Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
File:                     hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft (raw, json)
Hash identifier:          vokAf9OhFMwK/Bwz5taMui03sDDaEdM9RXK0QSK7AEc=
Subject key identifier:   0A:85:C7:CF:31:AB:06:D2:00:5A:83:B5:52:49:B7:C3:4D:81:A3:52
Authority key identifier: 85:4C:D3:BA:84:8A:FB:79:2F:2B:21:83:FA:62:DF:2D:52:08:29:BD
Certificate issuer:       /CN=854cd3ba848afb792f2b2183fa62df2d520829bd
Certificate serial:       019874191873E4832D791DB25C14BF34A4C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
Manifest number:          25
Signing time:             Mon 04 Aug 2025 08:00:58 +0000
Manifest this update:     Mon 04 Aug 2025 08:00:58 +0000
Manifest next update:     Tue 05 Aug 2025 08:00:58 +0000
Files and hashes:         1: hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl (hash: 17CtGBSR5haUmOvw3dXj2tSvOaqTDtKWoneFbIpTGDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:19:18:73:e4:83:2d:79:1d:b2:5c:14:bf:34:a4:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=854cd3ba848afb792f2b2183fa62df2d520829bd
        Validity
            Not Before: Aug  4 08:00:58 2025 GMT
            Not After : Aug  5 08:00:58 2025 GMT
        Subject: CN=0a85c7cf31ab06d2005a83b55249b7c34d81a352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b5:f5:3c:81:51:d8:4b:67:70:3d:54:70:a6:
                    e6:69:77:36:af:12:c8:b2:49:28:1c:65:e5:c4:50:
                    02:9a:57:55:e5:02:0d:25:8e:77:e5:ca:b7:c4:07:
                    a5:99:0b:b0:14:6b:64:c7:cc:66:03:3a:18:5f:33:
                    cb:41:9f:4f:01:97:4d:7f:e0:49:94:d9:6f:da:a8:
                    4e:2b:82:da:82:1b:c1:87:b8:2f:76:14:72:c5:e4:
                    f3:4b:ee:fa:dc:52:54:5b:25:3c:44:91:23:04:60:
                    49:6b:70:ce:91:39:f8:e1:6e:7d:de:e6:bb:0b:de:
                    4c:f0:23:e9:57:31:75:30:b3:20:08:65:8c:cc:7f:
                    fe:7a:bb:5d:ad:eb:ad:3d:a6:85:4a:79:28:b2:2c:
                    2e:90:9d:4f:8e:f1:a1:3b:78:95:11:4c:4e:97:7c:
                    f2:54:c6:ed:ca:c1:db:ed:78:df:c9:71:ea:d6:73:
                    ff:b1:81:ad:08:c7:a8:aa:de:b0:3e:80:a1:22:af:
                    a6:e7:66:72:a8:32:72:1c:a8:78:e7:b0:c5:d0:fa:
                    c2:d4:ce:ab:f7:02:d9:98:f2:3d:f4:21:d4:f2:a3:
                    06:67:1a:bf:11:f0:50:b6:72:b2:74:f9:c1:ee:96:
                    43:f4:48:eb:1b:3c:3f:8e:ef:58:49:14:ce:04:14:
                    e2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:85:C7:CF:31:AB:06:D2:00:5A:83:B5:52:49:B7:C3:4D:81:A3:52
            X509v3 Authority Key Identifier:
