Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
File:                     HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft (raw, json)
Hash identifier:          yLhVV32CskT7LgywaDGVkEjBkwg2ZHUE4r+a1k04yOs=
Subject key identifier:   AB:F8:CC:32:3B:FD:DC:99:DF:2B:65:7A:4E:93:D0:6D:9C:55:BF:4B
Authority key identifier: 1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50
Certificate issuer:       /CN=1c5353a86abd33b1a236e407ce469261d0636150
Certificate serial:       0198D54E697F856A4B20D5EBA101FF150783
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
Manifest number:          08CE
Signing time:             Sat 23 Aug 2025 05:02:22 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:22 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:22 +0000
Files and hashes:         1: HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl (hash: SQv6DIW1UdSs/SZxXmPetog0k3Z9Q0jAS3fMBZEqFG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:69:7f:85:6a:4b:20:d5:eb:a1:01:ff:15:07:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5353a86abd33b1a236e407ce469261d0636150
        Validity
            Not Before: Aug 23 05:02:22 2025 GMT
            Not After : Aug 24 05:02:22 2025 GMT
        Subject: CN=abf8cc323bfddc99df2b657a4e93d06d9c55bf4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:47:aa:25:34:1a:eb:9d:23:d2:82:2c:a2:80:
                    0a:0c:58:e8:b2:de:0e:fb:20:d4:03:22:7a:c5:df:
                    6e:d2:43:85:28:f5:b1:77:fc:af:19:82:93:8f:b2:
                    16:d4:e1:fb:46:cf:1a:e7:fd:2d:e0:e4:3a:93:1d:
                    f9:a9:07:e6:54:11:b7:f2:47:88:e6:ea:d7:14:1d:
                    9b:b3:18:1e:17:f6:43:5e:09:68:a0:ee:01:f9:cb:
                    9e:10:a1:ac:f1:e3:03:9e:f7:e5:44:95:93:b4:3e:
                    3c:27:10:56:b0:3d:6d:b0:0c:56:a7:de:72:29:83:
                    9f:ce:c4:4c:87:4a:e3:3d:9f:1b:6d:58:2c:39:3b:
                    90:db:a5:aa:3a:01:98:10:25:9c:f8:bf:ee:3b:a7:
                    f8:48:ba:46:f6:85:b3:0f:4a:16:7e:ce:8d:3e:49:
                    ce:7e:e5:09:68:af:59:76:c0:5e:af:16:82:dc:bd:
                    04:08:af:5b:92:a8:ed:4f:57:53:f5:2f:89:ad:b0:
                    ba:22:6d:0d:ca:a3:46:af:73:f0:af:6f:97:95:20:
                    95:b3:70:e5:f6:8c:8a:e5:7d:93:0b:fc:ac:51:6a:
                    b4:92:bb:eb:cc:77:e9:4d:33:5b:5e:eb:15:74:35:
                    bc:48:5d:e3:d9:73:20:32:79:ee:d4:72:02:f1:9e:
                    29:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F8:CC:32:3B:FD:DC:99:DF:2B:65:7A:4E:93:D0:6D:9C:55:BF:4B
            X509v3 Authority Key Identifier:
