Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
File:                     hUYhlvWiZe4_S4kOKGZyQCCNO68.mft (raw, json)
Hash identifier:          phssD4mLqtd7GXp8PHSPDYFA7v421TO//3XOVYHtZBA=
Subject key identifier:   36:D4:A7:EB:E9:3E:BC:88:49:5B:94:9F:C3:D6:98:24:1E:E8:1D:D8
Authority key identifier: 85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF
Certificate issuer:       /CN=85462196f5a265ee3f4b890e28667240208d3baf
Certificate serial:       01977978E6B37D6CC51A778C407456E40C84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
Manifest number:          03D4
Signing time:             Mon 16 Jun 2025 16:00:55 +0000
Manifest this update:     Mon 16 Jun 2025 16:00:55 +0000
Manifest next update:     Tue 17 Jun 2025 16:00:55 +0000
Files and hashes:         1: hUYhlvWiZe4_S4kOKGZyQCCNO68.crl (hash: JwFFO2Hrboiy8E/XHIHATgWM6ZCCYHzFTyFIG2JyMh4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:78:e6:b3:7d:6c:c5:1a:77:8c:40:74:56:e4:0c:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85462196f5a265ee3f4b890e28667240208d3baf
        Validity
            Not Before: Jun 16 16:00:55 2025 GMT
            Not After : Jun 17 16:00:55 2025 GMT
        Subject: CN=36d4a7ebe93ebc88495b949fc3d698241ee81dd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2b:2d:c7:f0:bc:ad:1e:bf:77:74:11:c4:54:
                    65:87:11:2f:dd:be:bd:c7:43:27:ca:74:1e:60:2b:
                    6b:14:ad:5a:ba:f4:6f:95:db:59:76:c7:fd:d2:02:
                    0a:47:14:68:17:0d:e1:41:f9:2c:50:27:d7:08:d8:
                    28:0c:36:59:e8:36:60:b5:d4:a8:2b:18:0b:13:db:
                    7c:34:42:aa:26:12:af:7c:62:db:f3:3d:a4:f0:77:
                    67:a4:cd:7d:b2:05:10:af:70:fa:39:ac:93:68:5d:
                    9c:6b:9e:96:ba:31:ab:c1:8c:3d:25:9f:5a:68:c7:
                    18:2c:2d:38:b7:04:f3:76:d5:97:2f:13:39:98:aa:
                    76:3b:fd:49:6c:8d:6f:5e:cb:ce:af:8f:37:e3:84:
                    db:16:98:99:a8:7c:2d:c5:dd:ce:cd:f2:aa:47:d4:
                    72:52:1b:a6:5c:94:58:07:20:b9:3a:6e:a1:32:da:
                    0a:de:87:cb:d0:16:8e:97:6d:06:54:0d:25:34:b7:
                    9d:4e:19:01:f0:85:09:d2:17:01:3e:8d:b6:a4:1f:
                    da:e4:cf:39:d7:1c:5b:53:67:88:bc:8d:ad:00:2f:
                    82:c4:20:bb:1a:e6:92:fa:aa:cc:75:6d:d4:82:a4:
                    34:33:0a:15:c4:ec:3e:d9:51:d6:17:37:63:1b:8a:
                    2a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D4:A7:EB:E9:3E:BC:88:49:5B:94:9F:C3:D6:98:24:1E:E8:1D:D8
            X509v3 Authority Key Identifier:
