Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          f2fhEcWh/fMVHd06loXg71NQArBAWfl7uyxmx6uqNc0=
Subject key identifier:   05:48:73:E6:5B:B9:0D:60:A4:02:28:AA:AC:37:B3:3B:61:91:71:A5
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       01976C61F03A84F1D37C113BB903B1122D2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          04DA
Signing time:             Sat 14 Jun 2025 03:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 03:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 03:00:47 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: QIF+91gEETH2apLIvNphAmLmbstA+QmTdAqueSa2jXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:61:f0:3a:84:f1:d3:7c:11:3b:b9:03:b1:12:2d:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Jun 14 03:00:47 2025 GMT
            Not After : Jun 15 03:00:47 2025 GMT
        Subject: CN=054873e65bb90d60a40228aaac37b33b619171a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:31:09:8d:80:82:9c:c7:fa:99:ab:9a:fa:98:
                    20:08:d0:87:fc:2d:c7:b0:99:73:f7:89:43:62:6e:
                    67:6c:57:3c:8b:96:ea:d9:cf:55:12:65:2d:56:37:
                    84:1d:bc:03:4c:95:70:76:e1:e7:17:2f:cd:07:cd:
                    c5:1b:4a:32:50:32:53:cd:9f:df:39:56:44:5e:77:
                    00:60:04:4c:fa:4b:d5:47:b4:e3:5a:bc:f6:db:fd:
                    96:48:84:17:75:eb:06:28:3f:f2:07:01:d2:92:46:
                    ce:1b:fc:fc:78:d5:7a:cf:9b:27:50:a8:0f:5b:bf:
                    af:00:02:c4:2a:70:4e:e6:96:bd:be:06:47:3f:e3:
                    c7:d9:a4:87:2e:bd:bf:90:48:ac:ea:4b:b0:50:58:
                    50:e3:5c:81:1a:c5:cf:d3:a0:93:e4:15:26:00:3d:
                    c2:3e:90:55:ec:a9:4d:f1:95:2f:95:8e:d0:c9:ff:
                    eb:4d:96:0d:9a:dd:fd:82:68:7c:96:ca:66:0a:57:
                    92:48:10:21:db:b8:ae:03:75:ce:4d:b6:31:20:86:
                    09:63:94:51:ab:5e:97:46:c6:e2:14:bd:98:76:a6:
                    7a:be:4c:76:91:d1:d5:e1:e8:3f:35:69:b3:66:b3:
                    c9:11:7b:10:82:26:e8:2e:24:8e:9c:77:13:64:5e:
                    91:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:48:73:E6:5B:B9:0D:60:A4:02:28:AA:AC:37:B3:3B:61:91:71:A5
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:d5:0d:fb:69:d7:c0:c1:f8:3f:31:e5:b6:03:41:b0:72:3d:
         c8:ab:11:7a:62:79:4b:e7:bc:6e:06:18:0d:3f:ce:7e:06:55:
         b8:a3:dc:84:2a:c3:1d:a9:a9:69:a5:1c:2a:fe:20:9d:dd:95:
         58:4a:08:82:e4:2a:62:21:36:d1:2e:fc:f6:af:6b:41:45:7b:
         ad:5e:68:25:23:b5:e4:4a:b0:9c:fc:23:3c:31:5a:ea:12:8d:
         88:3a:26:c0:83:4f:92:c6:11:2b:6c:00:c0:46:22:6d:a5:c1:
         f3:e1:84:19:8a:3e:50:29:b8:77:32:50:ac:e2:ee:ed:cc:f1:
         c8:92:d1:fb:6b:72:20:36:59:18:50:e6:e5:43:1e:ee:ac:4d:
         fe:8b:39:27:bc:84:44:65:c7:68:d4:94:08:11:44:8a:43:69:
         1d:51:c7:76:69:9d:14:ca:58:eb:89:14:49:ca:b7:df:98:9a:
         20:b4:ef:5d:f9:1e:99:92:86:58:8b:6a:f8:36:2d:4d:a0:ec:
         ef:df:d2:60:ee:0b:fe:dc:a8:94:fb:30:37:e3:f6:dc:24:6b:
         96:35:50:a5:ce:b4:42:f6:68:c7:d3:63:d4:f0:d4:cc:a0:3d:
         7a:71:7a:f3:58:12:4d:2a:1b:8a:d9:d4:15:bc:04:ab:8a:4b:
         7f:2c:72:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsYfA6hPHTfBE7uQOxEi0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUwNjE0MDMwMDQ3WhcNMjUwNjE1MDMwMDQ3WjAzMTEwLwYDVQQD
EygwNTQ4NzNlNjViYjkwZDYwYTQwMjI4YWFhYzM3YjMzYjYxOTE3MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujEJjYCCnMf6maua+pggCNCH/C3H
sJlz94lDYm5nbFc8i5bq2c9VEmUtVjeEHbwDTJVwduHnFy/NB83FG0oyUDJTzZ/f
OVZEXncAYARM+kvVR7TjWrz22/2WSIQXdesGKD/yBwHSkkbOG/z8eNV6z5snUKgP
W7+vAALEKnBO5pa9vgZHP+PH2aSHLr2/kEis6kuwUFhQ41yBGsXP06CT5BUmAD3C
PpBV7KlN8ZUvlY7Qyf/rTZYNmt39gmh8lspmCleSSBAh27iuA3XOTbYxIIYJY5RR
q16XRsbiFL2YdqZ6vkx2kdHV4eg/NWmzZrPJEXsQgiboLiSOnHcTZF6RfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVIc+ZbuQ1gpAIoqqw3szthkXGlMB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKdUN+2nX
wMH4PzHltgNBsHI9yKsRemJ5S+e8bgYYDT/OfgZVuKPchCrDHampaaUcKv4gnd2V
WEoIguQqYiE20S789q9rQUV7rV5oJSO15EqwnPwjPDFa6hKNiDomwINPksYRK2wA
wEYibaXB8+GEGYo+UCm4dzJQrOLu7czxyJLR+2tyIDZZGFDm5UMe7qxN/os5J7yE
RGXHaNSUCBFEikNpHVHHdmmdFMpY64kUScq335iaILTvXfkemZKGWItq+DYtTaDs
79/SYO4L/tyolPswN+P23CRrljVQpc60QvZox9Nj1PDUzKA9enF681gSTSobitnU
FbwEq4pLfyxyrw==
-----END CERTIFICATE-----