Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          MSljFhqH9hSbbK39omMuEeJXpYSbFIy3A0fiZr3NOO4=
Subject key identifier:   D8:C4:32:D2:A3:E2:EF:36:94:59:F9:F4:B6:02:77:1C:43:38:1E:4D
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       01976F2BC45CC828F5EF46424C5E4B401EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 16:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:28 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: 1VWnZkEo7DqN7ttuwIlRL4Cwkre1hksxxU6h8BHJbe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2b:c4:5c:c8:28:f5:ef:46:42:4c:5e:4b:40:1e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Jun 14 16:00:28 2025 GMT
            Not After : Jun 15 16:00:28 2025 GMT
        Subject: CN=d8c432d2a3e2ef369459f9f4b602771c43381e4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a7:1a:db:01:b3:c8:c2:3f:df:a6:ee:72:ec:
                    95:bd:cd:54:9a:bd:0a:95:8f:b7:79:fb:65:57:39:
                    12:d7:4c:6c:5f:86:8d:d9:b3:c6:3a:3c:20:9d:bd:
                    db:ef:31:79:d7:19:71:6a:89:9e:f3:a1:86:4f:d4:
                    5b:4a:dc:1a:2d:9a:2f:49:9f:af:d8:77:dd:21:1c:
                    f8:1b:58:47:bb:fc:35:32:5c:b9:62:b9:27:52:94:
                    83:e6:97:93:85:55:4d:8e:b6:a8:05:d2:9a:e2:58:
                    53:8f:78:50:7b:0a:a6:0d:6c:57:a4:a1:c1:c1:f4:
                    31:e2:22:11:6c:71:97:ea:ab:ba:de:12:5b:ec:c2:
                    53:5f:c8:fe:b3:ca:c4:7c:05:31:18:04:33:07:ca:
                    db:c8:b8:fc:60:1c:e9:a9:05:e2:a5:52:70:a9:b2:
                    6a:07:29:c0:47:dd:3e:17:31:b8:c6:ff:b6:a8:90:
                    bb:5f:df:8a:94:2b:cf:3d:df:30:56:d0:28:00:16:
                    1f:3c:79:9f:28:f7:ae:e1:14:31:f2:a4:66:df:91:
                    a8:08:93:c9:31:ae:5d:64:33:c9:cc:79:58:d8:bb:
                    ab:87:57:43:33:b6:f0:a5:92:32:16:81:86:3e:33:
                    81:44:61:30:61:7f:c4:62:16:8f:e4:75:a1:97:65:
                    87:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:C4:32:D2:A3:E2:EF:36:94:59:F9:F4:B6:02:77:1C:43:38:1E:4D
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:11:4e:b2:f7:0e:4d:66:cf:d4:50:68:fd:99:b4:5c:9a:85:
         56:c3:c2:89:1c:1b:fd:e7:e9:6d:f0:fb:d1:b7:42:29:1b:a1:
         07:4f:30:16:8e:7d:6e:d7:42:b3:99:2c:75:56:31:d2:c8:28:
         1b:88:5a:fe:6f:42:fb:36:0b:d3:f2:71:2a:e2:29:6c:fd:d7:
         e6:ce:76:86:9b:56:15:4c:4b:62:58:54:63:e6:32:83:66:54:
         fd:4e:5e:30:b0:3f:f4:4d:dd:c2:09:d3:35:94:75:22:58:3e:
         4e:31:89:60:b1:e3:3a:87:75:b3:cd:e0:fc:fa:9d:18:fb:5f:
         4f:fd:8e:1d:9e:53:09:58:29:62:3f:9b:d1:f6:f5:0d:30:ca:
         2b:68:d8:a3:56:36:4a:27:0e:61:b7:33:22:d6:2d:9e:31:3b:
         53:5e:66:28:61:b3:b8:09:ce:07:05:ee:a0:c8:43:16:19:fa:
         d1:7b:38:bf:9c:1c:3f:aa:13:bc:da:c3:28:09:aa:77:a3:1d:
         c6:71:d7:df:28:8f:01:5b:bc:c1:ff:bc:7b:ac:60:c6:51:e6:
         92:06:37:d7:33:4e:0b:02:63:5f:f5:ec:44:89:df:f9:09:95:
         b6:61:1a:40:44:d7:46:f2:d2:86:92:82:99:32:55:1f:90:cf:
         21:1f:48:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvK8RcyCj170ZCTF5LQB6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUwNjE0MTYwMDI4WhcNMjUwNjE1MTYwMDI4WjAzMTEwLwYDVQQD
EyhkOGM0MzJkMmEzZTJlZjM2OTQ1OWY5ZjRiNjAyNzcxYzQzMzgxZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kca2wGzyMI/36bucuyVvc1Umr0K
lY+3eftlVzkS10xsX4aN2bPGOjwgnb3b7zF51xlxaome86GGT9RbStwaLZovSZ+v
2HfdIRz4G1hHu/w1Mly5YrknUpSD5peThVVNjraoBdKa4lhTj3hQewqmDWxXpKHB
wfQx4iIRbHGX6qu63hJb7MJTX8j+s8rEfAUxGAQzB8rbyLj8YBzpqQXipVJwqbJq
BynAR90+FzG4xv+2qJC7X9+KlCvPPd8wVtAoABYfPHmfKPeu4RQx8qRm35GoCJPJ
Ma5dZDPJzHlY2Lurh1dDM7bwpZIyFoGGPjOBRGEwYX/EYhaP5HWhl2WH/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjEMtKj4u82lFn59LYCdxxDOB5NMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdBFOsvcO
TWbP1FBo/Zm0XJqFVsPCiRwb/efpbfD70bdCKRuhB08wFo59btdCs5ksdVYx0sgo
G4ha/m9C+zYL0/JxKuIpbP3X5s52hptWFUxLYlhUY+Yyg2ZU/U5eMLA/9E3dwgnT
NZR1Ilg+TjGJYLHjOod1s83g/PqdGPtfT/2OHZ5TCVgpYj+b0fb1DTDKK2jYo1Y2
SicOYbczItYtnjE7U15mKGGzuAnOBwXuoMhDFhn60Xs4v5wcP6oTvNrDKAmqd6Md
xnHX3yiPAVu8wf+8e6xgxlHmkgY31zNOCwJjX/XsRInf+QmVtmEaQETXRvLShpKC
mTJVH5DPIR9IMA==
-----END CERTIFICATE-----