                keyid:85:46:21:96:F5:A2:65:EE:3F:4B:89:0E:28:66:72:40:20:8D:3B:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYhlvWiZe4_S4kOKGZyQCCNO68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/15ae7a-883e-45dc-a804-aa6434e54f39/1/hUYhlvWiZe4_S4kOKGZyQCCNO68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:b2:3b:08:f1:c9:9f:77:75:b5:44:e0:1c:be:70:cf:70:b0:
         6d:a7:36:16:11:3b:82:58:e4:aa:11:44:f1:14:7d:27:45:1a:
         a8:dd:42:8a:73:01:90:fb:f4:4a:e6:c7:a6:9d:c4:3a:9c:27:
         29:f6:c9:33:50:2d:1a:be:f4:81:0c:fe:87:42:43:22:2a:16:
         d4:5b:86:82:bd:11:73:7e:30:e6:1c:f1:ee:ea:2b:0a:5a:77:
         0f:cb:58:9c:df:3e:0c:36:b1:b9:85:12:86:fc:ef:f8:47:13:
         cc:c7:a0:4b:e9:4e:cd:9a:e1:65:09:80:67:21:09:96:de:66:
         99:33:bc:ce:16:a7:17:21:9a:2c:8c:bc:5a:99:e2:04:27:3f:
         4a:8b:c9:99:43:f0:f0:b8:08:48:66:ba:3c:89:56:a0:dc:0c:
         bc:aa:ad:05:08:49:05:cc:c5:62:8a:f6:1e:ab:32:54:13:eb:
         dc:04:a4:b2:f2:22:76:00:69:2d:e8:ee:eb:63:6f:24:93:55:
         f9:dc:80:e7:a0:4b:0c:17:ba:c1:83:11:12:0a:ca:d9:19:9a:
         46:72:38:df:2a:aa:bb:4b:01:29:77:db:17:fa:f1:09:1f:46:
         1f:3a:dd:58:51:a6:21:d9:b0:aa:17:1e:c4:7d:cd:b6:57:23:
         72:8b:47:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5eOazfWzFGneMQHRW5AyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYyMTk2ZjVhMjY1ZWUzZjRiODkwZTI4NjY3MjQwMjA4
ZDNiYWYwHhcNMjUwNjE2MTYwMDU1WhcNMjUwNjE3MTYwMDU1WjAzMTEwLwYDVQQD
EygzNmQ0YTdlYmU5M2ViYzg4NDk1Yjk0OWZjM2Q2OTgyNDFlZTgxZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCstx/C8rR6/d3QRxFRlhxEv3b69
x0MnynQeYCtrFK1auvRvldtZdsf90gIKRxRoFw3hQfksUCfXCNgoDDZZ6DZgtdSo
KxgLE9t8NEKqJhKvfGLb8z2k8HdnpM19sgUQr3D6OayTaF2ca56WujGrwYw9JZ9a
aMcYLC04twTzdtWXLxM5mKp2O/1JbI1vXsvOr48344TbFpiZqHwtxd3OzfKqR9Ry
UhumXJRYByC5Om6hMtoK3ofL0BaOl20GVA0lNLedThkB8IUJ0hcBPo22pB/a5M85
1xxbU2eIvI2tAC+CxCC7GuaS+qrMdW3UgqQ0MwoVxOw+2VHWFzdjG4oqAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbUp+vpPryISVuUn8PWmCQe6B3YMB8GA1UdIwQY
MBaAFIVGIZb1omXuP0uJDihmckAgjTuvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQt
YWE2NDM0ZTU0ZjM5LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNWFlN2EtODgzZS00NWRjLWE4MDQtYWE2NDM0ZTU0ZjM5
LzEvaFVZaGx2V2laZTRfUzRrT0tHWnlRQ0NOTzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAebI7CPHJ
n3d1tUTgHL5wz3Cwbac2FhE7gljkqhFE8RR9J0UaqN1CinMBkPv0SubHpp3EOpwn
KfbJM1AtGr70gQz+h0JDIioW1FuGgr0Rc34w5hzx7uorClp3D8tYnN8+DDaxuYUS
hvzv+EcTzMegS+lOzZrhZQmAZyEJlt5mmTO8zhanFyGaLIy8WpniBCc/SovJmUPw
8LgISGa6PIlWoNwMvKqtBQhJBczFYor2HqsyVBPr3ASksvIidgBpLeju62NvJJNV
+dyA56BLDBe6wYMREgrK2RmaRnI43yqqu0sBKXfbF/rxCR9GHzrdWFGmIdmwqhce
xH3NtlcjcotHag==
-----END CERTIFICATE-----