Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          EB1ith9mgi1yhKVPXCyosGZ9Y7bpH+iD5HMmlq2xdFc=
Subject key identifier:   5D:B5:63:23:BB:69:C0:D3:78:30:58:35:F1:94:43:28:60:AA:16:93
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       0198D65FC5645C1E5C8AB468BBBEA2319B79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0B27
Signing time:             Sat 23 Aug 2025 10:00:57 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:57 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:57 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: Cg0qEotAbW54ebRENsEwi9cmWj9xxvcYfmeaQUMCHkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:c5:64:5c:1e:5c:8a:b4:68:bb:be:a2:31:9b:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Aug 23 10:00:57 2025 GMT
            Not After : Aug 24 10:00:57 2025 GMT
        Subject: CN=5db56323bb69c0d378305835f194432860aa1693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9e:ad:bf:e3:51:ee:ea:0c:b3:12:65:c1:36:
                    8f:be:6d:25:9a:5b:d7:58:6a:0c:64:be:09:fd:92:
                    a0:76:8b:63:b5:6a:bf:b8:d6:dc:18:20:a3:df:af:
                    39:b7:ba:4e:6b:2e:9b:71:8d:16:3f:4e:8f:61:36:
                    9e:76:a1:48:78:90:65:98:bc:d6:32:42:4d:97:ef:
                    b9:4d:cc:fc:bf:a6:86:3a:47:0b:0b:cd:67:dc:8a:
                    fc:3e:c5:fa:d2:82:ba:fa:67:74:54:cb:64:2d:5a:
                    a9:bf:99:35:de:b2:31:7a:65:06:6f:9b:bc:e2:e5:
                    03:66:70:76:a2:7a:39:e0:df:1a:21:79:5a:89:f6:
                    22:08:d3:29:55:4e:d7:d3:89:d4:d9:ac:d5:71:3f:
                    88:f1:63:5a:ca:f5:7a:4a:c5:6c:50:f7:f6:fd:5b:
                    59:20:84:d3:41:f9:ad:c3:a8:ad:fa:d4:6f:3d:3e:
                    c3:d7:de:24:bd:a2:ae:7d:6b:7e:a2:dd:3b:43:ef:
                    bf:2e:1b:69:69:23:e0:a4:40:7c:ce:4b:df:0b:cd:
                    20:e8:a4:44:84:04:ab:5c:cf:c8:34:74:38:c7:a2:
                    f6:1f:a5:5b:5b:d8:df:3d:72:79:a5:52:42:e0:0c:
                    94:83:3c:b8:24:d4:e9:4e:86:ee:2e:1b:4f:09:34:
                    83:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:B5:63:23:BB:69:C0:D3:78:30:58:35:F1:94:43:28:60:AA:16:93
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:83:d0:55:97:51:1f:02:d7:7a:1d:76:2e:5c:68:e6:21:6f:
         14:62:9c:83:61:fd:c3:83:00:3c:8b:41:fb:3b:7a:38:61:88:
         b1:31:68:04:f7:79:c2:97:e5:7b:ad:e3:df:2b:63:db:10:b4:
         b0:dc:3a:41:ab:ce:df:86:f4:1e:7e:33:10:91:5c:a7:50:6c:
         ef:9f:d1:ea:68:dc:21:30:51:23:2c:1a:d6:34:a6:5a:c5:a1:
         6a:e2:6d:24:45:45:b5:08:92:fa:75:61:f8:15:85:f1:d8:c9:
         56:fd:d1:bd:2b:19:d0:57:01:a2:cf:39:0d:c6:88:21:3c:3b:
         61:cd:ca:63:1a:50:80:95:f5:55:81:25:d3:4a:c9:fd:d4:2e:
         17:a8:dd:7a:3b:02:70:3b:36:88:a6:77:76:77:51:60:1d:7c:
         9f:29:a7:ba:0c:d7:f1:1f:19:7c:ab:e6:33:2f:2c:5f:92:cd:
         b6:71:59:14:f9:95:00:f9:3a:7e:9f:d8:c9:58:cd:92:7a:51:
         f2:4e:b8:4b:b9:f8:c9:ab:18:ff:16:02:5d:55:ef:1b:cf:66:
         77:07:0d:15:a3:a4:e2:07:42:b8:41:6d:28:e2:d5:22:d8:bb:
         ac:b9:78:f6:56:da:5d:5b:52:cf:c2:70:68:fe:84:d9:fe:8b:
         d6:f0:5d:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX8VkXB5cirRou76iMZt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwODIzMTAwMDU3WhcNMjUwODI0MTAwMDU3WjAzMTEwLwYDVQQD
Eyg1ZGI1NjMyM2JiNjljMGQzNzgzMDU4MzVmMTk0NDMyODYwYWExNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp6tv+NR7uoMsxJlwTaPvm0lmlvX
WGoMZL4J/ZKgdotjtWq/uNbcGCCj3685t7pOay6bcY0WP06PYTaedqFIeJBlmLzW
MkJNl++5Tcz8v6aGOkcLC81n3Ir8PsX60oK6+md0VMtkLVqpv5k13rIxemUGb5u8
4uUDZnB2ono54N8aIXlaifYiCNMpVU7X04nU2azVcT+I8WNayvV6SsVsUPf2/VtZ
IITTQfmtw6it+tRvPT7D194kvaKufWt+ot07Q++/LhtpaSPgpEB8zkvfC80g6KRE
hASrXM/INHQ4x6L2H6VbW9jfPXJ5pVJC4AyUgzy4JNTpTobuLhtPCTSDrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF21YyO7acDTeDBYNfGUQyhgqhaTMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASoPQVZdR
HwLXeh12Llxo5iFvFGKcg2H9w4MAPItB+zt6OGGIsTFoBPd5wpfle63j3ytj2xC0
sNw6QavO34b0Hn4zEJFcp1Bs75/R6mjcITBRIywa1jSmWsWhauJtJEVFtQiS+nVh
+BWF8djJVv3RvSsZ0FcBos85DcaIITw7Yc3KYxpQgJX1VYEl00rJ/dQuF6jdejsC
cDs2iKZ3dndRYB18nymnugzX8R8ZfKvmMy8sX5LNtnFZFPmVAPk6fp/YyVjNknpR
8k64S7n4yasY/xYCXVXvG89mdwcNFaOk4gdCuEFtKOLVIti7rLl49lbaXVtSz8Jw
aP6E2f6L1vBdcQ==
-----END CERTIFICATE-----