Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
File:                     HwGmewzRspUViU7OlrUurL4EG9Q.mft (raw, json)
Hash identifier:          IR5aRSisQTIHT62Viv95e9cSf1sLQp+KK3SV7TcX2Mg=
Subject key identifier:   45:68:42:0C:3F:08:A2:67:49:D6:B1:4D:0B:DC:9A:B9:C6:72:4C:3C
Authority key identifier: 1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4
Certificate issuer:       /CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
Certificate serial:       0198D4731577265D54649868929C679AB4FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
Manifest number:          097B
Signing time:             Sat 23 Aug 2025 01:02:48 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:48 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:48 +0000
Files and hashes:         1: HwGmewzRspUViU7OlrUurL4EG9Q.crl (hash: qd5pDpvq+YK1kmnI/GHkytDHsDxY+TF4gtg8GC3QmXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:15:77:26:5d:54:64:98:68:92:9c:67:9a:b4:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f01a67b0cd1b29515894ece96b52eacbe041bd4
        Validity
            Not Before: Aug 23 01:02:48 2025 GMT
            Not After : Aug 24 01:02:48 2025 GMT
        Subject: CN=4568420c3f08a26749d6b14d0bdc9ab9c6724c3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:6e:11:57:bd:8b:ca:14:30:16:cd:ae:ac:69:
                    ce:ce:d3:0c:86:1e:5b:33:d9:38:93:bd:e3:b7:47:
                    ea:a1:47:1d:a7:8b:65:4b:13:3d:2c:5a:52:cf:f5:
                    41:26:27:6f:a8:0f:71:0d:ae:16:3d:d0:84:c1:80:
                    38:75:c7:12:65:17:15:84:79:d9:20:1d:02:98:e7:
                    fa:5b:f4:f9:58:1a:e9:89:cf:60:4b:e3:c7:3b:41:
                    0d:86:a5:24:81:84:db:fc:8c:e7:86:cf:e7:8c:fb:
                    6e:09:65:d8:5a:31:d5:63:5a:52:c5:dc:65:98:3c:
                    ac:b1:a2:c6:c0:72:41:b6:db:60:06:71:8d:36:1f:
                    e8:f1:37:1c:90:23:f5:bb:a1:5f:64:18:97:54:21:
                    44:db:83:a9:e2:57:b4:0d:a9:72:f6:90:15:41:bd:
                    51:fb:3e:b3:65:8c:60:b6:cb:d8:2a:40:00:f1:55:
                    55:21:8c:2e:96:75:8b:25:e6:15:e7:b2:e9:e1:16:
                    f4:d8:98:b9:36:78:93:a4:f6:34:d4:87:16:cc:39:
                    f9:3b:8b:85:94:08:4f:e3:02:4d:a2:c2:bc:d8:ee:
                    52:8c:9e:aa:bb:0c:bb:7a:e1:09:02:a6:cd:12:47:
                    5a:7b:1a:28:d1:d2:dc:42:4e:8f:68:25:ce:6e:76:
                    93:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:68:42:0C:3F:08:A2:67:49:D6:B1:4D:0B:DC:9A:B9:C6:72:4C:3C
            X509v3 Authority Key Identifier:
