Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          +U5BZIHvajlWM+H2bs5AeH7vgzsIfe8fHQpJrobBivs=
Subject key identifier:   13:3A:87:B1:6B:D4:C4:AF:69:6D:86:04:D2:46:BF:D6:11:57:07:08
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       0197B7EA79D0F0177131D3A42FC4F2B8A4A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          03EB
Signing time:             Sat 28 Jun 2025 19:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:26 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: pePfdPFS5uhbFUmVuIyXfyysAlnYV1nC95gjuFglB3E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:79:d0:f0:17:71:31:d3:a4:2f:c4:f2:b8:a4:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Jun 28 19:01:26 2025 GMT
            Not After : Jun 29 19:01:26 2025 GMT
        Subject: CN=133a87b16bd4c4af696d8604d246bfd611570708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:f0:28:43:9d:7d:d3:81:7f:33:e5:15:94:4e:
                    3f:be:b5:c2:f0:b9:fd:62:33:97:13:e7:7d:4a:fc:
                    b1:53:63:a0:89:bb:e2:c8:20:f0:b8:d9:d1:e5:42:
                    b0:76:5a:f5:92:a4:57:61:b9:e5:c3:0b:69:53:8d:
                    45:04:d4:4c:80:43:1d:9a:bd:56:ab:af:14:35:dd:
                    42:8a:05:91:5d:bd:fa:ab:d6:3c:d9:70:e7:94:51:
                    48:05:fe:9c:e5:59:58:b8:1a:07:d9:95:9c:b1:ad:
                    b6:30:96:84:92:64:01:bb:fc:46:f3:17:0a:89:cd:
                    b0:28:e8:52:44:3b:d0:8b:42:ea:89:91:f5:2b:86:
                    05:52:99:0f:be:67:ee:25:bf:a1:21:04:03:0a:4f:
                    ca:2a:e8:a6:6a:b9:65:99:a5:0e:e9:19:b9:3a:02:
                    04:59:b6:79:ba:36:25:41:d3:2b:3d:04:86:6e:3d:
                    ff:5c:2b:0d:65:c0:5d:35:87:36:dc:c7:14:75:77:
                    2b:79:39:4d:81:2f:a2:f2:95:22:a5:4a:c2:a9:66:
                    d0:ab:93:c6:77:a2:13:1a:8e:7e:89:e1:d8:25:18:
                    3a:1a:d0:eb:73:32:ef:b5:e7:5e:c4:49:72:81:fd:
                    6c:be:bd:df:c7:0e:32:0e:40:1d:aa:ad:d9:9e:56:
                    06:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:3A:87:B1:6B:D4:C4:AF:69:6D:86:04:D2:46:BF:D6:11:57:07:08
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:47:37:81:b8:85:51:a3:b4:43:3d:cc:0c:bd:0c:be:a6:15:
         c9:3e:ef:11:f9:91:50:ac:90:3e:9c:04:14:0e:46:18:cf:4c:
         75:39:2a:75:6d:2f:22:e1:a1:37:a7:a6:9f:d7:2f:96:84:fa:
         2f:27:b8:be:29:fd:07:d4:43:6a:5e:dd:da:dc:a5:35:15:db:
         7c:77:9a:7c:a3:0a:bc:fb:3c:bb:9b:2a:db:61:9c:b3:52:5c:
         b9:d9:ff:84:ee:04:0c:49:d1:7a:b7:4f:7b:06:fe:ba:35:9b:
         89:74:70:99:bf:ab:da:bf:83:62:82:f3:e8:45:05:cd:26:ed:
         63:4b:7d:b2:de:28:d0:e9:a9:9d:b0:24:bb:f5:b7:f0:61:b8:
         e3:63:e4:bf:76:5d:e2:b2:7b:d7:35:78:02:cc:81:e1:a6:df:
         db:5e:e2:6e:81:d1:ef:70:b4:d6:1b:7f:f4:dd:7f:7c:2f:80:
         68:a4:fb:f8:5a:16:e3:de:01:70:65:cc:92:34:e8:18:c9:2b:
         10:da:87:fc:e5:51:e7:fa:55:31:ef:8b:f4:c2:5c:50:d2:15:
         97:91:c3:5f:2e:72:0c:61:33:fc:d0:e5:f9:af:16:ab:18:d4:
         dd:77:93:16:ed:58:8a:99:8a:ed:97:35:f3:4d:4a:1b:39:fe:
         e4:2d:5c:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36nnQ8BdxMdOkL8TyuKSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwNjI4MTkwMTI2WhcNMjUwNjI5MTkwMTI2WjAzMTEwLwYDVQQD
EygxMzNhODdiMTZiZDRjNGFmNjk2ZDg2MDRkMjQ2YmZkNjExNTcwNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vAoQ51904F/M+UVlE4/vrXC8Ln9
YjOXE+d9SvyxU2OgibviyCDwuNnR5UKwdlr1kqRXYbnlwwtpU41FBNRMgEMdmr1W
q68UNd1CigWRXb36q9Y82XDnlFFIBf6c5VlYuBoH2ZWcsa22MJaEkmQBu/xG8xcK
ic2wKOhSRDvQi0LqiZH1K4YFUpkPvmfuJb+hIQQDCk/KKuimarllmaUO6Rm5OgIE
WbZ5ujYlQdMrPQSGbj3/XCsNZcBdNYc23McUdXcreTlNgS+i8pUipUrCqWbQq5PG
d6ITGo5+ieHYJRg6GtDrczLvtedexElygf1svr3fxw4yDkAdqq3ZnlYGiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBM6h7Fr1MSvaW2GBNJGv9YRVwcIMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC0c3gbiF
UaO0Qz3MDL0MvqYVyT7vEfmRUKyQPpwEFA5GGM9MdTkqdW0vIuGhN6emn9cvloT6
Lye4vin9B9RDal7d2tylNRXbfHeafKMKvPs8u5sq22Gcs1Jcudn/hO4EDEnRerdP
ewb+ujWbiXRwmb+r2r+DYoLz6EUFzSbtY0t9st4o0OmpnbAku/W38GG442Pkv3Zd
4rJ71zV4AsyB4abf217iboHR73C01ht/9N1/fC+AaKT7+FoW494BcGXMkjToGMkr
ENqH/OVR5/pVMe+L9MJcUNIVl5HDXy5yDGEz/NDl+a8WqxjU3XeTFu1YipmK7Zc1
801KGzn+5C1cRg==
-----END CERTIFICATE-----