Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          M631wx2i4ZPDdoCHLV9MhZnDcv4pDO0ScFdZtfIMidI=
Subject key identifier:   9A:01:A1:37:34:49:0B:B7:A3:E7:F3:77:B3:98:D5:23:18:4A:0A:8D
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       0196760C65F18FB494A473BD4EAAB638D683
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          087F
Signing time:             Sun 27 Apr 2025 07:00:46 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:46 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:46 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: W3wimtxkVNIwpPpWv0dVVTw48Vz+btk3mv8auOYeBqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:65:f1:8f:b4:94:a4:73:bd:4e:aa:b6:38:d6:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Apr 27 07:00:46 2025 GMT
            Not After : Apr 28 07:00:46 2025 GMT
        Subject: CN=9a01a13734490bb7a3e7f377b398d523184a0a8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:04:e7:19:51:41:74:f2:37:5a:46:e8:72:d1:
                    13:f5:9a:d8:b6:d5:06:6d:8c:1e:dd:52:c7:b5:29:
                    a6:71:bf:53:85:b0:dd:9c:08:8e:1b:dc:68:0d:67:
                    00:48:b0:76:63:14:ed:b5:b0:0d:c7:77:17:f5:04:
                    f8:21:80:39:39:99:19:8d:96:88:1c:fe:26:ba:f7:
                    bc:cb:f7:20:bf:4d:82:25:94:80:88:0b:fa:13:ad:
                    cc:4e:61:b0:c4:50:5b:9b:60:24:d4:32:33:ea:af:
                    15:bf:04:d2:ed:de:29:84:6c:b7:e9:b6:b2:da:a8:
                    8f:5b:13:29:9f:db:48:a1:86:77:9d:b2:7e:41:7e:
                    b1:cb:ea:1f:ef:01:3f:c9:2a:3c:cf:c0:8c:1b:5b:
                    3c:eb:03:f4:02:58:28:f2:c6:b4:25:7b:4a:35:8f:
                    05:61:b5:17:c0:d5:7e:2c:74:09:c4:a3:ff:f7:eb:
                    b2:fe:60:f0:ac:9a:90:bf:c1:81:88:7f:34:95:80:
                    c2:14:c8:3f:e6:46:aa:53:ce:3c:08:f7:c7:b0:f8:
                    5b:45:eb:5e:16:eb:da:0f:5f:23:86:1f:ce:d1:34:
                    50:9c:12:30:20:f8:ef:87:55:b0:c3:d5:33:86:8a:
                    df:46:62:3f:e4:6e:f9:5f:ce:6d:de:15:11:3d:72:
                    d4:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:01:A1:37:34:49:0B:B7:A3:E7:F3:77:B3:98:D5:23:18:4A:0A:8D
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:59:42:8e:76:72:42:35:af:c2:32:07:8f:fd:da:42:32:4f:
         65:b6:98:34:a3:f1:91:71:ca:72:f3:c7:cf:28:2a:de:48:25:
         91:1b:3b:28:54:3c:2d:4a:34:bd:47:f0:c8:e8:fc:00:77:75:
         7c:64:9b:5e:18:a4:25:13:e8:95:7f:8c:4e:3c:68:f6:00:20:
         ae:5a:d7:48:22:84:d4:68:5d:01:3e:30:56:18:a8:ba:30:ce:
         1f:18:51:af:45:e5:6b:f7:8c:c7:c3:b0:4e:b8:1b:96:06:da:
         c6:f9:1f:d8:9b:00:ec:61:08:4e:46:ef:f3:c5:80:b1:7f:2e:
         0f:4b:82:dc:e9:7f:32:0c:70:1c:d8:27:ac:6a:b9:66:e6:54:
         62:89:47:3e:0c:1d:70:a6:5b:4b:d4:fa:df:dd:4f:e3:db:14:
         00:82:d6:af:8d:ba:77:de:76:6e:c8:11:c1:43:6b:13:01:2b:
         f3:00:d8:c8:04:e9:8f:f6:cb:7c:c7:4f:62:04:57:3b:51:2c:
         6a:cf:4f:64:d2:85:45:23:47:fd:d6:4f:6c:54:cd:ac:83:bd:
         0b:e5:7e:78:bf:81:5e:ae:e4:45:0b:f9:bc:c2:2c:45:3b:86:
         12:31:8b:3a:0a:73:63:6c:49:1b:fe:b3:e9:62:8b:ec:16:9e:
         1e:99:70:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DGXxj7SUpHO9Tqq2ONaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwNDI3MDcwMDQ2WhcNMjUwNDI4MDcwMDQ2WjAzMTEwLwYDVQQD
Eyg5YTAxYTEzNzM0NDkwYmI3YTNlN2YzNzdiMzk4ZDUyMzE4NGEwYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwTnGVFBdPI3WkboctET9ZrYttUG
bYwe3VLHtSmmcb9ThbDdnAiOG9xoDWcASLB2YxTttbANx3cX9QT4IYA5OZkZjZaI
HP4muve8y/cgv02CJZSAiAv6E63MTmGwxFBbm2Ak1DIz6q8VvwTS7d4phGy36bay
2qiPWxMpn9tIoYZ3nbJ+QX6xy+of7wE/ySo8z8CMG1s86wP0Algo8sa0JXtKNY8F
YbUXwNV+LHQJxKP/9+uy/mDwrJqQv8GBiH80lYDCFMg/5kaqU848CPfHsPhbRete
FuvaD18jhh/O0TRQnBIwIPjvh1Www9UzhorfRmI/5G75X85t3hURPXLUPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoBoTc0SQu3o+fzd7OY1SMYSgqNMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvllCjnZy
QjWvwjIHj/3aQjJPZbaYNKPxkXHKcvPHzygq3kglkRs7KFQ8LUo0vUfwyOj8AHd1
fGSbXhikJRPolX+MTjxo9gAgrlrXSCKE1GhdAT4wVhioujDOHxhRr0Xla/eMx8Ow
Trgblgbaxvkf2JsA7GEITkbv88WAsX8uD0uC3Ol/MgxwHNgnrGq5ZuZUYolHPgwd
cKZbS9T6391P49sUAILWr426d952bsgRwUNrEwEr8wDYyATpj/bLfMdPYgRXO1Es
as9PZNKFRSNH/dZPbFTNrIO9C+V+eL+BXq7kRQv5vMIsRTuGEjGLOgpzY2xJG/6z
6WKL7BaeHplw5g==
-----END CERTIFICATE-----