Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
File:                     HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json)
Hash identifier:          jOo/JkX9F/nLZbXbfvdsLDl5ty3Iruy2tDEHEnPU8EU=
Subject key identifier:   C6:B7:E0:CB:08:90:B6:C2:64:11:78:C8:D9:45:C3:30:BC:A2:C4:79
Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43
Certificate issuer:       /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
Certificate serial:       0198D54E82AD5C7316B098B42A1DAC79BB0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
Manifest number:          0AF3
Signing time:             Sat 23 Aug 2025 05:02:28 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:28 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:28 +0000
Files and hashes:         1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: z3mmyOBqrv0Mw4Ne1QYls4oF1B01GUXjHpVnON8YReM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:82:ad:5c:73:16:b0:98:b4:2a:1d:ac:79:bb:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
        Validity
            Not Before: Aug 23 05:02:28 2025 GMT
            Not After : Aug 24 05:02:28 2025 GMT
        Subject: CN=c6b7e0cb0890b6c2641178c8d945c330bca2c479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ea:98:07:ff:99:f7:84:5a:5f:6b:e4:0a:74:
                    15:35:d4:d1:0f:70:40:22:1a:ae:2b:7c:f9:0b:59:
                    60:d5:e8:cb:c6:b4:ab:ea:d2:16:ba:2e:5d:5c:5f:
                    ff:91:4a:b2:fb:14:0e:30:c5:d0:58:10:dc:71:7a:
                    4e:c5:c7:2b:b4:33:5c:39:8f:7b:e0:df:47:91:32:
                    06:69:35:b4:67:1a:33:2e:23:f5:7a:b9:33:70:73:
                    34:6c:16:e8:ec:7f:2d:33:9e:49:f1:60:a4:80:45:
                    64:5f:33:4d:4d:48:e6:3a:a4:8c:8d:ca:fe:75:31:
                    4f:c7:c2:9b:8a:e6:5f:65:27:bb:32:04:b7:ce:73:
                    a6:86:ae:7d:d4:42:78:92:87:a7:88:fb:25:04:90:
                    19:12:e0:93:f7:c9:4e:eb:8d:5e:5c:cb:0c:cd:f7:
                    98:64:16:9f:5e:38:6e:b4:74:8f:8a:6a:06:23:a6:
                    3b:fc:76:42:86:bb:ae:8f:22:96:ce:8e:6f:7e:74:
                    e9:8b:c0:d6:28:82:90:50:24:22:bc:ea:32:f2:37:
                    32:85:4c:d8:7f:d0:c9:f8:5d:be:90:a4:93:13:67:
                    12:17:ec:6c:98:e5:5d:87:3e:2a:b3:53:80:9e:09:
                    93:40:9b:da:96:4d:21:1a:c7:e7:00:0b:ff:dd:9a:
                    af:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:B7:E0:CB:08:90:B6:C2:64:11:78:C8:D9:45:C3:30:BC:A2:C4:79
            X509v3 Authority Key Identifier:
                keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:43:a9:5d:5d:1c:3c:1f:bd:ed:db:a1:df:45:d3:71:68:8c:
         d6:03:e9:a8:5c:29:7e:6b:ed:58:f7:4f:94:8c:ca:89:89:96:
         ba:2d:86:82:fd:7f:17:b5:5d:25:8e:c4:b7:70:0b:05:11:e5:
         5d:be:be:9b:dd:53:62:ed:e8:f5:c4:c9:d0:65:19:30:ce:52:
         c7:2b:82:40:1e:a4:c9:47:e6:3c:77:04:2c:02:08:64:b7:f8:
         4b:13:f9:83:76:76:40:1c:ad:58:5c:ec:99:b1:92:14:06:27:
         46:b1:ee:b6:ea:e5:bd:cc:31:2a:ab:98:17:42:a8:57:a8:3b:
         56:ac:c2:d7:8d:25:1d:e9:70:e6:aa:b9:8a:ef:2e:28:18:2a:
         8d:a3:09:59:78:f4:a4:e0:58:8c:6e:2c:62:34:11:d9:3b:a6:
         ae:44:f2:fe:d2:21:8a:ce:cb:9a:ee:42:04:98:bb:f1:54:2d:
         0d:7a:d9:47:22:9c:8b:74:a1:fc:4e:f7:0a:da:b7:02:dc:55:
         b6:e8:7e:70:67:06:5f:5f:09:50:69:57:83:21:f1:e3:d0:2e:
         5f:52:ed:76:70:08:45:3b:0b:57:50:17:33:d6:21:7d:13:f0:
         0e:5d:a9:2b:af:cf:78:c3:42:4b:39:f6:08:fa:60:74:94:69:
         d2:ce:cf:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVToKtXHMWsJi0Kh2sebsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl
NGU2NDMwHhcNMjUwODIzMDUwMjI4WhcNMjUwODI0MDUwMjI4WjAzMTEwLwYDVQQD
EyhjNmI3ZTBjYjA4OTBiNmMyNjQxMTc4YzhkOTQ1YzMzMGJjYTJjNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluqYB/+Z94RaX2vkCnQVNdTRD3BA
IhquK3z5C1lg1ejLxrSr6tIWui5dXF//kUqy+xQOMMXQWBDccXpOxccrtDNcOY97
4N9HkTIGaTW0ZxozLiP1erkzcHM0bBbo7H8tM55J8WCkgEVkXzNNTUjmOqSMjcr+
dTFPx8KbiuZfZSe7MgS3znOmhq591EJ4koeniPslBJAZEuCT98lO641eXMsMzfeY
ZBafXjhutHSPimoGI6Y7/HZChruujyKWzo5vfnTpi8DWKIKQUCQivOoy8jcyhUzY
f9DJ+F2+kKSTE2cSF+xsmOVdhz4qs1OAngmTQJvalk0hGsfnAAv/3ZqvLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMa34MsIkLbCZBF4yNlFwzC8osR5MB8GA1UdIwQY
MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt
NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz
LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0OpXV0c
PB+97duh30XTcWiM1gPpqFwpfmvtWPdPlIzKiYmWui2Ggv1/F7VdJY7Et3ALBRHl
Xb6+m91TYu3o9cTJ0GUZMM5SxyuCQB6kyUfmPHcELAIIZLf4SxP5g3Z2QBytWFzs
mbGSFAYnRrHuturlvcwxKquYF0KoV6g7VqzC140lHelw5qq5iu8uKBgqjaMJWXj0
pOBYjG4sYjQR2TumrkTy/tIhis7Lmu5CBJi78VQtDXrZRyKci3Sh/E73Ctq3AtxV
tuh+cGcGX18JUGlXgyHx49AuX1LtdnAIRTsLV1AXM9YhfRPwDl2pK6/PeMNCSzn2
CPpgdJRp0s7P8w==
-----END CERTIFICATE-----