Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          c+iG3kP0fjE8HFG8GoRy+Vb0UEPi/VVsOOWkINdCsq0=
Subject key identifier:   D0:42:B2:5E:7D:B4:94:3C:C4:D8:89:E2:3D:07:14:AE:4A:9D:E8:A4
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       0198D5BB8960C2ED8C327032F1816A676306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0B15
Signing time:             Sat 23 Aug 2025 07:01:34 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:34 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:34 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: kFV5uJUKV3s2yCAFZY+bZtdlQslTOmJ2U2p5E74NiPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:89:60:c2:ed:8c:32:70:32:f1:81:6a:67:63:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Aug 23 07:01:34 2025 GMT
            Not After : Aug 24 07:01:34 2025 GMT
        Subject: CN=d042b25e7db4943cc4d889e23d0714ae4a9de8a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:10:79:ac:3e:5e:ef:81:14:a7:6e:91:3a:e6:
                    12:d6:af:69:27:45:31:dd:11:44:3a:04:11:8e:71:
                    c8:f5:30:3d:2b:b5:52:1a:54:3d:dc:ff:4f:2f:d6:
                    d1:a7:ac:04:bf:2d:0f:7f:84:a0:7a:74:a5:bb:a5:
                    6d:be:95:a4:3a:1a:61:b0:91:9e:f4:18:69:6c:22:
                    08:39:25:2a:65:ed:5d:21:3c:1b:5d:ed:86:06:cc:
                    52:77:03:78:7d:ef:be:14:19:89:39:4f:29:f4:08:
                    c6:9f:e0:38:35:00:d0:9f:95:8d:2b:77:ce:1b:c9:
                    c4:e2:4f:39:db:19:f6:ab:bf:1c:c3:87:ae:dc:a7:
                    48:c6:43:6b:f0:c2:6f:bc:74:2f:39:93:2c:d3:49:
                    6d:85:9e:1b:40:d6:64:9b:39:e2:b3:04:74:bc:ea:
                    d3:85:84:63:ac:73:d1:68:4c:fc:10:94:43:f6:bc:
                    09:27:ae:3d:cd:43:1c:a6:c6:96:58:0e:4a:dc:b1:
                    75:aa:09:ee:3a:35:be:bb:a4:8c:66:a6:dd:55:01:
                    35:70:b6:b7:07:a9:0c:dd:25:76:36:31:82:c5:8a:
                    a7:4d:78:d9:89:4f:81:be:2b:69:5d:8d:ec:8f:dd:
                    52:52:dd:54:94:46:23:5b:bd:f4:8d:a3:09:7a:0b:
                    38:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:42:B2:5E:7D:B4:94:3C:C4:D8:89:E2:3D:07:14:AE:4A:9D:E8:A4
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0d:f7:b4:f7:1c:d3:1e:a5:a4:e7:4c:28:15:e4:e5:25:4c:
         88:ec:65:17:3f:cb:b7:67:34:dc:b8:11:81:13:d6:88:b6:87:
         53:a9:27:27:e4:2f:a5:c9:85:d7:e8:67:a5:2f:59:c5:5a:6a:
         95:00:43:37:a6:4a:c2:fa:45:e5:24:4e:28:03:f2:d0:5c:ff:
         1a:93:ab:73:8a:c1:8a:34:fa:ec:bd:a1:02:1e:75:a3:d1:24:
         64:2a:42:4b:a9:51:e8:10:db:b9:d1:13:03:4f:b9:c3:61:4e:
         a0:53:ff:5c:33:b9:e9:ca:78:f7:96:72:5f:d8:6f:60:da:c9:
         b8:a6:0a:22:93:85:49:d6:fe:29:68:3b:3a:67:12:f7:e3:0e:
         48:03:68:1c:56:13:7c:b6:00:e6:ea:42:38:54:10:07:7a:41:
         a4:b2:42:e3:05:9c:40:2d:e5:f0:ce:af:f2:ce:67:7b:9c:84:
         b3:bb:df:b6:37:3c:01:79:47:ae:ea:90:18:64:6d:71:fc:b1:
         70:8b:6b:98:96:d9:c0:9a:e0:86:26:e0:e9:ce:41:83:bb:6e:
         59:b9:83:5c:78:cd:ca:0d:97:6d:53:b4:d5:d2:56:32:32:39:
         1a:2a:db:22:0d:fc:f3:7f:dc:3a:d8:a1:01:6b:0d:dd:c8:52:
         d7:63:75:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu4lgwu2MMnAy8YFqZ2MGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUwODIzMDcwMTM0WhcNMjUwODI0MDcwMTM0WjAzMTEwLwYDVQQD
EyhkMDQyYjI1ZTdkYjQ5NDNjYzRkODg5ZTIzZDA3MTRhZTRhOWRlOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hB5rD5e74EUp26ROuYS1q9pJ0Ux
3RFEOgQRjnHI9TA9K7VSGlQ93P9PL9bRp6wEvy0Pf4SgenSlu6VtvpWkOhphsJGe
9BhpbCIIOSUqZe1dITwbXe2GBsxSdwN4fe++FBmJOU8p9AjGn+A4NQDQn5WNK3fO
G8nE4k852xn2q78cw4eu3KdIxkNr8MJvvHQvOZMs00lthZ4bQNZkmzniswR0vOrT
hYRjrHPRaEz8EJRD9rwJJ649zUMcpsaWWA5K3LF1qgnuOjW+u6SMZqbdVQE1cLa3
B6kM3SV2NjGCxYqnTXjZiU+BvitpXY3sj91SUt1UlEYjW730jaMJegs4EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBCsl59tJQ8xNiJ4j0HFK5KneikMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkg33tPcc
0x6lpOdMKBXk5SVMiOxlFz/Lt2c03LgRgRPWiLaHU6knJ+QvpcmF1+hnpS9ZxVpq
lQBDN6ZKwvpF5SROKAPy0Fz/GpOrc4rBijT67L2hAh51o9EkZCpCS6lR6BDbudET
A0+5w2FOoFP/XDO56cp495ZyX9hvYNrJuKYKIpOFSdb+KWg7OmcS9+MOSANoHFYT
fLYA5upCOFQQB3pBpLJC4wWcQC3l8M6v8s5ne5yEs7vftjc8AXlHruqQGGRtcfyx
cItrmJbZwJrghibg6c5Bg7tuWbmDXHjNyg2XbVO01dJWMjI5GirbIg3883/cOtih
AWsN3chS12N1tA==
-----END CERTIFICATE-----