9:5a:1a:93:a3:d7:d1:8c:
         64:28:12:b7:08:cb:17:d2:60:5c:dd:31:ba:5e:89:28:a3:5b:
         ec:2e:d1:3b:82:4f:77:16:27:0a:ac:47:31:92:34:74:7a:f4:
         3f:dd:e3:17:98:18:b6:2a:54:d3:1e:ea:8e:10:88:90:84:4f:
         27:0b:d2:bf:99:2f:4b:f4:03:e6:8c:f7:fb:27:35:af:40:cb:
         1c:ee:cf:99:bc:0d:0c:76:ed:03:c6:12:0b:ab:2c:61:09:76:
         27:ce:42:2d:9f:f9:11:a0:13:11:58:35:a6:57:b9:14:9f:6e:
         65:f7:39:3f:bc:e7:ef:a6:55:6a:6e:ce:dc:da:e2:f8:b2:97:
         86:cd:eb:4a:c6:e5:e7:3f:7d:5f:d3:30:0d:0e:37:81:c5:61:
         d7:d1:23:33:be:97:4d:43:20:bd:ef:a0:85:ea:f1:2c:7e:a3:
         44:7e:01:8c:d8:f7:94:a5:52:8f:9c:a6:5f:3c:89:f0:e2:90:
         b3:0a:6a:6b:4a:45:41:6b:ac:18:1d:e3:e3:95:76:5f:29:11:
         8e:43:bb:90:83:2d:f8:52:17:01:c1:6f:84:5e:88:d9:bd:33:
         4d:b7:d1:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaU4UqkHQNOUN+Nh/2Y9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjUwNjA3MjIwMDU5WhcNMjUwNjA4MjIwMDU5WjAzMTEwLwYDVQQD
Eyg2NzFkYWY1ZjMzODI5NzIxNjdmOGQ2Y2JhNWRkNGVkN2Q4NmU2MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MFmW9rRI14DcPvXsGeA0xAE4WAT
HQpUshe5GaWqgjnxPhka9sytU4hrbw7z99o4rXSUIvwmGQ+noJXdHvFgtXVNFr3W
8lAd6TyvZqeCvhxo6Hm4z41DwRB+H0/FiFMdKlEk959ae4MnJkcdpC8aa1fmzS6n
yie//KAiJgXRlS5fe3PyIooTkWxtQOztXwXj7DuRbHmJ29u4viNglHtM+by48+Mz
rd52bBwYD3+eujrzqRBS3aoHdncrw0oXAnqYmuRUUocfLPj8E/uJY/dLOiABzP/b
RM1+b48XSxWfX57DkKo5hfWTxIik5Vzu52mFlKTgMmuReffnR40z53EM3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcdr18zgpchZ/jWy6XdTtfYbmHDMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvoldgEUw
8BiXva3Qqeo+yq7A/15F/eOa1HONRdlaGpOj19GMZCgStwjLF9JgXN0xul6JKKNb
7C7RO4JPdxYnCqxHMZI0dHr0P93jF5gYtipU0x7qjhCIkIRPJwvSv5kvS/QD5oz3
+yc1r0DLHO7PmbwNDHbtA8YSC6ssYQl2J85CLZ/5EaATEVg1ple5FJ9uZfc5P7zn
76ZVam7O3Nri+LKXhs3rSsbl5z99X9MwDQ43gcVh19EjM76XTUMgve+gherxLH6j
RH4BjNj3lKVSj5ymXzyJ8OKQswpqa0pFQWusGB3j45V2XykRjkO7kIMt+FIXAcFv
hF6I2b0zTbfRgA==
-----END CERTIFICATE-----