Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          22daw/2TLDOn/WHXvO5TCy9eHRCL0X4cH0ElVSKWyoo=
Subject key identifier:   28:67:33:7E:D1:C7:D9:41:F9:B4:2F:4B:24:D2:55:BB:10:80:5C:B8
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       019892C9A0939DA11DA42BAFA9540B9F4034
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          04C8
Signing time:             Sun 10 Aug 2025 07:02:24 +0000
Manifest this update:     Sun 10 Aug 2025 07:02:24 +0000
Manifest next update:     Mon 11 Aug 2025 07:02:24 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: +BV2zhDsVKbu7tKxsbhbnNeOU0O2hrmst9L9NHZPpMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c9:a0:93:9d:a1:1d:a4:2b:af:a9:54:0b:9f:40:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Aug 10 07:02:24 2025 GMT
            Not After : Aug 11 07:02:24 2025 GMT
        Subject: CN=2867337ed1c7d941f9b42f4b24d255bb10805cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:92:0d:f1:cb:55:4b:4c:44:36:ff:ac:f8:34:
                    11:ce:d0:d2:cc:1d:fd:1f:1a:fd:b5:43:50:52:68:
                    41:90:89:0d:89:20:7e:8c:51:82:ec:18:08:70:cd:
                    6e:a6:db:2c:9f:e6:12:27:56:22:e8:90:35:43:33:
                    37:1f:38:f0:f4:62:5c:dd:60:46:13:03:ec:e0:bd:
                    8b:93:c0:3c:0d:df:8d:4d:33:0c:80:84:35:f1:1d:
                    fe:c1:e8:86:3c:e2:1c:b3:e6:fa:6f:47:c1:8f:35:
                    9f:3f:06:36:79:36:f1:fc:26:ef:b4:49:86:fb:31:
                    19:79:6d:8e:3c:7b:34:f7:2f:64:f6:95:dd:18:4b:
                    8e:44:ef:73:27:cb:55:48:30:b8:d1:76:87:b6:13:
                    bd:aa:96:e3:a6:67:7e:cf:de:05:37:92:f5:44:aa:
                    fd:d6:24:55:f9:52:33:56:15:59:d5:89:c5:da:86:
                    ed:cf:3a:e8:08:4b:48:b3:c8:84:a2:75:fb:58:43:
                    a8:b7:85:51:d6:c1:2b:e4:b0:ec:15:c0:1b:04:4f:
                    b2:55:77:d7:56:a6:63:9d:6f:13:89:49:21:b1:bc:
                    e1:59:6a:f1:cc:2f:b2:6c:66:9c:80:6f:5d:2c:6f:
                    35:d3:9b:72:7b:37:6d:51:02:94:d9:4d:8e:d4:ef:
                    21:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:67:33:7E:D1:C7:D9:41:F9:B4:2F:4B:24:D2:55:BB:10:80:5C:B8
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:1e:73:95:0c:02:97:29:1e:38:b7:3b:bd:05:c1:88:49:c9:
         e0:fc:99:f0:a9:a5:ba:d8:91:a1:78:9b:d5:ee:ee:6f:41:2f:
         45:b5:f2:5f:6f:69:7c:72:53:af:5d:af:9a:dc:31:87:42:33:
         04:dd:a5:07:3d:1c:9d:a5:c3:23:55:11:86:5e:70:29:e2:c6:
         fe:3e:00:88:58:ac:67:bd:4b:56:a0:59:4d:c7:37:69:30:b5:
         5d:0b:cc:ed:9c:af:47:ef:fe:29:72:f5:ca:ee:77:35:b7:c0:
         de:97:35:fd:9a:14:4f:a5:0c:cb:98:78:ad:50:1c:fe:e7:7b:
         02:a2:f8:8d:13:85:23:a7:a0:06:72:0f:4a:35:71:6f:81:dd:
         d3:64:c1:46:de:4d:dc:85:0d:5d:d8:39:7c:93:c1:ba:aa:6e:
         8e:79:5f:bc:2e:d0:8c:45:90:dc:bc:93:13:5a:2c:17:bb:d0:
         1e:56:1f:9a:76:ec:c9:d7:60:e8:c0:0a:4f:44:a7:9c:57:c1:
         84:54:b7:a0:ff:49:90:bf:85:d0:a4:14:38:ca:2c:fd:cd:0c:
         97:e9:17:0f:64:bc:1b:bc:61:b0:7e:70:b1:40:a6:2a:5d:4a:
         50:06:32:b4:7e:5d:29:f4:13:34:43:fc:cc:04:6d:32:e4:bb:
         fe:26:31:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSyaCTnaEdpCuvqVQLn0A0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUwODEwMDcwMjI0WhcNMjUwODExMDcwMjI0WjAzMTEwLwYDVQQD
EygyODY3MzM3ZWQxYzdkOTQxZjliNDJmNGIyNGQyNTViYjEwODA1Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pIN8ctVS0xENv+s+DQRztDSzB39
Hxr9tUNQUmhBkIkNiSB+jFGC7BgIcM1uptssn+YSJ1Yi6JA1QzM3Hzjw9GJc3WBG
EwPs4L2Lk8A8Dd+NTTMMgIQ18R3+weiGPOIcs+b6b0fBjzWfPwY2eTbx/CbvtEmG
+zEZeW2OPHs09y9k9pXdGEuORO9zJ8tVSDC40XaHthO9qpbjpmd+z94FN5L1RKr9
1iRV+VIzVhVZ1YnF2obtzzroCEtIs8iEonX7WEOot4VR1sEr5LDsFcAbBE+yVXfX
VqZjnW8TiUkhsbzhWWrxzC+ybGacgG9dLG8105tyezdtUQKU2U2O1O8hwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChnM37Rx9lB+bQvSyTSVbsQgFy4MB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQB5zlQwC
lykeOLc7vQXBiEnJ4PyZ8KmlutiRoXib1e7ub0EvRbXyX29pfHJTr12vmtwxh0Iz
BN2lBz0cnaXDI1URhl5wKeLG/j4AiFisZ71LVqBZTcc3aTC1XQvM7ZyvR+/+KXL1
yu53NbfA3pc1/ZoUT6UMy5h4rVAc/ud7AqL4jROFI6egBnIPSjVxb4Hd02TBRt5N
3IUNXdg5fJPBuqpujnlfvC7QjEWQ3LyTE1osF7vQHlYfmnbsyddg6MAKT0SnnFfB
hFS3oP9JkL+F0KQUOMos/c0Ml+kXD2S8G7xhsH5wsUCmKl1KUAYytH5dKfQTNEP8
zARtMuS7/iYx8A==
-----END CERTIFICATE-----