Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          9rI5vaN5u8b17QKJKvBQkuLfOJnEJppQ1o0FLwy6TUo=
Subject key identifier:   5C:8C:26:C3:1D:F2:04:22:38:82:2E:4A:25:AC:69:23:70:BA:D5:31
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       01977941650B0CD2DC2B00C9F290B9454CF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          11AC
Signing time:             Mon 16 Jun 2025 15:00:18 +0000
Manifest this update:     Mon 16 Jun 2025 15:00:18 +0000
Manifest next update:     Tue 17 Jun 2025 15:00:18 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: +AIAomtCmByDBypxOudnwYcnGiMmQMmR0KQmeikdtSY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:41:65:0b:0c:d2:dc:2b:00:c9:f2:90:b9:45:4c:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Jun 16 15:00:18 2025 GMT
            Not After : Jun 17 15:00:18 2025 GMT
        Subject: CN=5c8c26c31df2042238822e4a25ac692370bad531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2f:90:65:13:d4:2a:4a:fc:a9:b1:90:6a:74:
                    87:d8:ac:3d:01:d2:49:20:18:ad:ac:19:cb:68:66:
                    0b:12:ee:c4:4a:3d:54:5e:5c:b1:e4:8b:33:55:e9:
                    a2:5a:fe:85:c6:5c:2b:b7:a1:8d:a6:91:40:35:c9:
                    ae:13:20:c3:04:71:84:dc:0a:a1:19:96:db:0a:4a:
                    94:f6:83:09:15:40:e5:20:de:f1:9a:42:87:95:38:
                    f1:33:3a:1e:23:0e:f2:0c:c6:fd:c5:f8:0b:27:85:
                    2f:40:1e:d7:67:ef:16:9b:9c:c6:9a:15:b8:12:97:
                    d5:dd:6d:06:8a:94:b2:80:20:e4:8a:81:2f:41:83:
                    79:d4:71:ee:11:3d:c4:bc:f7:14:43:97:52:76:b4:
                    16:a8:67:79:28:5f:15:e9:40:f1:b7:11:79:d5:8e:
                    07:74:65:9d:36:63:47:c6:5c:2d:86:44:a7:df:cc:
                    d1:d8:03:c6:5f:fa:04:ea:c1:90:06:5d:26:5b:99:
                    5a:4f:23:16:c1:5a:cf:ce:c3:e2:20:55:c4:c1:6e:
                    2e:82:65:d7:e8:c1:57:4b:a4:d5:65:b0:39:47:6b:
                    c4:e4:2f:44:ce:92:ef:c6:12:26:84:77:c5:df:bc:
                    ae:44:ad:2c:b4:f7:9a:b1:01:22:82:63:28:27:99:
                    02:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:8C:26:C3:1D:F2:04:22:38:82:2E:4A:25:AC:69:23:70:BA:D5:31
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:ed:d3:df:2d:46:ad:27:22:95:c6:62:4f:36:b3:4e:19:9e:
         bd:4a:7c:ee:7f:ac:1e:8e:dd:e0:4e:1b:45:c2:34:eb:bd:2a:
         08:9b:b7:cd:b4:91:54:ff:ee:4f:6d:b5:3e:07:4a:3d:17:02:
         50:7d:ce:03:f3:ce:16:8e:53:cb:70:21:d3:af:a0:76:75:b4:
         c1:a0:11:6b:98:37:5b:ff:c3:e2:5f:d5:01:4f:34:e7:38:b9:
         b2:b4:81:cb:5c:0f:86:f6:be:7c:99:38:f3:48:20:46:73:2b:
         54:ed:58:ba:30:b0:dd:c8:4c:d7:ae:75:0b:38:89:14:50:5c:
         a9:61:21:49:cc:e7:9a:b2:89:35:9a:41:ba:89:c8:9f:30:4f:
         25:29:4f:e3:9a:9c:e8:86:4e:78:84:50:ba:26:b7:ab:45:c4:
         2c:6a:1d:3d:41:16:23:32:89:c9:02:9b:93:6b:d5:c0:49:f5:
         a8:fc:f3:5a:42:fe:fa:2f:be:ca:91:58:07:69:81:a0:14:44:
         fb:3a:a7:96:bf:d9:6f:1e:46:a7:06:3f:54:e9:d2:9d:fc:c3:
         4d:f4:3a:94:0d:02:b0:eb:72:e1:36:0f:27:b9:8e:c9:a9:74:
         9f:dd:f7:47:f3:16:f5:58:89:7a:87:a4:41:57:c2:51:c4:85:
         6c:84:92:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5QWULDNLcKwDJ8pC5RUz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUwNjE2MTUwMDE4WhcNMjUwNjE3MTUwMDE4WjAzMTEwLwYDVQQD
Eyg1YzhjMjZjMzFkZjIwNDIyMzg4MjJlNGEyNWFjNjkyMzcwYmFkNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC+QZRPUKkr8qbGQanSH2Kw9AdJJ
IBitrBnLaGYLEu7ESj1UXlyx5IszVemiWv6Fxlwrt6GNppFANcmuEyDDBHGE3Aqh
GZbbCkqU9oMJFUDlIN7xmkKHlTjxMzoeIw7yDMb9xfgLJ4UvQB7XZ+8Wm5zGmhW4
EpfV3W0GipSygCDkioEvQYN51HHuET3EvPcUQ5dSdrQWqGd5KF8V6UDxtxF51Y4H
dGWdNmNHxlwthkSn38zR2APGX/oE6sGQBl0mW5laTyMWwVrPzsPiIFXEwW4ugmXX
6MFXS6TVZbA5R2vE5C9EzpLvxhImhHfF37yuRK0stPeasQEigmMoJ5kCDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyMJsMd8gQiOIIuSiWsaSNwutUxMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqe3T3y1G
rScilcZiTzazThmevUp87n+sHo7d4E4bRcI0670qCJu3zbSRVP/uT221PgdKPRcC
UH3OA/POFo5Ty3Ah06+gdnW0waARa5g3W//D4l/VAU805zi5srSBy1wPhva+fJk4
80ggRnMrVO1YujCw3chM1651CziJFFBcqWEhScznmrKJNZpBuonInzBPJSlP45qc
6IZOeIRQuia3q0XELGodPUEWIzKJyQKbk2vVwEn1qPzzWkL++i++ypFYB2mBoBRE
+zqnlr/Zbx5GpwY/VOnSnfzDTfQ6lA0CsOty4TYPJ7mOyal0n933R/MW9ViJeoek
QVfCUcSFbISSng==
-----END CERTIFICATE-----