Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
File:                     HkQmt06M9v_e23sGBBgIMqhiXzI.mft (raw, json)
Hash identifier:          3ZesbUmuieNj/Wmp1pMCTYiMhV2kspbU3ufHliDKC4Q=
Subject key identifier:   05:8C:63:C8:E9:55:FF:74:EA:F1:9B:85:09:40:AF:75:CE:F3:4B:E2
Authority key identifier: 1E:44:26:B7:4E:8C:F6:FF:DE:DB:7B:06:04:18:08:32:A8:62:5F:32
Certificate issuer:       /CN=1e4426b74e8cf6ffdedb7b0604180832a8625f32
Certificate serial:       01976F2CB71F5C5D8661951B68CD80375561
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
Manifest number:          06A1
Signing time:             Sat 14 Jun 2025 16:01:30 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:30 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:30 +0000
Files and hashes:         1: HkQmt06M9v_e23sGBBgIMqhiXzI.crl (hash: dYN1mLKifmtrg++b8+PkQ5YhfSVVDLuGZRNP3TMcKo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:b7:1f:5c:5d:86:61:95:1b:68:cd:80:37:55:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e4426b74e8cf6ffdedb7b0604180832a8625f32
        Validity
            Not Before: Jun 14 16:01:30 2025 GMT
            Not After : Jun 15 16:01:30 2025 GMT
        Subject: CN=058c63c8e955ff74eaf19b850940af75cef34be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:99:55:9f:c4:aa:ca:76:3e:27:63:59:06:cb:
                    5c:aa:82:9a:21:af:88:18:65:b5:8b:c6:1c:d8:cf:
                    69:33:da:0c:0d:ba:4c:b2:5a:53:3f:42:32:81:4b:
                    b3:32:a1:10:ed:e5:62:0f:85:48:93:40:96:55:95:
                    04:5f:7a:3c:25:6a:e6:ed:bc:33:07:2c:73:73:c6:
                    dd:6e:21:3b:79:11:6f:44:f1:9f:bd:91:8d:5d:0d:
                    e7:2b:f2:0e:69:d1:c5:cb:46:b8:4d:44:23:44:18:
                    67:51:40:30:09:39:f0:54:c1:b7:98:db:3e:49:f0:
                    2b:6d:cc:fb:34:d6:a1:1f:bf:b0:74:9b:b3:53:f6:
                    66:a7:e3:8f:2b:de:15:45:2b:0e:41:8d:b9:70:65:
                    fd:45:35:66:26:f7:5e:e7:53:9b:65:ef:25:92:f1:
                    a3:79:bc:d0:19:69:94:19:d0:6a:58:f2:8f:66:71:
                    09:4e:3a:87:a6:ed:d7:b7:b7:08:9d:bf:a7:70:76:
                    18:f3:a7:5d:69:8e:a1:c2:19:b9:cf:60:f3:96:7a:
                    7e:87:d5:8d:af:c9:37:f5:16:e1:b1:e9:04:5d:f0:
                    9e:8f:e6:08:b1:eb:f1:af:40:0b:d9:11:b1:e9:b4:
                    e7:10:e6:80:d7:4f:34:b6:1e:c6:3a:ed:06:28:b0:
                    73:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:8C:63:C8:E9:55:FF:74:EA:F1:9B:85:09:40:AF:75:CE:F3:4B:E2
            X509v3 Authority Key Identifier:
