Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          yhXgehJz5ghgqQdDK1eK1TtJ9FYzXinjWu4hc82fxek=
Subject key identifier:   66:2F:36:58:10:EF:E0:1D:16:5B:00:A8:55:9F:8A:5C:4F:67:05:2D
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       01978B7ED1FBEF9DA176D2DC6660D8135D78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0C7E
Signing time:             Fri 20 Jun 2025 04:00:33 +0000
Manifest this update:     Fri 20 Jun 2025 04:00:33 +0000
Manifest next update:     Sat 21 Jun 2025 04:00:33 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: WT/83/rtmXGsSW4nghkRB4XM1Zun2iJbmMtgkrv6/KA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 21 Jun 2025 04:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:8b:7e:d1:fb:ef:9d:a1:76:d2:dc:66:60:d8:13:5d:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Jun 20 04:00:33 2025 GMT
            Not After : Jun 21 04:00:33 2025 GMT
        Subject: CN=662f365810efe01d165b00a8559f8a5c4f67052d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c0:9b:b6:a9:09:fb:5b:27:cc:de:fc:6c:50:
                    5a:80:e9:43:dc:f0:5c:72:b3:e5:2d:d0:f5:97:42:
                    36:4f:ea:47:46:5c:75:ba:16:6c:ac:ca:53:50:e8:
                    3c:b7:2e:ec:b7:90:63:f6:af:a9:a3:cd:28:84:3d:
                    1f:e4:c1:72:ad:57:f1:66:61:0c:6d:80:9c:6f:9c:
                    f9:98:cd:0b:e0:a5:c2:4e:22:c8:55:48:cb:1d:2f:
                    a4:90:87:ed:92:f5:11:7f:24:c9:b7:d5:70:22:00:
                    d8:03:e4:f3:9a:ca:8d:5d:ba:92:38:43:25:96:78:
                    21:16:80:0a:04:04:3a:3b:9d:54:4c:5a:54:2a:e3:
                    6b:60:63:55:c5:19:8d:08:6d:94:04:c6:5b:be:f6:
                    15:aa:92:f4:ee:57:4b:64:59:fa:d0:7d:97:9d:6b:
                    ab:05:3a:3c:9d:22:31:99:c4:93:d5:0c:1e:cf:19:
                    c1:c2:a5:b1:07:5e:9b:44:0a:75:dd:f7:48:0f:e8:
                    78:37:f2:eb:9f:cd:b6:de:f3:b7:85:6f:21:45:e3:
                    9e:53:15:6c:71:6b:6c:92:99:4e:56:18:01:e5:70:
                    06:8c:25:e6:db:e5:ee:26:3d:76:b9:a4:be:78:0f:
                    de:04:8a:88:14:3d:35:0c:21:83:f8:e0:1f:d3:00:
                    1e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:2F:36:58:10:EF:E0:1D:16:5B:00:A8:55:9F:8A:5C:4F:67:05:2D
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:58:8a:35:0a:b4:3d:e0:d0:82:a7:5f:e4:74:4e:b7:2c:0c:
         ee:2f:61:62:2a:a1:58:bf:1b:4e:ee:10:46:9f:ff:4c:21:e1:
         6f:83:b9:47:7c:a6:77:4b:ae:d1:50:b3:f1:3d:b5:07:2b:2c:
         a2:bc:49:fe:63:1b:90:36:83:24:73:b8:d6:a4:80:31:2a:1c:
         c0:03:28:74:ab:d8:55:cf:7d:db:4f:cd:2b:f5:05:79:c5:1c:
         5d:71:9d:ac:4b:23:14:a0:07:03:dc:fd:65:13:86:99:55:50:
         df:81:10:75:72:57:69:b2:21:95:73:81:45:7f:22:e9:06:e5:
         c1:d5:4b:4e:30:89:a8:79:ca:2e:d5:ee:c9:81:77:68:71:0d:
         2a:d8:0b:c4:72:7c:4c:58:be:57:7e:d5:0e:ac:c2:7f:77:e8:
         c9:f0:74:f9:b6:17:5e:00:cc:df:d3:6d:77:83:ba:86:26:75:
         aa:0e:09:82:b4:f3:93:e0:aa:87:94:d5:4c:f4:a8:d2:c3:a6:
         0a:8b:49:77:96:86:10:1d:a2:dd:e5:f2:8f:e2:ea:01:82:3e:
         cc:32:e0:74:07:de:44:7f:2f:95:93:ef:60:a7:26:94:11:16:
         a1:14:f4:6d:3f:17:b6:d2:32:a1:b2:ff:a2:7b:2f:79:3b:69:
         40:c3:0c:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeLftH7752hdtLcZmDYE114MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUwNjIwMDQwMDMzWhcNMjUwNjIxMDQwMDMzWjAzMTEwLwYDVQQD
Eyg2NjJmMzY1ODEwZWZlMDFkMTY1YjAwYTg1NTlmOGE1YzRmNjcwNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMCbtqkJ+1snzN78bFBagOlD3PBc
crPlLdD1l0I2T+pHRlx1uhZsrMpTUOg8ty7st5Bj9q+po80ohD0f5MFyrVfxZmEM
bYCcb5z5mM0L4KXCTiLIVUjLHS+kkIftkvURfyTJt9VwIgDYA+TzmsqNXbqSOEMl
lnghFoAKBAQ6O51UTFpUKuNrYGNVxRmNCG2UBMZbvvYVqpL07ldLZFn60H2XnWur
BTo8nSIxmcST1QwezxnBwqWxB16bRAp13fdID+h4N/Lrn8223vO3hW8hReOeUxVs
cWtskplOVhgB5XAGjCXm2+XuJj12uaS+eA/eBIqIFD01DCGD+OAf0wAeGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYvNlgQ7+AdFlsAqFWfilxPZwUtMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWliKNQq0
PeDQgqdf5HROtywM7i9hYiqhWL8bTu4QRp//TCHhb4O5R3ymd0uu0VCz8T21Byss
orxJ/mMbkDaDJHO41qSAMSocwAModKvYVc9920/NK/UFecUcXXGdrEsjFKAHA9z9
ZROGmVVQ34EQdXJXabIhlXOBRX8i6QblwdVLTjCJqHnKLtXuyYF3aHENKtgLxHJ8
TFi+V37VDqzCf3foyfB0+bYXXgDM39Ntd4O6hiZ1qg4JgrTzk+Cqh5TVTPSo0sOm
CotJd5aGEB2i3eXyj+LqAYI+zDLgdAfeRH8vlZPvYKcmlBEWoRT0bT8XttIyobL/
onsveTtpQMMMNw==
-----END CERTIFICATE-----