Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
File:                     hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json)
Hash identifier:          MNZmhTvC0FP3WG4YjdPj/diMbJ1BX1UFZHewjrL+gyQ=
Subject key identifier:   32:C1:44:E2:84:6C:72:FD:B4:9B:9C:E6:6A:C8:55:36:CD:1E:8E:3D
Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45
Certificate issuer:       /CN=8431a999cbf040bd340d2935d89961b52f04a445
Certificate serial:       01976D3D4274BB7FE46C570F39902BDA1D9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
Manifest number:          08C1
Signing time:             Sat 14 Jun 2025 07:00:20 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:20 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:20 +0000
Files and hashes:         1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: +lxMrekUPffT7OGRzmehZhnwu1B7D2MU3U5EeP/eMHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:42:74:bb:7f:e4:6c:57:0f:39:90:2b:da:1d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445
        Validity
            Not Before: Jun 14 07:00:20 2025 GMT
            Not After : Jun 15 07:00:20 2025 GMT
        Subject: CN=32c144e2846c72fdb49b9ce66ac85536cd1e8e3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5b:0f:d6:74:ff:22:40:08:e1:dd:12:94:19:
                    59:4b:99:a8:55:31:ac:70:75:15:8f:3a:df:52:d4:
                    ce:a1:97:eb:3c:b6:5f:78:28:14:e0:65:f7:cf:76:
                    06:2e:ba:be:29:3c:c1:e5:b7:be:bb:a2:a5:87:3d:
                    b8:1e:94:1a:ad:32:df:42:0a:6e:41:9e:a4:37:3c:
                    e2:a4:41:08:16:29:8d:26:d0:f7:74:38:ac:ef:db:
                    1f:44:16:5f:9f:6c:60:5a:4b:91:37:04:df:df:e8:
                    f4:52:c0:a9:03:dc:be:6e:32:d9:f4:ad:76:b8:93:
                    7a:b2:ec:78:d8:b3:ba:a1:da:21:2c:94:ca:5f:b4:
                    f2:bd:09:d8:11:4e:ae:46:ed:e9:f2:1d:e0:2a:43:
                    b1:38:b5:f6:5f:53:e9:4f:6c:c7:be:45:60:56:04:
                    0f:b2:88:25:8a:49:14:9d:ed:09:2e:59:87:88:85:
                    20:ba:1f:64:d9:b1:f3:f1:24:d1:12:95:c7:a4:7d:
                    be:35:86:8f:30:9c:43:3b:25:31:ce:93:45:79:51:
                    d3:dc:3a:26:1d:7d:a6:82:16:b2:33:c0:c6:85:19:
                    c6:a2:6b:df:4c:2a:80:44:7c:17:76:ce:02:fa:d1:
                    e4:85:3a:d9:b9:3e:ce:d8:c8:cd:b2:8d:f0:0b:ef:
                    5a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:C1:44:E2:84:6C:72:FD:B4:9B:9C:E6:6A:C8:55:36:CD:1E:8E:3D
            X509v3 Authority Key Identifier:
                keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7a:85:84:46:db:8e:86:8f:5d:39:05:4a:69:86:b3:81:58:
         e9:1d:dd:a9:87:06:49:f0:cb:a4:e4:76:bb:d2:77:09:44:e9:
         99:e0:60:73:3b:04:21:3c:c1:30:58:3a:50:a6:a8:3e:6c:ec:
         cb:ee:ed:58:0d:51:e0:08:44:fa:85:0b:07:eb:07:db:0d:20:
         56:19:78:1f:7a:a5:54:11:45:2a:fc:06:e2:70:88:20:69:b9:
         0d:1a:8d:c8:4a:75:b2:f0:be:2c:82:16:d3:40:46:a7:76:2f:
         6c:a9:b1:fa:5e:3b:fb:b9:f2:f3:72:78:19:6a:7b:c0:50:bb:
         bd:5e:3d:dc:32:3e:66:68:69:bc:1b:cc:bc:db:0a:46:32:1f:
         24:db:37:07:87:c4:de:63:7d:13:4d:fd:81:b1:84:c2:64:7e:
         23:42:75:6b:21:67:08:dc:f5:1e:6f:1c:f8:0e:28:3b:f8:94:
         77:e7:11:ed:3a:dc:51:96:e3:52:e9:b0:18:2c:0f:d6:a4:52:
         b4:82:e2:86:c6:4c:6d:cf:d0:bd:8c:2e:79:58:45:1e:8d:2b:
         08:15:b6:6c:b7:fc:24:e4:30:40:a1:65:80:99:2a:c6:29:20:
         d5:a3:88:56:eb:cb:21:d6:05:3c:e8:75:9c:ca:17:4c:7c:ed:
         03:c2:53:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPUJ0u3/kbFcPOZAr2h2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw
NGE0NDUwHhcNMjUwNjE0MDcwMDIwWhcNMjUwNjE1MDcwMDIwWjAzMTEwLwYDVQQD
EygzMmMxNDRlMjg0NmM3MmZkYjQ5YjljZTY2YWM4NTUzNmNkMWU4ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1sP1nT/IkAI4d0SlBlZS5moVTGs
cHUVjzrfUtTOoZfrPLZfeCgU4GX3z3YGLrq+KTzB5be+u6Klhz24HpQarTLfQgpu
QZ6kNzzipEEIFimNJtD3dDis79sfRBZfn2xgWkuRNwTf3+j0UsCpA9y+bjLZ9K12
uJN6sux42LO6odohLJTKX7TyvQnYEU6uRu3p8h3gKkOxOLX2X1PpT2zHvkVgVgQP
soglikkUne0JLlmHiIUguh9k2bHz8STREpXHpH2+NYaPMJxDOyUxzpNFeVHT3Dom
HX2mghayM8DGhRnGomvfTCqARHwXds4C+tHkhTrZuT7O2MjNso3wC+9avQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLBROKEbHL9tJuc5mrIVTbNHo49MB8GA1UdIwQY
MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt
MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm
LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnqFhEbb
joaPXTkFSmmGs4FY6R3dqYcGSfDLpOR2u9J3CUTpmeBgczsEITzBMFg6UKaoPmzs
y+7tWA1R4AhE+oULB+sH2w0gVhl4H3qlVBFFKvwG4nCIIGm5DRqNyEp1svC+LIIW
00BGp3YvbKmx+l47+7ny83J4GWp7wFC7vV493DI+ZmhpvBvMvNsKRjIfJNs3B4fE
3mN9E039gbGEwmR+I0J1ayFnCNz1Hm8c+A4oO/iUd+cR7TrcUZbjUumwGCwP1qRS
tILihsZMbc/QvYwueVhFHo0rCBW2bLf8JOQwQKFlgJkqxikg1aOIVuvLIdYFPOh1
nMoXTHztA8JTYA==
-----END CERTIFICATE-----