Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
File:                     HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json)
Hash identifier:          FYC0ShdjgO+VGePfDPMGJmJ5GmEIxbMyNgzbw6a8ZxU=
Subject key identifier:   AB:1B:26:C3:3D:B6:B7:7F:88:1E:B4:78:D5:2A:78:80:68:F7:58:78
Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F
Certificate issuer:       /CN=1c24f1caafb3208eb827a07826417bcb9493412f
Certificate serial:       01977AF9A6C7D0F9CBED4E5CA2A82BA979B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
Manifest number:          050C
Signing time:             Mon 16 Jun 2025 23:01:10 +0000
Manifest this update:     Mon 16 Jun 2025 23:01:10 +0000
Manifest next update:     Tue 17 Jun 2025 23:01:10 +0000
Files and hashes:         1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: +tJyR4WYo3+6aNmzv2BZ9WOP/i4NbQUVfzj4yYFJRSE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 23:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:f9:a6:c7:d0:f9:cb:ed:4e:5c:a2:a8:2b:a9:79:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f
        Validity
            Not Before: Jun 16 23:01:10 2025 GMT
            Not After : Jun 17 23:01:10 2025 GMT
        Subject: CN=ab1b26c33db6b77f881eb478d52a788068f75878
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:00:8e:a4:fa:49:0a:aa:d4:b2:1d:7d:5f:f7:
                    e9:d1:fd:9d:3e:47:c4:55:44:48:33:7b:fa:65:a7:
                    c0:59:e6:24:26:0c:44:50:9d:7f:10:ae:78:b6:d9:
                    b1:45:bd:8f:64:a6:39:14:a0:48:f4:3f:d6:60:1a:
                    7f:78:d9:a5:e7:92:a1:02:7f:b8:fc:b0:d7:b1:7f:
                    22:61:1a:a7:01:46:72:fd:28:a1:f1:de:a7:83:b0:
                    fe:60:c8:23:dc:8b:bc:65:8c:ff:bf:02:37:5e:c8:
                    ba:20:08:fd:85:2b:08:72:b0:3f:00:28:e2:e3:2d:
                    54:9d:f4:c4:eb:8d:6a:6d:f9:86:16:3e:c4:94:c8:
                    02:00:24:df:d6:17:96:18:df:c5:ec:c7:5e:c6:08:
                    60:63:21:ac:5b:c7:44:ec:ad:e9:20:47:79:3c:98:
                    ba:c6:63:a3:5d:f8:30:7b:28:f5:4b:44:f8:09:24:
                    25:3b:cd:44:e8:66:a2:05:f4:a5:03:b3:9c:6c:9a:
                    36:51:41:50:a5:da:9b:76:60:e2:1d:bf:ac:83:eb:
                    25:f7:a5:68:86:a5:76:ba:bc:4e:78:99:54:10:ff:
                    98:4e:89:7c:89:eb:f7:41:5c:a9:fd:21:65:c9:b8:
                    11:79:63:44:89:09:2b:2a:a2:ef:76:17:d1:0f:10:
                    c9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:1B:26:C3:3D:B6:B7:7F:88:1E:B4:78:D5:2A:78:80:68:F7:58:78
            X509v3 Authority Key Identifier:
                keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:f3:0c:bd:d8:8e:49:76:7a:eb:55:8a:cf:19:61:0f:7a:d8:
         9f:10:ae:69:b1:17:a6:fc:25:69:c2:6d:4f:d4:5a:b1:41:55:
         f4:05:90:2d:98:b3:ed:be:c9:29:ad:5c:c1:37:17:93:8c:15:
         ae:cf:a6:37:2f:fe:c3:e5:d2:b0:6d:1b:7f:74:44:cf:ff:ee:
         54:d4:85:9c:d1:8d:eb:d8:9e:9c:e3:4d:3e:7a:a9:80:bb:aa:
         82:96:24:fd:9a:e7:99:24:80:6a:a7:9d:55:2d:2e:fb:b7:47:
         44:63:84:b6:18:5d:8f:96:4b:f4:46:e1:7a:55:dc:cf:5c:0f:
         53:62:3e:3d:55:ad:79:2c:c2:4d:9a:28:f7:b6:1a:6a:ff:08:
         a2:16:36:99:64:96:3f:f6:0e:f5:6f:c4:90:3a:fa:2c:4d:60:
         b4:6d:5d:5a:d9:7c:8a:0c:9c:75:fc:3f:06:c2:dd:b4:a3:40:
         21:57:13:d2:83:46:a0:20:99:ef:a9:96:39:77:5e:26:77:ea:
         08:af:cf:25:59:32:15:3e:27:6a:5b:71:dd:c4:a8:1a:58:61:
         c6:d2:c3:69:48:94:76:8f:4f:a6:f1:bd:bf:5f:40:06:9a:8e:
         83:a8:59:88:55:8e:b2:eb:24:70:d4:f8:e7:da:76:0a:f7:11:
         5d:b7:6e:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6+abH0PnL7U5coqgrqXm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5
MzQxMmYwHhcNMjUwNjE2MjMwMTEwWhcNMjUwNjE3MjMwMTEwWjAzMTEwLwYDVQQD
EyhhYjFiMjZjMzNkYjZiNzdmODgxZWI0NzhkNTJhNzg4MDY4Zjc1ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgCOpPpJCqrUsh19X/fp0f2dPkfE
VURIM3v6ZafAWeYkJgxEUJ1/EK54ttmxRb2PZKY5FKBI9D/WYBp/eNml55KhAn+4
/LDXsX8iYRqnAUZy/Sih8d6ng7D+YMgj3Iu8ZYz/vwI3Xsi6IAj9hSsIcrA/ACji
4y1UnfTE641qbfmGFj7ElMgCACTf1heWGN/F7MdexghgYyGsW8dE7K3pIEd5PJi6
xmOjXfgweyj1S0T4CSQlO81E6GaiBfSlA7OcbJo2UUFQpdqbdmDiHb+sg+sl96Vo
hqV2urxOeJlUEP+YTol8iev3QVyp/SFlybgReWNEiQkrKqLvdhfRDxDJ4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsbJsM9trd/iB60eNUqeIBo91h4MB8GA1UdIwQY
MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt
N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj
LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAovMMvdiO
SXZ661WKzxlhD3rYnxCuabEXpvwlacJtT9RasUFV9AWQLZiz7b7JKa1cwTcXk4wV
rs+mNy/+w+XSsG0bf3REz//uVNSFnNGN69ienONNPnqpgLuqgpYk/ZrnmSSAaqed
VS0u+7dHRGOEthhdj5ZL9EbhelXcz1wPU2I+PVWteSzCTZoo97Yaav8IohY2mWSW
P/YO9W/EkDr6LE1gtG1dWtl8igycdfw/BsLdtKNAIVcT0oNGoCCZ76mWOXdeJnfq
CK/PJVkyFT4naltx3cSoGlhhxtLDaUiUdo9PpvG9v19ABpqOg6hZiFWOsuskcNT4
59p2CvcRXbduOg==
-----END CERTIFICATE-----