Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          1qwyEosyQADVr+pP/bQMdNKxs9hdjy8do9cPPTCHg84=
Subject key identifier:   4E:FC:FD:20:6D:B9:4D:E5:99:DC:CA:95:64:21:C2:40:67:8A:02:3E
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       019893A39DE072E3BF8CE18F0C7B81554A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          0433
Signing time:             Sun 10 Aug 2025 11:00:30 +0000
Manifest this update:     Sun 10 Aug 2025 11:00:30 +0000
Manifest next update:     Mon 11 Aug 2025 11:00:30 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: I8s2Joymoa/Pkgr5Bora/StmJctjIqTFOhhS632ljhY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:a3:9d:e0:72:e3:bf:8c:e1:8f:0c:7b:81:55:4a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Aug 10 11:00:30 2025 GMT
            Not After : Aug 11 11:00:30 2025 GMT
        Subject: CN=4efcfd206db94de599dcca956421c240678a023e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7f:cb:6a:0c:32:9e:aa:29:63:b2:13:80:0b:
                    63:d8:9d:a2:48:a2:64:65:99:86:0f:3a:af:b9:79:
                    5b:c3:b5:d3:3f:60:27:37:c5:b9:33:40:fe:c2:99:
                    8f:cf:ab:4b:7a:cd:34:a0:75:b7:be:e6:6d:4f:7d:
                    1b:05:2b:80:de:f3:f0:93:a5:fa:be:3f:85:bc:b4:
                    ab:cb:e8:89:29:97:18:72:a4:13:09:cc:26:fe:5d:
                    6e:8e:fd:0b:9b:35:fa:36:04:55:6f:9b:72:72:41:
                    d6:29:71:1c:61:c8:b5:2d:55:83:07:0d:f5:d2:d2:
                    f9:08:1e:d6:d3:78:67:a0:94:ed:63:48:89:c6:35:
                    8e:92:e4:1a:36:1f:49:8d:de:7c:f2:13:61:dd:51:
                    ec:07:14:01:40:27:69:b2:60:77:f5:fd:93:0c:2a:
                    e1:48:1e:3d:be:5c:93:2a:02:4c:95:11:fe:cc:91:
                    a6:9d:dd:f6:3c:a1:48:14:a4:8d:fd:52:05:66:ba:
                    87:a2:29:e3:0c:93:a9:05:e8:5f:0e:03:84:95:84:
                    1c:91:3a:1b:74:ab:8b:6a:d0:9c:e4:ec:f3:06:db:
                    19:33:78:d9:21:29:b3:f4:83:fe:93:7a:ef:bf:b2:
                    e0:2b:06:9b:f6:bb:21:5b:d5:02:56:4c:d2:69:64:
                    11:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:FC:FD:20:6D:B9:4D:E5:99:DC:CA:95:64:21:C2:40:67:8A:02:3E
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:41:07:e4:cc:70:dc:7c:9c:ae:10:2e:5e:54:00:43:1d:e5:
         35:08:84:7a:b0:56:22:67:88:ae:e8:36:8d:c5:b3:48:db:fe:
         dc:77:77:65:b5:59:1b:e6:ac:73:a5:56:36:41:df:d0:79:d7:
         1d:9f:36:6d:f1:b5:fb:a1:6c:2b:b5:64:f6:24:2c:be:05:ec:
         c5:96:6c:63:43:67:40:66:6b:41:e5:49:b7:a0:f3:5d:82:6f:
         55:57:51:c8:58:25:1a:45:3c:d3:68:55:49:a0:14:73:d1:c4:
         d8:4c:f2:4d:69:ef:0e:75:00:84:da:77:26:b5:92:82:50:d1:
         60:00:a2:17:8f:10:db:e5:d6:0c:fa:fe:5f:17:14:85:20:8e:
         cb:3d:e2:3b:83:73:b3:d8:ff:26:a9:e4:be:b2:81:89:d1:35:
         c4:4e:b4:ed:01:3e:f0:4f:ca:72:bb:9c:73:e2:f2:20:3a:c2:
         e3:b7:c6:24:38:98:b0:91:0c:fe:9c:08:e8:ca:1b:d2:a8:5f:
         ad:e1:1a:5f:b4:fd:66:67:f5:ae:31:4c:55:6a:04:e3:5f:4f:
         3e:37:02:37:7d:7d:ac:11:99:2c:28:ff:94:61:a1:69:ad:55:
         a3:2a:36:87:48:e9:61:ee:4a:38:5e:9d:80:40:e3:67:eb:9a:
         05:0b:86:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTo53gcuO/jOGPDHuBVUoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUwODEwMTEwMDMwWhcNMjUwODExMTEwMDMwWjAzMTEwLwYDVQQD
Eyg0ZWZjZmQyMDZkYjk0ZGU1OTlkY2NhOTU2NDIxYzI0MDY3OGEwMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3/LagwynqopY7ITgAtj2J2iSKJk
ZZmGDzqvuXlbw7XTP2AnN8W5M0D+wpmPz6tLes00oHW3vuZtT30bBSuA3vPwk6X6
vj+FvLSry+iJKZcYcqQTCcwm/l1ujv0LmzX6NgRVb5tyckHWKXEcYci1LVWDBw31
0tL5CB7W03hnoJTtY0iJxjWOkuQaNh9Jjd588hNh3VHsBxQBQCdpsmB39f2TDCrh
SB49vlyTKgJMlRH+zJGmnd32PKFIFKSN/VIFZrqHoinjDJOpBehfDgOElYQckTob
dKuLatCc5OzzBtsZM3jZISmz9IP+k3rvv7LgKwab9rshW9UCVkzSaWQRZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE78/SBtuU3lmdzKlWQhwkBnigI+MB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkEH5Mxw
3HycrhAuXlQAQx3lNQiEerBWImeIrug2jcWzSNv+3Hd3ZbVZG+asc6VWNkHf0HnX
HZ82bfG1+6FsK7Vk9iQsvgXsxZZsY0NnQGZrQeVJt6DzXYJvVVdRyFglGkU802hV
SaAUc9HE2EzyTWnvDnUAhNp3JrWSglDRYACiF48Q2+XWDPr+XxcUhSCOyz3iO4Nz
s9j/JqnkvrKBidE1xE607QE+8E/Kcrucc+LyIDrC47fGJDiYsJEM/pwI6Mob0qhf
reEaX7T9Zmf1rjFMVWoE419PPjcCN319rBGZLCj/lGGhaa1Voyo2h0jpYe5KOF6d
gEDjZ+uaBQuGDw==
-----END CERTIFICATE-----