Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          3NaUfT2HFST7BpNvLWdQtsZmw/RQHJErVtBUUmBT+ZU=
Subject key identifier:   93:80:E7:50:49:06:DE:A0:43:CA:B1:B8:4E:06:5B:44:6C:00:7F:CC
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       01976DAB79A553A01E30F8AE67EFE2C668F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          0560
Signing time:             Sat 14 Jun 2025 09:00:43 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:43 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:43 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: 41Yw+R5jbRGyaUrRQCf82EC+dK69s4BjuV0or0oVf1Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:79:a5:53:a0:1e:30:f8:ae:67:ef:e2:c6:68:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Jun 14 09:00:43 2025 GMT
            Not After : Jun 15 09:00:43 2025 GMT
        Subject: CN=9380e7504906dea043cab1b84e065b446c007fcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:45:db:73:ba:0e:5d:82:79:aa:ba:80:dd:21:
                    85:1a:59:5a:f6:e4:ad:08:3f:67:29:5d:a8:eb:80:
                    81:31:05:d8:44:57:a1:90:06:73:18:e1:3b:ec:0a:
                    a7:53:a3:1d:df:40:b2:9f:08:e8:61:8d:a8:b9:6d:
                    34:ef:c2:34:46:0b:86:9c:08:79:06:83:3a:65:23:
                    95:10:e7:51:b6:5d:bd:14:f0:97:a2:09:c1:b9:72:
                    c2:07:b9:23:6b:dd:96:f0:9c:8b:eb:b9:b1:a9:d4:
                    33:90:81:65:49:b2:21:97:61:c5:f6:d1:0b:e5:b6:
                    fa:8b:50:3b:c4:2a:41:0b:b5:82:7b:d7:8f:bd:d8:
                    5d:eb:1a:9d:5e:66:19:e7:e0:c8:bb:24:42:96:86:
                    47:30:b3:09:b9:8b:bb:9c:c7:b5:a5:4b:59:d8:d8:
                    9c:2c:90:44:34:ca:91:b5:04:55:cc:87:e6:4d:a8:
                    93:7f:aa:81:1a:5b:1a:a7:b5:da:24:7f:20:18:07:
                    93:d1:db:63:1e:26:cd:32:13:03:f5:55:a3:67:25:
                    91:d6:bf:00:d5:0e:f8:ea:a6:1a:6d:29:79:6f:ca:
                    58:db:67:ed:53:ff:be:e3:54:cf:e0:d0:0c:e8:e0:
                    e8:a4:80:2d:7b:ad:52:a2:84:40:88:b5:ac:33:e0:
                    53:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:80:E7:50:49:06:DE:A0:43:CA:B1:B8:4E:06:5B:44:6C:00:7F:CC
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:1b:3e:be:d8:60:7c:78:3d:2e:30:4c:65:d7:17:49:ce:aa:
         42:8f:8d:18:95:e6:58:bd:67:de:ab:e3:07:c5:ae:97:ea:e9:
         bc:db:1a:9c:4f:18:42:77:ac:0a:80:a1:78:1d:8c:d2:f9:8c:
         fa:35:82:bb:b7:4d:a3:c3:12:16:bc:a3:5b:a6:a0:30:1f:f5:
         a7:3d:5b:2f:8a:45:e5:23:4d:79:69:bd:d3:34:ab:dd:c5:41:
         7d:68:2b:0b:60:bc:1d:f9:5a:5a:35:35:dd:3d:55:d3:64:83:
         74:05:06:43:a0:63:38:4c:97:a5:bf:c3:5e:d7:da:ba:4f:5b:
         53:3e:6a:44:47:57:fc:e9:1f:4d:95:45:5f:d0:d2:42:f7:e8:
         0d:ec:d6:04:91:f9:e5:52:7c:71:6d:bd:af:6b:8e:22:cf:cc:
         f0:c1:f3:0a:40:cf:ed:fa:79:fc:77:24:29:13:75:4a:45:a7:
         7e:46:8a:ed:eb:07:09:55:93:de:12:c4:d5:96:04:02:22:71:
         b5:67:c6:6e:40:c0:5b:20:93:be:6f:c7:4a:8f:8c:53:1a:49:
         a2:09:dc:7f:c8:9c:3e:71:35:20:da:f5:5f:92:0c:09:57:6b:
         f4:a1:68:66:fd:43:c3:e2:e3:46:52:20:47:b6:40:d4:7c:c8:
         ac:53:26:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq3mlU6AeMPiuZ+/ixmj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUwNjE0MDkwMDQzWhcNMjUwNjE1MDkwMDQzWjAzMTEwLwYDVQQD
Eyg5MzgwZTc1MDQ5MDZkZWEwNDNjYWIxYjg0ZTA2NWI0NDZjMDA3ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkXbc7oOXYJ5qrqA3SGFGlla9uSt
CD9nKV2o64CBMQXYRFehkAZzGOE77AqnU6Md30CynwjoYY2ouW0078I0RguGnAh5
BoM6ZSOVEOdRtl29FPCXognBuXLCB7kja92W8JyL67mxqdQzkIFlSbIhl2HF9tEL
5bb6i1A7xCpBC7WCe9ePvdhd6xqdXmYZ5+DIuyRCloZHMLMJuYu7nMe1pUtZ2Nic
LJBENMqRtQRVzIfmTaiTf6qBGlsap7XaJH8gGAeT0dtjHibNMhMD9VWjZyWR1r8A
1Q746qYabSl5b8pY22ftU/++41TP4NAM6ODopIAte61SooRAiLWsM+BTJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOA51BJBt6gQ8qxuE4GW0RsAH/MMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhs+vthg
fHg9LjBMZdcXSc6qQo+NGJXmWL1n3qvjB8Wul+rpvNsanE8YQnesCoCheB2M0vmM
+jWCu7dNo8MSFryjW6agMB/1pz1bL4pF5SNNeWm90zSr3cVBfWgrC2C8HflaWjU1
3T1V02SDdAUGQ6BjOEyXpb/DXtfauk9bUz5qREdX/OkfTZVFX9DSQvfoDezWBJH5
5VJ8cW29r2uOIs/M8MHzCkDP7fp5/HckKRN1SkWnfkaK7esHCVWT3hLE1ZYEAiJx
tWfGbkDAWyCTvm/HSo+MUxpJogncf8icPnE1INr1X5IMCVdr9KFoZv1Dw+LjRlIg
R7ZA1HzIrFMmMg==
-----END CERTIFICATE-----