Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          uuDDkGvYdZaT7j41SDQBv5twuL+sp98OyDgW0lxeW0g=
Subject key identifier:   12:F0:7B:D7:83:6C:30:B1:14:13:F6:E3:16:8D:29:81:80:CE:3C:7B
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019748FA6CC26680C7B4DD20F08660BB6DE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          1577
Signing time:             Sat 07 Jun 2025 06:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:00 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: hDugBbgQskkVeZKvkVdOKUmGxHok5spqV8dxchK6yXQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:6c:c2:66:80:c7:b4:dd:20:f0:86:60:bb:6d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Jun  7 06:01:00 2025 GMT
            Not After : Jun  8 06:01:00 2025 GMT
        Subject: CN=12f07bd7836c30b11413f6e3168d298180ce3c7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0b:c5:5f:cb:e3:5f:a8:47:35:8b:37:64:f1:
                    5e:85:46:64:51:61:a5:5e:01:aa:fd:2a:d3:e7:e1:
                    ff:01:fc:e7:cb:f8:83:f6:67:03:8e:c8:f4:11:f0:
                    6c:a1:3c:48:55:5c:39:cb:01:4f:43:14:61:6a:76:
                    9c:45:05:1a:a7:60:89:7d:3f:3f:b0:f1:07:d8:78:
                    6b:15:1c:64:21:16:35:e6:38:92:99:ab:db:94:17:
                    f9:84:6a:29:df:0e:cf:19:5c:98:74:d5:50:fb:81:
                    50:ee:1f:d1:f9:bc:52:39:0d:68:62:44:2a:34:ab:
                    0d:45:a7:80:86:d8:9d:a4:36:f6:06:55:60:b9:1e:
                    57:83:83:de:3c:8b:93:55:f5:76:65:1b:89:8f:8d:
                    76:be:d8:ff:c1:f0:30:f9:8d:94:aa:97:79:c1:6b:
                    79:74:d2:ac:b6:0a:ae:3a:76:db:91:83:c8:1b:b2:
                    7c:f9:f9:56:9a:ec:71:16:5e:7e:7a:d8:5c:fb:2d:
                    d6:0e:4c:bf:f3:ee:46:28:24:da:73:73:72:5b:53:
                    dd:9f:9e:47:8a:48:6d:bf:df:fd:8b:e5:87:7c:74:
                    49:73:61:fd:48:80:9b:95:82:b1:3f:d7:49:30:1c:
                    a8:fa:ca:03:f3:bb:f3:b0:b8:7a:7a:59:4c:4c:a1:
                    be:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:F0:7B:D7:83:6C:30:B1:14:13:F6:E3:16:8D:29:81:80:CE:3C:7B
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:7c:2e:28:28:1a:e9:5e:e3:e6:64:9f:44:eb:71:f5:0e:46:
         7e:12:05:63:fa:da:e9:4e:5e:ec:27:32:d1:0d:d1:98:12:f9:
         cf:47:d0:da:7e:b4:d6:f5:10:30:bd:e4:dc:8c:2d:92:c6:74:
         3b:27:17:eb:d3:9a:22:97:c4:21:82:05:30:4b:59:a2:31:3c:
         10:76:f3:46:5e:5a:fa:06:55:40:e6:37:84:30:7c:ed:5d:a5:
         d7:19:9d:51:4b:8c:0d:38:9f:53:8a:8c:db:3d:fa:1a:97:a8:
         2a:8a:ac:d4:40:e4:96:8f:95:bd:f1:d6:47:51:14:27:41:af:
         39:22:0d:45:d8:42:17:15:54:bb:02:86:62:38:d3:76:87:61:
         c0:51:df:26:0d:e6:b7:17:ff:ee:fe:67:8d:ac:08:00:f2:3c:
         d1:6e:a8:36:52:bd:d5:10:9c:0e:6c:0c:fd:c6:0f:75:17:87:
         b7:f5:d9:da:36:1b:7a:42:28:00:5a:01:13:51:a7:e0:30:c7:
         64:76:3b:91:8f:3f:e8:6e:6c:2b:e7:91:71:1c:75:14:d8:f3:
         f3:c5:ad:ff:3f:e0:3c:eb:87:96:ec:d3:d6:43:59:61:f7:3b:
         9c:2f:22:2a:2f:2b:1f:e0:26:c3:72:b3:b1:d6:7c:e3:61:68:
         6f:47:78:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+mzCZoDHtN0g8IZgu23oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNjA3MDYwMTAwWhcNMjUwNjA4MDYwMTAwWjAzMTEwLwYDVQQD
EygxMmYwN2JkNzgzNmMzMGIxMTQxM2Y2ZTMxNjhkMjk4MTgwY2UzYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAvFX8vjX6hHNYs3ZPFehUZkUWGl
XgGq/SrT5+H/Afzny/iD9mcDjsj0EfBsoTxIVVw5ywFPQxRhanacRQUap2CJfT8/
sPEH2HhrFRxkIRY15jiSmavblBf5hGop3w7PGVyYdNVQ+4FQ7h/R+bxSOQ1oYkQq
NKsNRaeAhtidpDb2BlVguR5Xg4PePIuTVfV2ZRuJj412vtj/wfAw+Y2Uqpd5wWt5
dNKstgquOnbbkYPIG7J8+flWmuxxFl5+ethc+y3WDky/8+5GKCTac3NyW1Pdn55H
ikhtv9/9i+WHfHRJc2H9SICblYKxP9dJMByo+soD87vzsLh6ellMTKG+PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLwe9eDbDCxFBP24xaNKYGAzjx7MB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3wuKCga
6V7j5mSfROtx9Q5GfhIFY/ra6U5e7Ccy0Q3RmBL5z0fQ2n601vUQML3k3IwtksZ0
OycX69OaIpfEIYIFMEtZojE8EHbzRl5a+gZVQOY3hDB87V2l1xmdUUuMDTifU4qM
2z36GpeoKoqs1EDklo+VvfHWR1EUJ0GvOSINRdhCFxVUuwKGYjjTdodhwFHfJg3m
txf/7v5njawIAPI80W6oNlK91RCcDmwM/cYPdReHt/XZ2jYbekIoAFoBE1Gn4DDH
ZHY7kY8/6G5sK+eRcRx1FNjz88Wt/z/gPOuHluzT1kNZYfc7nC8iKi8rH+Amw3Kz
sdZ842Fob0d4zQ==
-----END CERTIFICATE-----