Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          SAnyweZDmEz/x3KXxYN3B5wTLgQSUjlXk8LguZQqZEs=
Subject key identifier:   A4:99:71:25:59:A3:DF:6C:48:C4:A5:56:0D:02:50:8D:AF:42:6F:D3
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019875D19D341CB3E000B18DB3BC1194EF34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0988
Signing time:             Mon 04 Aug 2025 16:02:08 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:08 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:08 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: aMD93jlylO5X2+5r8ECibNCVTE+Xc9BqCLTyVPqLZTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d1:9d:34:1c:b3:e0:00:b1:8d:b3:bc:11:94:ef:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Aug  4 16:02:08 2025 GMT
            Not After : Aug  5 16:02:08 2025 GMT
        Subject: CN=a499712559a3df6c48c4a5560d02508daf426fd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:cb:13:9c:02:cf:43:62:f8:e1:9d:17:f7:1a:
                    29:d5:35:e1:2f:3f:a5:f0:7d:6b:be:a7:45:cc:e1:
                    d3:ad:27:f6:6c:ee:cd:0f:1d:7b:ce:99:3f:d3:da:
                    22:c5:90:64:ed:1e:af:85:38:dc:13:57:e0:8f:dd:
                    8b:38:a1:22:0d:79:9d:37:ee:c3:f9:ea:5b:8a:30:
                    8f:0f:72:8f:94:9c:b8:08:dc:50:0f:9b:0a:3e:e9:
                    ab:64:a5:27:7a:79:7b:7e:32:09:65:1a:40:f4:3e:
                    7d:67:d3:77:dc:e5:76:7f:72:05:fa:d3:1b:68:ad:
                    2b:6b:6e:9f:bf:cf:23:21:88:14:d1:ae:95:1a:8f:
                    95:8d:1b:04:e2:9a:52:26:60:a3:ca:ea:af:0e:d5:
                    70:6b:26:ff:ae:45:c7:30:f8:c9:5f:86:da:35:31:
                    fc:82:90:69:26:13:ae:bb:9c:4c:59:4e:51:f2:8d:
                    14:70:19:b9:d9:00:c2:02:ad:b9:db:da:b3:a7:f8:
                    54:7d:7e:a5:74:c8:a0:16:64:33:f9:58:9d:bb:a5:
                    c5:6b:6e:75:2a:66:36:09:87:82:e8:df:59:d7:52:
                    8b:9a:5d:32:b4:ca:17:a1:9e:20:5a:9b:ee:80:b8:
                    c9:e9:41:b4:9f:b7:75:6b:9e:b2:3d:b3:e6:b6:b3:
                    15:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:99:71:25:59:A3:DF:6C:48:C4:A5:56:0D:02:50:8D:AF:42:6F:D3
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:01:2f:f2:d6:29:bb:db:a6:18:2d:e7:ab:d6:f3:03:6b:60:
         70:87:29:8b:1b:82:04:f9:e5:b5:c0:85:6b:96:d7:28:ee:86:
         9f:0a:b2:5c:c0:5b:3f:c6:87:32:85:0c:e9:69:bf:5c:a7:f1:
         ef:92:e6:0c:42:ab:87:d8:35:ed:44:cd:37:64:ed:6d:42:a4:
         14:6e:30:66:83:45:72:82:5f:85:f6:fa:00:ce:7f:6d:d1:f2:
         a3:0c:c8:56:c2:79:e3:6f:d3:92:d6:5f:6b:dc:3b:b1:36:32:
         fb:05:05:ef:d2:50:08:fc:e1:1e:47:b9:d1:1c:9d:ae:be:53:
         0a:76:e4:03:6c:3e:e5:3b:fc:14:a0:ae:dc:89:f9:fb:7b:36:
         f9:94:09:33:ab:5b:cc:d4:68:4d:2f:f2:05:07:c9:2d:be:ff:
         bb:94:8d:27:a4:6e:67:34:77:b6:24:25:43:0d:ad:73:44:5a:
         35:b2:ef:4d:36:fd:36:6b:80:2a:71:f8:02:6c:2d:ba:7c:b0:
         da:89:97:db:b0:ce:74:c3:57:f5:bf:71:9e:82:80:6e:c9:6e:
         ee:1d:06:01:7c:47:f0:7d:e0:67:89:d4:dd:47:c4:df:44:77:
         ff:41:2e:39:75:93:1a:49:73:87:38:2b:40:c5:af:9b:08:85:
         fe:b5:88:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10Z00HLPgALGNs7wRlO80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUwODA0MTYwMjA4WhcNMjUwODA1MTYwMjA4WjAzMTEwLwYDVQQD
EyhhNDk5NzEyNTU5YTNkZjZjNDhjNGE1NTYwZDAyNTA4ZGFmNDI2ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ssTnALPQ2L44Z0X9xop1TXhLz+l
8H1rvqdFzOHTrSf2bO7NDx17zpk/09oixZBk7R6vhTjcE1fgj92LOKEiDXmdN+7D
+epbijCPD3KPlJy4CNxQD5sKPumrZKUnenl7fjIJZRpA9D59Z9N33OV2f3IF+tMb
aK0ra26fv88jIYgU0a6VGo+VjRsE4ppSJmCjyuqvDtVwayb/rkXHMPjJX4baNTH8
gpBpJhOuu5xMWU5R8o0UcBm52QDCAq2529qzp/hUfX6ldMigFmQz+Vidu6XFa251
KmY2CYeC6N9Z11KLml0ytMoXoZ4gWpvugLjJ6UG0n7d1a56yPbPmtrMVIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSZcSVZo99sSMSlVg0CUI2vQm/TMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQEv8tYp
u9umGC3nq9bzA2tgcIcpixuCBPnltcCFa5bXKO6GnwqyXMBbP8aHMoUM6Wm/XKfx
75LmDEKrh9g17UTNN2TtbUKkFG4wZoNFcoJfhfb6AM5/bdHyowzIVsJ542/TktZf
a9w7sTYy+wUF79JQCPzhHke50Rydrr5TCnbkA2w+5Tv8FKCu3In5+3s2+ZQJM6tb
zNRoTS/yBQfJLb7/u5SNJ6RuZzR3tiQlQw2tc0RaNbLvTTb9NmuAKnH4Amwtunyw
2omX27DOdMNX9b9xnoKAbslu7h0GAXxH8H3gZ4nU3UfE30R3/0EuOXWTGklzhzgr
QMWvmwiF/rWITw==
-----END CERTIFICATE-----