                keyid:1C:53:53:A8:6A:BD:33:B1:A2:36:E4:07:CE:46:92:61:D0:63:61:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFNTqGq9M7GiNuQHzkaSYdBjYVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cca8da-4079-463d-bd53-c4e18b8bb1cf/1/HFNTqGq9M7GiNuQHzkaSYdBjYVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:7b:01:b1:94:01:60:64:10:6e:ed:c6:56:4b:78:d1:d8:1a:
         ab:98:3d:11:23:9f:95:6e:f8:ba:31:d7:0a:ab:18:af:18:22:
         e8:7e:fa:74:52:09:7d:d2:88:b4:8b:da:22:b4:3d:4a:db:1d:
         74:84:76:b8:77:e9:bb:90:db:bd:a9:18:af:71:bf:9d:b8:fd:
         75:94:88:3f:1f:91:f7:1a:5f:66:95:44:5c:c1:38:32:41:ff:
         2f:33:b7:f3:98:b5:09:68:97:f7:39:ab:db:ef:81:8b:b1:47:
         c8:d2:f4:46:0b:e2:f1:84:05:c1:db:b3:44:ce:d2:8e:9e:7f:
         65:77:21:12:73:5e:40:5a:54:aa:91:68:c4:cd:e3:b2:ba:b7:
         57:98:ce:d0:e7:b7:32:64:a3:d3:1a:ca:d7:98:8c:c6:13:48:
         a2:33:93:ae:9a:e2:89:35:cb:66:a3:04:a2:e1:23:54:81:47:
         b2:fe:d4:6f:2b:22:f2:df:18:40:2e:12:75:97:04:be:61:7c:
         9d:64:b3:f9:42:cf:cb:a5:76:80:d0:ab:7a:ce:39:de:23:b5:
         95:ec:56:00:c6:47:1a:8d:20:22:05:b0:90:4a:a4:45:c2:35:
         a1:99:c2:3b:ed:f4:cf:c8:63:2e:3e:50:cc:c5:b4:4c:e7:c1:
         3b:f5:f8:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTml/hWpLINXroQH/FQeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTM1M2E4NmFiZDMzYjFhMjM2ZTQwN2NlNDY5MjYxZDA2
MzYxNTAwHhcNMjUwODIzMDUwMjIyWhcNMjUwODI0MDUwMjIyWjAzMTEwLwYDVQQD
EyhhYmY4Y2MzMjNiZmRkYzk5ZGYyYjY1N2E0ZTkzZDA2ZDljNTViZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EeqJTQa650j0oIsooAKDFjost4O
+yDUAyJ6xd9u0kOFKPWxd/yvGYKTj7IW1OH7Rs8a5/0t4OQ6kx35qQfmVBG38keI
5urXFB2bsxgeF/ZDXglooO4B+cueEKGs8eMDnvflRJWTtD48JxBWsD1tsAxWp95y
KYOfzsRMh0rjPZ8bbVgsOTuQ26WqOgGYECWc+L/uO6f4SLpG9oWzD0oWfs6NPknO
fuUJaK9ZdsBerxaC3L0ECK9bkqjtT1dT9S+JrbC6Im0NyqNGr3Pwr2+XlSCVs3Dl
9oyK5X2TC/ysUWq0krvrzHfpTTNbXusVdDW8SF3j2XMgMnnu1HIC8Z4pVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKv4zDI7/dyZ3ytlek6T0G2cVb9LMB8GA1UdIwQY
MBaAFBxTU6hqvTOxojbkB85GkmHQY2FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMt
YzRlMThiOGJiMWNmLzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jY2E4ZGEtNDA3OS00NjNkLWJkNTMtYzRlMThiOGJiMWNm
LzEvSEZOVHFHcTlNN0dpTnVRSHprYVNZZEJqWVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmHsBsZQB
YGQQbu3GVkt40dgaq5g9ESOflW74ujHXCqsYrxgi6H76dFIJfdKItIvaIrQ9Stsd
dIR2uHfpu5DbvakYr3G/nbj9dZSIPx+R9xpfZpVEXME4MkH/LzO385i1CWiX9zmr
2++Bi7FHyNL0Rgvi8YQFwduzRM7Sjp5/ZXchEnNeQFpUqpFoxM3jsrq3V5jO0Oe3
MmSj0xrK15iMxhNIojOTrpriiTXLZqMEouEjVIFHsv7Ubysi8t8YQC4SdZcEvmF8
nWSz+ULPy6V2gNCres453iO1lexWAMZHGo0gIgWwkEqkRcI1oZnCO+30z8hjLj5Q
zMW0TOfBO/X4HA==
-----END CERTIFICATE-----