Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          cBteTECnO0HfN3hrcWzhWOKA1quR++wkoykFFuElwSY=
Subject key identifier:   9E:5F:B8:25:2A:2F:7C:9B:65:B4:AB:09:86:4F:78:FB:DB:66:5F:7F
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       0199FD3445EC40C07B3FC50A660C3AA6456E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          08A2
Signing time:             Sun 19 Oct 2025 16:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:25 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: TvNCEh34Pf01r8ZxRjpbOB0HtIS8njk7Dh6eERJ1/fM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:45:ec:40:c0:7b:3f:c5:0a:66:0c:3a:a6:45:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Oct 19 16:01:25 2025 GMT
            Not After : Oct 20 16:01:25 2025 GMT
        Subject: CN=9e5fb8252a2f7c9b65b4ab09864f78fbdb665f7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:45:ba:eb:39:c8:74:84:ec:a9:c5:08:29:04:
                    44:b0:c6:26:7f:3a:8f:7b:d9:51:b2:9a:26:65:40:
                    5d:c1:6d:2c:99:6c:7b:d2:4f:94:ce:0d:b9:91:39:
                    9c:ea:59:6d:99:50:d5:5c:98:55:e7:d2:19:2e:fc:
                    96:2f:b5:2d:67:6c:de:72:92:dd:9f:89:7d:be:e8:
                    09:fc:6b:8e:77:d4:cd:d8:97:d6:5e:0f:a3:c1:37:
                    a8:2b:90:9c:c8:46:1f:ba:47:59:a1:e9:70:60:bf:
                    18:24:67:6a:a6:cb:ad:10:1c:76:43:75:41:06:6a:
                    33:c9:f9:b2:bb:0e:fb:d0:2c:d8:2b:18:c9:9e:8d:
                    80:b9:bb:8a:00:b4:f0:03:32:1f:94:de:5c:fa:6d:
                    b2:a9:3b:c0:b6:39:4f:23:4f:c1:80:1d:d2:8a:43:
                    ce:cf:74:39:b1:87:93:fa:a0:9c:ee:96:05:94:22:
                    78:cc:5c:85:75:cb:90:e1:78:be:17:33:e2:e8:9f:
                    6f:06:e6:6a:ff:80:2c:72:23:f4:6e:26:73:1e:e2:
                    9a:d1:da:a9:54:66:77:ac:88:bf:0b:cf:e0:a8:d4:
                    1f:7d:19:d3:ac:ec:6b:8b:b3:ef:ae:f3:41:13:b6:
                    26:f8:80:0c:bf:cf:27:bb:cf:38:b7:f5:2e:ff:ab:
                    d2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:5F:B8:25:2A:2F:7C:9B:65:B4:AB:09:86:4F:78:FB:DB:66:5F:7F
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:04:cc:bd:ad:08:eb:a0:ec:20:ff:a5:3c:95:5b:8f:6b:ff:
         af:ed:04:83:b5:f1:69:c6:04:34:1e:75:9a:8e:d5:52:99:b2:
         d1:c8:84:e5:e6:a9:d1:87:37:3c:73:1e:18:2f:9b:51:b6:6f:
         fb:e8:8a:20:84:d8:8e:88:35:a4:14:16:52:d3:76:42:27:cb:
         b1:67:10:31:ff:28:3e:3a:9d:57:3f:c1:df:6b:27:69:15:3c:
         c6:03:72:63:07:27:ad:38:d1:e6:04:45:90:8e:1d:05:d3:ae:
         28:8d:9d:72:66:12:d0:48:0e:ad:0e:7e:cf:6a:cc:1b:08:82:
         27:0b:18:ba:5e:76:fb:75:c4:3d:de:bd:de:7d:b4:89:af:a3:
         67:e8:36:d4:3d:75:51:02:ad:78:10:b5:70:70:2e:d6:4c:fb:
         37:2d:40:d6:09:be:5a:3c:13:68:3c:83:91:fb:99:ef:10:f9:
         64:a9:7d:02:19:71:3e:fb:0f:f8:3b:de:9e:ed:6a:f1:a5:f8:
         5a:0b:35:30:84:50:fe:1e:28:20:4c:9f:f9:b8:5c:d6:56:fe:
         21:a2:12:57:c9:1b:59:e2:48:8e:c7:0b:e1:61:a8:b6:9e:94:
         96:09:6c:5f:74:18:96:60:8f:13:4c:af:43:1f:5d:40:8e:8f:
         d4:a7:48:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NEXsQMB7P8UKZgw6pkVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUxMDE5MTYwMTI1WhcNMjUxMDIwMTYwMTI1WjAzMTEwLwYDVQQD
Eyg5ZTVmYjgyNTJhMmY3YzliNjViNGFiMDk4NjRmNzhmYmRiNjY1ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkW66znIdITsqcUIKQREsMYmfzqP
e9lRspomZUBdwW0smWx70k+Uzg25kTmc6lltmVDVXJhV59IZLvyWL7UtZ2zecpLd
n4l9vugJ/GuOd9TN2JfWXg+jwTeoK5CcyEYfukdZoelwYL8YJGdqpsutEBx2Q3VB
Bmozyfmyuw770CzYKxjJno2AubuKALTwAzIflN5c+m2yqTvAtjlPI0/BgB3SikPO
z3Q5sYeT+qCc7pYFlCJ4zFyFdcuQ4Xi+FzPi6J9vBuZq/4AsciP0biZzHuKa0dqp
VGZ3rIi/C8/gqNQffRnTrOxri7PvrvNBE7Ym+IAMv88nu884t/Uu/6vS2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5fuCUqL3ybZbSrCYZPePvbZl9/MB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACATMva0I
66DsIP+lPJVbj2v/r+0Eg7XxacYENB51mo7VUpmy0ciE5eap0Yc3PHMeGC+bUbZv
++iKIITYjog1pBQWUtN2QifLsWcQMf8oPjqdVz/B32snaRU8xgNyYwcnrTjR5gRF
kI4dBdOuKI2dcmYS0EgOrQ5+z2rMGwiCJwsYul52+3XEPd693n20ia+jZ+g21D11
UQKteBC1cHAu1kz7Ny1A1gm+WjwTaDyDkfuZ7xD5ZKl9AhlxPvsP+Dvenu1q8aX4
Wgs1MIRQ/h4oIEyf+bhc1lb+IaISV8kbWeJIjscL4WGotp6UlglsX3QYlmCPE0yv
Qx9dQI6P1KdIOA==
-----END CERTIFICATE-----