Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
File:                     HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json)
Hash identifier:          MJwTTrexqtCA6T/frbff1/pk106crTutwv5XCjp+4Xw=
Subject key identifier:   ED:AE:09:E9:F4:E7:19:E8:F9:DE:17:B8:2F:9F:C5:BC:AD:D2:0E:41
Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D
Certificate issuer:       /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
Certificate serial:       0199FE7DABC22B3C32BF609DE6F562BC75CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
Manifest number:          1430
Signing time:             Sun 19 Oct 2025 22:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:12 +0000
Files and hashes:         1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: VyxixWWWr+E/uv5Zo1nIvB61Nxwb4+S8o5+UGqEqLI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:ab:c2:2b:3c:32:bf:60:9d:e6:f5:62:bc:75:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
        Validity
            Not Before: Oct 19 22:01:12 2025 GMT
            Not After : Oct 20 22:01:12 2025 GMT
        Subject: CN=edae09e9f4e719e8f9de17b82f9fc5bcadd20e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:c2:69:35:f4:50:84:19:a5:28:7f:62:87:
                    7b:19:d0:02:2f:a8:b0:0a:94:e7:e0:d6:90:39:2d:
                    62:83:1b:e5:4c:79:d4:ae:6f:aa:d1:79:62:d0:1e:
                    d7:0a:cd:95:1d:6e:08:85:18:24:8c:ca:20:5b:83:
                    6f:7a:4c:44:0b:3b:88:e1:3f:1b:0d:76:87:8d:6d:
                    18:74:9a:ad:f1:07:65:25:00:a9:e8:4e:fb:e7:d9:
                    57:cd:5b:df:26:a6:9f:7a:a8:17:36:92:f3:96:f2:
                    cd:e3:48:03:a8:2f:a9:20:34:66:69:72:f2:54:ff:
                    bd:c3:4a:8e:8d:e3:aa:2d:ee:4e:1f:51:1b:75:29:
                    9f:1e:fa:a2:52:46:ad:a6:7c:61:2e:8c:61:0f:6b:
                    8e:60:6c:1f:f7:eb:11:15:2e:9b:e4:a3:1e:d5:51:
                    f6:3f:47:b0:7d:dd:30:d6:14:ac:f7:89:83:d7:b0:
                    c7:58:03:51:e9:b8:fb:de:36:f9:37:5f:f1:6a:9c:
                    ae:06:57:f9:45:67:8f:d5:3b:4d:33:7e:6f:40:9b:
                    14:2e:44:03:0a:81:6c:50:86:a2:4f:08:e8:54:80:
                    e7:a0:af:de:e6:5f:62:9e:04:5a:27:4d:cb:f6:e9:
                    41:86:12:26:b5:33:77:07:c6:94:d5:91:1f:fb:bc:
                    8f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:AE:09:E9:F4:E7:19:E8:F9:DE:17:B8:2F:9F:C5:BC:AD:D2:0E:41
            X509v3 Authority Key Identifier:
                keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:ac:55:42:ba:44:f9:29:db:49:32:d8:05:5a:9d:a7:76:72:
         9e:47:f2:7d:32:17:79:51:8a:72:10:50:3d:ee:73:43:ba:fa:
         37:19:fe:1c:87:d9:98:a1:f7:18:eb:84:f9:b3:f4:16:4b:7d:
         8f:f9:47:f0:b8:3e:e9:f8:2c:4f:42:b0:7c:8a:d3:78:7b:0d:
         c8:10:83:40:b5:fc:31:4a:92:26:19:9d:56:2a:57:6f:d1:90:
         bd:f7:15:94:22:8c:a6:17:0a:1f:42:7e:ca:be:5c:a9:01:e1:
         2d:d0:64:d1:d9:bb:5e:0b:d8:44:b6:ce:52:d2:e4:f6:9e:d9:
         30:d4:87:99:37:e2:78:3a:ea:c8:fb:11:e6:e3:ea:89:76:c8:
         67:20:bf:8f:4d:e9:5e:50:f7:51:c3:e9:56:d4:77:3e:57:6d:
         cf:c5:df:a7:4f:51:28:3a:2e:7b:2f:a8:4a:f3:6c:5d:2e:74:
         92:d3:cd:20:70:5d:dc:c6:c7:63:36:62:fb:e7:43:be:97:f8:
         63:9e:2d:0c:59:eb:c6:1d:50:e0:3d:da:45:fb:5d:41:b4:e5:
         fe:3d:d3:09:5c:c6:15:ad:5a:3e:5e:51:74:64:67:e0:03:a3:
         40:1c:77:31:7e:c5:bb:bf:ce:f8:96:9a:78:7b:aa:e7:1d:4f:
         8e:9f:28:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+favCKzwyv2Cd5vVivHXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1
MTFlNGQwHhcNMjUxMDE5MjIwMTEyWhcNMjUxMDIwMjIwMTEyWjAzMTEwLwYDVQQD
EyhlZGFlMDllOWY0ZTcxOWU4ZjlkZTE3YjgyZjlmYzViY2FkZDIwZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yfCaTX0UIQZpSh/Yod7GdACL6iw
CpTn4NaQOS1igxvlTHnUrm+q0Xli0B7XCs2VHW4IhRgkjMogW4NvekxECzuI4T8b
DXaHjW0YdJqt8QdlJQCp6E7759lXzVvfJqafeqgXNpLzlvLN40gDqC+pIDRmaXLy
VP+9w0qOjeOqLe5OH1EbdSmfHvqiUkatpnxhLoxhD2uOYGwf9+sRFS6b5KMe1VH2
P0ewfd0w1hSs94mD17DHWANR6bj73jb5N1/xapyuBlf5RWeP1TtNM35vQJsULkQD
CoFsUIaiTwjoVIDnoK/e5l9ingRaJ03L9ulBhhImtTN3B8aU1ZEf+7yPGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2uCen05xno+d4XuC+fxbyt0g5BMB8GA1UdIwQY
MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt
MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk
LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKxVQrpE
+SnbSTLYBVqdp3ZynkfyfTIXeVGKchBQPe5zQ7r6Nxn+HIfZmKH3GOuE+bP0Fkt9
j/lH8Lg+6fgsT0KwfIrTeHsNyBCDQLX8MUqSJhmdVipXb9GQvfcVlCKMphcKH0J+
yr5cqQHhLdBk0dm7XgvYRLbOUtLk9p7ZMNSHmTfieDrqyPsR5uPqiXbIZyC/j03p
XlD3UcPpVtR3Pldtz8Xfp09RKDouey+oSvNsXS50ktPNIHBd3MbHYzZi++dDvpf4
Y54tDFnrxh1Q4D3aRftdQbTl/j3TCVzGFa1aPl5RdGRn4AOjQBx3MX7Fu7/O+Jaa
eHuq5x1Pjp8oJA==
-----END CERTIFICATE-----