Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          7o23WvuC/XEihN6fCaee8pB/23VuII2DNXBTexBbXv8=
Subject key identifier:   85:D6:01:E7:A2:A8:5E:47:0C:13:2D:F4:5C:4C:A8:2C:C8:51:24:D0
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       0198D5BC43785C4D002537A89FA65953D2BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0809
Signing time:             Sat 23 Aug 2025 07:02:21 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:21 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:21 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: yUPHtS0wdTKwgrNLxphpdlbL1b1fiOpCv4tTKDDnBKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:43:78:5c:4d:00:25:37:a8:9f:a6:59:53:d2:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Aug 23 07:02:21 2025 GMT
            Not After : Aug 24 07:02:21 2025 GMT
        Subject: CN=85d601e7a2a85e470c132df45c4ca82cc85124d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:db:ce:0f:2b:95:7b:04:36:37:9a:83:b3:83:
                    04:d8:2b:17:53:9b:ab:64:3f:3e:2c:ca:9a:fb:32:
                    42:93:96:65:75:e2:7e:0e:61:01:9b:9f:60:3b:dd:
                    71:ba:2f:47:fe:c3:69:45:cf:78:e7:5e:41:c2:2e:
                    78:c1:23:b3:65:94:d8:38:c5:b8:35:06:fc:c2:ee:
                    23:10:54:67:fd:4c:ed:a7:f0:df:d8:e0:ad:e2:70:
                    58:b6:ea:f4:04:43:ee:f6:75:d6:11:bc:1b:76:de:
                    c3:d6:43:d2:91:15:2e:c1:bb:db:de:b4:3a:d3:36:
                    5d:76:85:bb:be:61:39:7d:e9:40:dd:66:78:93:51:
                    fa:21:5e:bf:ae:03:db:d3:63:86:7b:b0:c9:ae:3a:
                    e7:52:57:53:4c:23:dc:b0:47:30:c8:c5:1c:99:2d:
                    9c:22:37:7f:88:51:03:f0:57:3d:a5:a0:a0:ba:d2:
                    49:19:b8:35:ec:6e:42:9d:3d:f6:87:3b:56:19:72:
                    41:9f:44:98:5b:7d:64:48:a3:0e:bb:1b:81:5f:07:
                    6e:00:81:8f:7b:17:5b:90:84:ad:26:6e:21:89:f2:
                    fe:1a:d8:1d:d3:75:91:cc:ba:9b:65:a0:8a:75:b2:
                    da:2e:be:de:bf:5b:45:41:ae:e9:a7:95:da:1b:82:
                    05:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D6:01:E7:A2:A8:5E:47:0C:13:2D:F4:5C:4C:A8:2C:C8:51:24:D0
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:b9:70:6f:fd:11:4a:39:20:92:14:20:f8:4c:b4:e6:89:74:
         7e:a6:73:cf:51:5f:f7:5b:a4:45:0d:96:b0:13:9e:ec:95:5a:
         ed:0b:ae:c1:02:5c:af:3d:40:7d:e6:cc:84:e3:6f:ac:ea:36:
         d3:aa:4e:1b:26:f0:02:0a:21:fe:3b:98:84:80:cc:96:1e:34:
         84:f9:0a:29:ca:c2:48:b8:c4:0d:fb:22:64:85:98:f5:fd:98:
         20:e9:de:07:dd:7c:25:ec:aa:b4:c4:03:15:c6:1d:39:50:94:
         bb:dd:7a:f5:bc:78:68:dc:02:7a:5e:ed:e0:ac:04:f7:fa:97:
         1b:c7:44:77:b8:a0:51:6c:e5:ad:11:87:c8:90:8f:57:b6:5d:
         08:9c:a9:1a:a3:13:6f:a8:3b:52:2e:81:0b:11:53:20:f4:8f:
         5c:b0:85:d3:0c:a4:21:cb:25:17:00:4d:3c:79:72:6d:af:87:
         e8:b0:92:cd:8d:57:88:e6:33:4d:87:e5:4e:41:e4:1b:dd:1a:
         d6:59:31:06:ee:bd:df:25:c5:60:db:a2:e6:07:a4:23:33:bb:
         8c:73:02:8e:cd:4a:35:b0:85:53:bf:4b:00:77:7e:44:3c:eb:
         a2:0b:aa:8e:4d:fc:a7:7f:09:b5:3c:23:d5:23:bc:4e:29:e3:
         ad:4f:74:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvEN4XE0AJTeon6ZZU9K6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwODIzMDcwMjIxWhcNMjUwODI0MDcwMjIxWjAzMTEwLwYDVQQD
Eyg4NWQ2MDFlN2EyYTg1ZTQ3MGMxMzJkZjQ1YzRjYTgyY2M4NTEyNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdvODyuVewQ2N5qDs4ME2CsXU5ur
ZD8+LMqa+zJCk5ZldeJ+DmEBm59gO91xui9H/sNpRc94515Bwi54wSOzZZTYOMW4
NQb8wu4jEFRn/Uztp/Df2OCt4nBYtur0BEPu9nXWEbwbdt7D1kPSkRUuwbvb3rQ6
0zZddoW7vmE5felA3WZ4k1H6IV6/rgPb02OGe7DJrjrnUldTTCPcsEcwyMUcmS2c
Ijd/iFED8Fc9paCgutJJGbg17G5CnT32hztWGXJBn0SYW31kSKMOuxuBXwduAIGP
exdbkIStJm4hifL+Gtgd03WRzLqbZaCKdbLaLr7ev1tFQa7pp5XaG4IFvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIXWAeeiqF5HDBMt9FxMqCzIUSTQMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmblwb/0R
SjkgkhQg+Ey05ol0fqZzz1Ff91ukRQ2WsBOe7JVa7QuuwQJcrz1AfebMhONvrOo2
06pOGybwAgoh/juYhIDMlh40hPkKKcrCSLjEDfsiZIWY9f2YIOneB918JeyqtMQD
FcYdOVCUu9169bx4aNwCel7t4KwE9/qXG8dEd7igUWzlrRGHyJCPV7ZdCJypGqMT
b6g7Ui6BCxFTIPSPXLCF0wykIcslFwBNPHlyba+H6LCSzY1XiOYzTYflTkHkG90a
1lkxBu693yXFYNui5gekIzO7jHMCjs1KNbCFU79LAHd+RDzroguqjk38p38JtTwj
1SO8TinjrU907g==
-----END CERTIFICATE-----