Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
File:                     hVLmDnmh3nUzQ9eBW4cMloDArn8.mft (raw, json)
Hash identifier:          93xL7EL/0dpSHL1RhQhYms8ThWdcHRgowVP091KB4SQ=
Subject key identifier:   7C:9C:3C:A4:A5:49:84:CB:17:A2:BA:E6:D6:60:54:10:DC:CB:97:44
Authority key identifier: 85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F
Certificate issuer:       /CN=8552e60e79a1de753343d7815b870c9680c0ae7f
Certificate serial:       019778D49C3C46DB7F793CBB45F32DFA1EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
Manifest number:          0B66
Signing time:             Mon 16 Jun 2025 13:01:28 +0000
Manifest this update:     Mon 16 Jun 2025 13:01:28 +0000
Manifest next update:     Tue 17 Jun 2025 13:01:28 +0000
Files and hashes:         1: hVLmDnmh3nUzQ9eBW4cMloDArn8.crl (hash: 3IXFWom/eGNwAB83Za7TI0oiXpXR1Hbw0yDNhrBxie8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:d4:9c:3c:46:db:7f:79:3c:bb:45:f3:2d:fa:1e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8552e60e79a1de753343d7815b870c9680c0ae7f
        Validity
            Not Before: Jun 16 13:01:28 2025 GMT
            Not After : Jun 17 13:01:28 2025 GMT
        Subject: CN=7c9c3ca4a54984cb17a2bae6d6605410dccb9744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:47:e9:38:6d:53:ea:1d:0f:a3:b9:0c:5d:26:
                    95:50:ac:31:d6:25:a6:6a:3b:69:e4:20:ba:44:be:
                    37:ff:36:63:0a:e0:49:15:0c:eb:7b:50:4f:b7:f2:
                    55:04:85:49:2a:da:7a:83:92:20:4b:7e:c7:e0:8c:
                    47:f7:89:9e:67:fb:30:ca:e5:d6:50:90:d0:93:91:
                    9d:28:68:1e:22:86:62:4a:9d:70:31:e0:8d:41:c3:
                    a4:6f:8d:de:e9:84:e8:59:cf:bf:f9:9f:c8:89:22:
                    60:90:4e:cd:59:08:dd:f1:97:fd:9c:a5:4c:70:6c:
                    86:de:c8:77:cc:d4:c5:df:3f:fd:6f:ce:4a:50:6c:
                    e2:07:6e:23:bc:f9:73:41:a0:fe:eb:7a:8f:0f:b1:
                    5a:0e:43:73:41:09:ff:8c:4c:7b:54:88:6d:37:4a:
                    20:59:a7:ea:77:81:63:ec:73:ad:a0:6d:b4:d0:89:
                    de:89:86:8e:3c:93:7c:de:14:27:fc:b2:be:47:ad:
                    7d:dc:42:2d:ec:4f:c5:8e:20:1b:8d:0b:e0:68:e4:
                    4e:26:fb:dc:2f:77:59:e7:06:76:cc:f1:94:37:24:
                    a1:f7:89:67:0d:6b:5b:3a:25:07:2c:1b:16:fc:29:
                    5d:e9:74:51:27:ba:b5:61:72:75:48:15:9b:eb:1b:
                    c1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:9C:3C:A4:A5:49:84:CB:17:A2:BA:E6:D6:60:54:10:DC:CB:97:44
            X509v3 Authority Key Identifier:
                keyid:85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:af:6f:0b:24:1e:52:f9:ea:d9:be:4a:19:ce:19:ef:bf:80:
         04:a6:d0:f5:bd:f0:22:4b:38:40:30:fa:1a:fc:04:7b:33:f9:
         13:1f:9f:ce:5c:0e:3e:36:f6:02:4d:52:35:3b:c6:46:14:35:
         0d:9f:58:10:7a:dc:c8:0d:81:5d:fc:6e:26:fb:5c:6b:37:f7:
         ec:0f:26:dd:53:06:8f:9b:52:84:e5:ee:ac:53:f9:a1:d4:0e:
         84:60:8f:45:c9:34:f2:88:aa:ab:cd:3e:ea:99:8d:69:b1:de:
         6d:42:91:08:e7:17:5d:70:cd:10:76:4a:61:06:ae:28:25:a1:
         93:ab:af:52:e0:44:ea:88:6e:c6:8d:d1:c1:cf:08:e1:e3:6c:
         7a:c1:0a:31:ee:7f:ac:7c:e1:23:ad:e8:d5:d0:f7:30:2e:6c:
         38:e6:6f:db:df:0e:f6:93:30:1a:7e:6f:ea:32:2b:98:5c:6d:
         cf:71:7e:c2:ac:29:51:89:eb:cc:8b:88:30:dd:8c:94:59:6a:
         b6:05:74:3e:45:fe:0f:1a:97:bc:f8:1c:5e:8d:19:03:b0:c2:
         c0:5a:43:31:9b:f6:0d:4b:5e:c6:78:ed:66:5e:0f:94:46:7f:
         ba:66:30:de:ab:3c:67:b3:d5:ee:88:cc:5e:9a:58:5f:51:56:
         ca:a0:17:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd41Jw8Rtt/eTy7RfMt+h6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTJlNjBlNzlhMWRlNzUzMzQzZDc4MTViODcwYzk2ODBj
MGFlN2YwHhcNMjUwNjE2MTMwMTI4WhcNMjUwNjE3MTMwMTI4WjAzMTEwLwYDVQQD
Eyg3YzljM2NhNGE1NDk4NGNiMTdhMmJhZTZkNjYwNTQxMGRjY2I5NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokfpOG1T6h0Po7kMXSaVUKwx1iWm
ajtp5CC6RL43/zZjCuBJFQzre1BPt/JVBIVJKtp6g5IgS37H4IxH94meZ/swyuXW
UJDQk5GdKGgeIoZiSp1wMeCNQcOkb43e6YToWc+/+Z/IiSJgkE7NWQjd8Zf9nKVM
cGyG3sh3zNTF3z/9b85KUGziB24jvPlzQaD+63qPD7FaDkNzQQn/jEx7VIhtN0og
Wafqd4Fj7HOtoG200IneiYaOPJN83hQn/LK+R6193EIt7E/FjiAbjQvgaOROJvvc
L3dZ5wZ2zPGUNySh94lnDWtbOiUHLBsW/Cld6XRRJ7q1YXJ1SBWb6xvBWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHycPKSlSYTLF6K65tZgVBDcy5dEMB8GA1UdIwQY
MBaAFIVS5g55od51M0PXgVuHDJaAwK5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEt
OWZmYTYwZGI4ZjcxLzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEtOWZmYTYwZGI4Zjcx
LzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM69vCyQe
Uvnq2b5KGc4Z77+ABKbQ9b3wIks4QDD6GvwEezP5Ex+fzlwOPjb2Ak1SNTvGRhQ1
DZ9YEHrcyA2BXfxuJvtcazf37A8m3VMGj5tShOXurFP5odQOhGCPRck08oiqq80+
6pmNabHebUKRCOcXXXDNEHZKYQauKCWhk6uvUuBE6ohuxo3Rwc8I4eNsesEKMe5/
rHzhI63o1dD3MC5sOOZv298O9pMwGn5v6jIrmFxtz3F+wqwpUYnrzIuIMN2MlFlq
tgV0PkX+DxqXvPgcXo0ZA7DCwFpDMZv2DUtexnjtZl4PlEZ/umYw3qs8Z7PV7ojM
XppYX1FWyqAXqQ==
-----END CERTIFICATE-----