                keyid:85:4C:D3:BA:84:8A:FB:79:2F:2B:21:83:FA:62:DF:2D:52:08:29:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUzTuoSK-3kvKyGD-mLfLVIIKb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/696cb5-8ecc-4df6-982c-0b7ef38a7f87/1/hUzTuoSK-3kvKyGD-mLfLVIIKb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:a0:f8:1c:27:92:6b:55:f7:24:8a:7a:77:e7:84:67:37:04:
         0a:ed:cb:d3:2f:5f:26:9a:15:6e:e4:b1:78:a5:4c:c4:1d:01:
         96:3b:1a:2f:a5:9e:55:20:d8:cd:36:53:cd:1d:43:bd:ff:1b:
         3c:a8:fa:b9:a5:b5:54:34:9a:0b:d9:74:41:c3:d7:a8:15:4d:
         36:3e:0d:af:96:a9:00:4f:05:0a:eb:63:79:8c:90:5e:ea:df:
         40:90:9a:06:bc:86:d6:38:bd:00:83:80:07:49:d7:91:68:ca:
         90:8a:9b:ab:b5:26:fc:a7:21:e3:52:5c:99:57:eb:dd:96:09:
         29:d1:63:7c:58:ec:91:15:70:7e:39:85:47:cd:2f:dc:06:5a:
         e7:fb:b3:4b:ee:b7:55:f1:f4:9d:8d:37:5a:3f:95:57:25:32:
         0e:1d:d0:da:1a:75:af:bf:a9:90:a4:ad:a9:84:f8:88:80:fe:
         75:ed:f0:72:cb:64:85:48:24:64:84:d0:2d:b8:af:0d:c3:5c:
         d5:69:3e:d3:d3:8a:4a:d3:15:aa:b5:4f:f2:65:8d:c9:dd:9d:
         96:06:94:89:87:5a:7c:fc:ae:d4:c4:a4:16:64:14:45:8d:b7:
         9c:24:40:c0:4d:e5:c4:2e:a8:25:83:e4:5c:da:4b:8d:6b:4f:
         9a:b9:bb:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0GRhz5IMteR2yXBS/NKTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGNkM2JhODQ4YWZiNzkyZjJiMjE4M2ZhNjJkZjJkNTIw
ODI5YmQwHhcNMjUwODA0MDgwMDU4WhcNMjUwODA1MDgwMDU4WjAzMTEwLwYDVQQD
EygwYTg1YzdjZjMxYWIwNmQyMDA1YTgzYjU1MjQ5YjdjMzRkODFhMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbX1PIFR2EtncD1UcKbmaXc2rxLI
skkoHGXlxFACmldV5QINJY535cq3xAelmQuwFGtkx8xmAzoYXzPLQZ9PAZdNf+BJ
lNlv2qhOK4LaghvBh7gvdhRyxeTzS+763FJUWyU8RJEjBGBJa3DOkTn44W593ua7
C95M8CPpVzF1MLMgCGWMzH/+ertdreutPaaFSnkosiwukJ1PjvGhO3iVEUxOl3zy
VMbtysHb7XjfyXHq1nP/sYGtCMeoqt6wPoChIq+m52ZyqDJyHKh457DF0PrC1M6r
9wLZmPI99CHU8qMGZxq/EfBQtnKydPnB7pZD9EjrGzw/ju9YSRTOBBTiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqFx88xqwbSAFqDtVJJt8NNgaNSMB8GA1UdIwQY
MBaAFIVM07qEivt5Lyshg/pi3y1SCCm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82OTZjYjUtOGVjYy00ZGY2LTk4MmMt
MGI3ZWYzOGE3Zjg3LzEvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82OTZjYjUtOGVjYy00ZGY2LTk4MmMtMGI3ZWYzOGE3Zjg3
LzEvaFV6VHVvU0stM2t2S3lHRC1tTGZMVklJS2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaD4HCeS
a1X3JIp6d+eEZzcECu3L0y9fJpoVbuSxeKVMxB0BljsaL6WeVSDYzTZTzR1Dvf8b
PKj6uaW1VDSaC9l0QcPXqBVNNj4Nr5apAE8FCutjeYyQXurfQJCaBryG1ji9AIOA
B0nXkWjKkIqbq7Um/Kch41JcmVfr3ZYJKdFjfFjskRVwfjmFR80v3AZa5/uzS+63
VfH0nY03Wj+VVyUyDh3Q2hp1r7+pkKStqYT4iID+de3wcstkhUgkZITQLbivDcNc
1Wk+09OKStMVqrVP8mWNyd2dlgaUiYdafPyu1MSkFmQURY23nCRAwE3lxC6oJYPk
XNpLjWtPmrm7EQ==
-----END CERTIFICATE-----