                keyid:1F:01:A6:7B:0C:D1:B2:95:15:89:4E:CE:96:B5:2E:AC:BE:04:1B:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwGmewzRspUViU7OlrUurL4EG9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/ea2e93-31d0-48ad-87ec-bdc117122efb/1/HwGmewzRspUViU7OlrUurL4EG9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:f4:16:1a:7a:7d:b3:90:85:e3:ca:b0:b7:0c:00:96:03:d3:
         aa:81:a2:4c:f1:e5:fc:5c:5d:b7:fb:ba:10:90:38:d1:2a:44:
         d9:1d:17:d8:ab:2e:12:8c:d5:02:2a:ee:f4:19:c5:92:9b:e1:
         0c:79:3c:b6:03:35:9c:d8:91:aa:18:82:9e:f5:44:39:7e:47:
         f7:31:15:bd:bf:70:d2:9a:a7:07:4b:39:74:e9:85:33:4d:56:
         12:a1:27:df:c8:43:05:13:ff:47:ea:1e:31:5b:d8:26:dc:e0:
         fd:18:8d:1f:f5:76:a9:ff:d3:34:18:9d:4f:22:80:a7:e0:a4:
         94:23:3b:f2:71:be:d9:b9:cb:ed:18:de:bc:18:3b:42:5d:2e:
         01:03:60:ca:76:4f:94:84:d8:3a:c5:a2:ae:26:0b:39:73:89:
         a4:48:3e:b6:09:de:c5:2a:4f:c6:8d:23:df:7c:dc:c0:a3:96:
         00:6c:af:16:27:87:93:91:7a:9e:0c:24:ca:38:8c:13:79:62:
         f2:24:16:e9:da:60:53:43:05:7e:c9:36:fe:5a:39:41:fe:b7:
         c6:7e:f8:cf:f9:26:56:cb:94:aa:ea:44:8d:d0:5e:db:d6:3f:
         19:6b:2a:85:47:eb:20:7a:1e:c3:9b:ac:24:17:4a:3d:69:09:
         ff:ae:a8:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcxV3Jl1UZJhokpxnmrT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDFhNjdiMGNkMWIyOTUxNTg5NGVjZTk2YjUyZWFjYmUw
NDFiZDQwHhcNMjUwODIzMDEwMjQ4WhcNMjUwODI0MDEwMjQ4WjAzMTEwLwYDVQQD
Eyg0NTY4NDIwYzNmMDhhMjY3NDlkNmIxNGQwYmRjOWFiOWM2NzI0YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m4RV72LyhQwFs2urGnOztMMhh5b
M9k4k73jt0fqoUcdp4tlSxM9LFpSz/VBJidvqA9xDa4WPdCEwYA4dccSZRcVhHnZ
IB0CmOf6W/T5WBrpic9gS+PHO0ENhqUkgYTb/Iznhs/njPtuCWXYWjHVY1pSxdxl
mDyssaLGwHJBtttgBnGNNh/o8TcckCP1u6FfZBiXVCFE24Op4le0Daly9pAVQb1R
+z6zZYxgtsvYKkAA8VVVIYwulnWLJeYV57Lp4Rb02Ji5NniTpPY01IcWzDn5O4uF
lAhP4wJNosK82O5SjJ6quwy7euEJAqbNEkdaexoo0dLcQk6PaCXObnaTvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVoQgw/CKJnSdaxTQvcmrnGckw8MB8GA1UdIwQY
MBaAFB8BpnsM0bKVFYlOzpa1Lqy+BBvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMt
YmRjMTE3MTIyZWZiLzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lYTJlOTMtMzFkMC00OGFkLTg3ZWMtYmRjMTE3MTIyZWZi
LzEvSHdHbWV3elJzcFVWaVU3T2xyVXVyTDRFRzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGfQWGnp9
s5CF48qwtwwAlgPTqoGiTPHl/Fxdt/u6EJA40SpE2R0X2KsuEozVAiru9BnFkpvh
DHk8tgM1nNiRqhiCnvVEOX5H9zEVvb9w0pqnB0s5dOmFM01WEqEn38hDBRP/R+oe
MVvYJtzg/RiNH/V2qf/TNBidTyKAp+CklCM78nG+2bnL7RjevBg7Ql0uAQNgynZP
lITYOsWiriYLOXOJpEg+tgnexSpPxo0j33zcwKOWAGyvFieHk5F6ngwkyjiME3li
8iQW6dpgU0MFfsk2/lo5Qf63xn74z/kmVsuUqupEjdBe29Y/GWsqhUfrIHoew5us
JBdKPWkJ/66ogQ==
-----END CERTIFICATE-----