Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
File:                     RUH1XBZZBCT7NMZeDi6sIogkcNs.mft (raw, json)
Hash identifier:          Mu7UZmqpco66kBh7X9SYAD9DapT77U0gmrjmVz9G2R0=
Subject key identifier:   64:52:A7:4B:B9:C5:6F:78:1D:15:2D:F3:66:76:99:B9:BB:8D:46:67
Authority key identifier: 45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB
Certificate issuer:       /CN=4541f55c16590424fb34c65e0e2eac22882470db
Certificate serial:       019896A4AC8840B207F1CCCA67A1FFEF120D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
Manifest number:          0669
Signing time:             Mon 11 Aug 2025 01:00:31 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:31 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:31 +0000
Files and hashes:         1: RUH1XBZZBCT7NMZeDi6sIogkcNs.crl (hash: HcPFeNhLR8+zK8mIk328VLqI43V0RsR7zhRbvB7oeEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:ac:88:40:b2:07:f1:cc:ca:67:a1:ff:ef:12:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4541f55c16590424fb34c65e0e2eac22882470db
        Validity
            Not Before: Aug 11 01:00:31 2025 GMT
            Not After : Aug 12 01:00:31 2025 GMT
        Subject: CN=6452a74bb9c56f781d152df3667699b9bb8d4667
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:9e:3e:0b:02:8c:5b:31:90:b6:32:02:d8:
                    4b:8e:33:b9:0f:c4:69:70:63:c1:31:2a:4e:e6:62:
                    79:d7:03:0f:cc:6e:b0:63:8b:da:49:4b:a3:e5:38:
                    86:cf:86:38:c5:8e:dc:25:b8:05:03:9f:bb:a7:08:
                    af:07:ba:8d:99:86:ef:aa:95:7e:66:8f:43:59:79:
                    51:a4:f5:cc:77:4a:86:47:11:c4:e2:d3:85:75:d7:
                    99:56:e6:ba:4f:82:ab:00:0f:0a:9e:78:3e:72:c9:
                    af:63:94:16:ce:0b:b8:39:5e:9b:87:d0:c7:7b:a8:
                    33:1c:dd:b5:f1:6d:f1:0e:8d:7e:d1:8f:64:5a:30:
                    5a:88:c0:09:b3:9e:c1:3d:f6:48:87:e7:d3:6b:38:
                    bb:57:60:35:2b:ce:ad:45:87:85:c2:46:d3:3f:2b:
                    7c:c7:5c:45:af:43:cb:0e:86:e3:47:68:72:59:94:
                    db:3d:f0:9f:69:94:01:a0:3b:eb:c2:88:22:10:45:
                    b2:2d:cc:54:41:b8:35:ee:ae:9c:6e:cd:bd:51:1e:
                    cd:d3:77:a9:25:11:cc:50:4a:68:68:42:67:9a:b1:
                    8d:fa:80:69:b5:62:b8:ec:44:1a:59:84:a7:7f:ea:
                    96:2f:95:00:cf:83:f4:6b:c9:b7:cb:b7:97:86:a5:
                    32:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:52:A7:4B:B9:C5:6F:78:1D:15:2D:F3:66:76:99:B9:BB:8D:46:67
            X509v3 Authority Key Identifier:
                keyid:45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b2:1c:eb:a7:04:cc:a0:36:cd:e3:70:e0:14:9b:35:53:ae:
         f1:c2:51:9e:bc:40:44:57:e1:5d:d7:83:86:a6:58:5c:cd:5f:
         48:6c:1c:df:f7:3f:e8:04:4b:4b:64:3a:d5:7f:64:e2:08:d2:
         84:d4:9a:6d:f2:73:a6:39:63:76:4b:39:c4:9c:4a:3f:f7:e2:
         23:cf:2d:b8:60:a3:06:97:61:29:b4:37:3b:37:cc:4c:9a:b9:
         9a:05:82:34:75:21:93:7c:d1:1e:99:12:1a:c1:44:ad:32:69:
         20:f8:27:7a:30:13:14:4f:9b:70:47:db:5c:72:3d:0e:76:89:
         a5:b2:14:3c:6c:6f:b1:91:57:66:94:8d:62:31:af:49:d5:b3:
         e8:b7:45:9b:15:82:76:c0:a9:73:76:e0:bc:e5:37:9e:20:60:
         8f:80:96:56:e9:98:51:2a:3a:5e:e8:9e:b8:d3:cc:00:5c:7e:
         8d:28:c9:9f:5a:d4:e5:f2:41:7e:82:3c:cc:46:2e:61:3a:09:
         d6:7d:af:cd:3d:16:70:a6:38:42:31:d2:98:57:90:f0:e4:11:
         d7:eb:a9:e0:61:c3:3b:77:46:af:8d:fe:c9:84:af:f7:72:53:
         af:ef:01:87:0f:af:ed:c2:fd:39:af:0b:36:fd:fa:c2:90:ea:
         f4:cd:1e:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpKyIQLIH8czKZ6H/7xINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDFmNTVjMTY1OTA0MjRmYjM0YzY1ZTBlMmVhYzIyODgy
NDcwZGIwHhcNMjUwODExMDEwMDMxWhcNMjUwODEyMDEwMDMxWjAzMTEwLwYDVQQD
Eyg2NDUyYTc0YmI5YzU2Zjc4MWQxNTJkZjM2Njc2OTliOWJiOGQ0NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWaePgsCjFsxkLYyAthLjjO5D8Rp
cGPBMSpO5mJ51wMPzG6wY4vaSUuj5TiGz4Y4xY7cJbgFA5+7pwivB7qNmYbvqpV+
Zo9DWXlRpPXMd0qGRxHE4tOFddeZVua6T4KrAA8Knng+csmvY5QWzgu4OV6bh9DH
e6gzHN218W3xDo1+0Y9kWjBaiMAJs57BPfZIh+fTazi7V2A1K86tRYeFwkbTPyt8
x1xFr0PLDobjR2hyWZTbPfCfaZQBoDvrwogiEEWyLcxUQbg17q6cbs29UR7N03ep
JRHMUEpoaEJnmrGN+oBptWK47EQaWYSnf+qWL5UAz4P0a8m3y7eXhqUyMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRSp0u5xW94HRUt82Z2mbm7jUZnMB8GA1UdIwQY
MBaAFEVB9VwWWQQk+zTGXg4urCKIJHDbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQt
Nzg5ZDA3YzE5ODA4LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQtNzg5ZDA3YzE5ODA4
LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7Ic66cE
zKA2zeNw4BSbNVOu8cJRnrxARFfhXdeDhqZYXM1fSGwc3/c/6ARLS2Q61X9k4gjS
hNSabfJzpjljdks5xJxKP/fiI88tuGCjBpdhKbQ3OzfMTJq5mgWCNHUhk3zRHpkS
GsFErTJpIPgnejATFE+bcEfbXHI9DnaJpbIUPGxvsZFXZpSNYjGvSdWz6LdFmxWC
dsCpc3bgvOU3niBgj4CWVumYUSo6XuieuNPMAFx+jSjJn1rU5fJBfoI8zEYuYToJ
1n2vzT0WcKY4QjHSmFeQ8OQR1+up4GHDO3dGr43+yYSv93JTr+8Bhw+v7cL9Oa8L
Nv36wpDq9M0efQ==
-----END CERTIFICATE-----