                keyid:1E:44:26:B7:4E:8C:F6:FF:DE:DB:7B:06:04:18:08:32:A8:62:5F:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkQmt06M9v_e23sGBBgIMqhiXzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/57d08e-1fb8-4ffc-8a71-b4740a2158f0/1/HkQmt06M9v_e23sGBBgIMqhiXzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:68:78:c8:27:1d:3e:8c:5d:b6:ae:dd:cd:72:8d:d3:16:1a:
         ee:aa:ae:c2:f2:8a:e0:d8:58:11:b3:74:ea:03:3b:3d:4a:48:
         7a:69:31:69:23:5f:74:5c:85:37:31:36:39:94:bb:9f:ec:81:
         a4:87:fc:d1:a6:a7:0f:cd:c5:dc:86:a5:7d:05:14:60:34:af:
         c5:13:8f:bf:c3:b1:49:bc:ad:9c:5e:64:4e:91:b2:7e:56:6d:
         f4:06:17:b7:f0:73:8e:97:3f:e1:1d:b8:2b:e9:c8:f8:a5:03:
         57:04:a4:bb:ed:72:23:fd:d8:d8:4a:dc:f2:f7:2c:cc:61:f1:
         32:cd:7c:3f:64:6d:e5:2a:9b:1d:95:6c:bc:03:55:65:50:5d:
         81:55:80:20:14:af:da:c9:65:36:0f:a2:3d:81:45:82:76:ca:
         13:14:44:0d:70:11:19:82:4c:a8:2c:cf:29:c6:28:05:85:88:
         08:3d:e4:81:17:cb:10:48:ca:eb:03:4b:c0:be:ae:37:86:3a:
         f4:e7:08:f8:b1:ef:04:ea:dc:12:d5:b4:a5:b6:bc:86:49:30:
         21:ea:09:8a:0d:39:7a:5b:7f:c0:77:c6:d9:3a:da:2c:33:cd:
         38:15:1b:d3:2a:cf:05:58:63:10:aa:9d:68:c1:1e:81:99:e2:
         8b:96:88:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLLcfXF2GYZUbaM2AN1VhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDQyNmI3NGU4Y2Y2ZmZkZWRiN2IwNjA0MTgwODMyYTg2
MjVmMzIwHhcNMjUwNjE0MTYwMTMwWhcNMjUwNjE1MTYwMTMwWjAzMTEwLwYDVQQD
EygwNThjNjNjOGU5NTVmZjc0ZWFmMTliODUwOTQwYWY3NWNlZjM0YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJlVn8SqynY+J2NZBstcqoKaIa+I
GGW1i8Yc2M9pM9oMDbpMslpTP0IygUuzMqEQ7eViD4VIk0CWVZUEX3o8JWrm7bwz
Byxzc8bdbiE7eRFvRPGfvZGNXQ3nK/IOadHFy0a4TUQjRBhnUUAwCTnwVMG3mNs+
SfArbcz7NNahH7+wdJuzU/Zmp+OPK94VRSsOQY25cGX9RTVmJvde51ObZe8lkvGj
ebzQGWmUGdBqWPKPZnEJTjqHpu3Xt7cInb+ncHYY86ddaY6hwhm5z2Dzlnp+h9WN
r8k39RbhsekEXfCej+YIsevxr0AL2RGx6bTnEOaA1080th7GOu0GKLBz0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWMY8jpVf906vGbhQlAr3XO80viMB8GA1UdIwQY
MBaAFB5EJrdOjPb/3tt7BgQYCDKoYl8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81N2QwOGUtMWZiOC00ZmZjLThhNzEt
YjQ3NDBhMjE1OGYwLzEvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81N2QwOGUtMWZiOC00ZmZjLThhNzEtYjQ3NDBhMjE1OGYw
LzEvSGtRbXQwNk05dl9lMjNzR0JCZ0lNcWhpWHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGh4yCcd
Poxdtq7dzXKN0xYa7qquwvKK4NhYEbN06gM7PUpIemkxaSNfdFyFNzE2OZS7n+yB
pIf80aanD83F3IalfQUUYDSvxROPv8OxSbytnF5kTpGyflZt9AYXt/Bzjpc/4R24
K+nI+KUDVwSku+1yI/3Y2Erc8vcszGHxMs18P2Rt5SqbHZVsvANVZVBdgVWAIBSv
2sllNg+iPYFFgnbKExREDXARGYJMqCzPKcYoBYWICD3kgRfLEEjK6wNLwL6uN4Y6
9OcI+LHvBOrcEtW0pba8hkkwIeoJig05elt/wHfG2TraLDPNOBUb0yrPBVhjEKqd
aMEegZnii5aI+A==
-----END CERTIFICATE-----