Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          PNW3BQ3fwVOWIE/zUryiRYhOmofQRMlvFvGFu9VHBpc=
Subject key identifier:   27:FA:B2:CA:FC:A4:FC:ED:1B:E5:A6:CC:2C:92:42:6E:6F:27:50:2E
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       0197B6A0BD6BD216F17038553E0CA79AB3B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          0817
Signing time:             Sat 28 Jun 2025 13:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:16 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: TeRjKdDH8yiNMantwGmzwyV0mgWA1NYB3iaSjd4VP+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:bd:6b:d2:16:f1:70:38:55:3e:0c:a7:9a:b3:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Jun 28 13:01:16 2025 GMT
            Not After : Jun 29 13:01:16 2025 GMT
        Subject: CN=27fab2cafca4fced1be5a6cc2c92426e6f27502e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:37:16:7b:ba:f3:aa:89:02:5e:5a:7a:7f:0a:
                    f0:3f:48:8b:11:d4:34:b0:65:be:85:6a:83:e5:7c:
                    d0:fa:8f:58:ad:28:61:e5:d4:2e:4e:e2:2d:34:24:
                    9f:89:69:5a:d6:35:a6:8d:fa:31:35:ea:a6:9d:e1:
                    23:84:83:5e:a1:57:df:0b:78:9b:f3:e8:c8:5e:bb:
                    f2:e7:4c:e7:38:06:14:cf:77:50:bb:c9:be:ab:1f:
                    e0:4e:7f:ae:13:0c:75:eb:4e:ac:0e:20:47:d4:69:
                    92:0c:5c:c3:ba:ee:f1:25:cc:47:43:6f:cc:57:1e:
                    fd:50:fd:81:9c:93:1f:07:36:c9:5b:4a:24:01:54:
                    46:ad:9f:d7:b1:b0:a8:a9:6f:25:17:30:82:61:aa:
                    f3:94:e0:54:a5:a4:f0:55:65:c2:80:f2:c9:02:1c:
                    f0:c0:0a:3a:b8:9d:8d:ea:38:0e:e1:e2:66:05:31:
                    2f:08:66:a8:d3:b5:02:f5:34:b6:f2:3b:3b:ef:2c:
                    e3:07:9e:ee:d7:cd:84:18:96:01:62:e0:b3:f4:87:
                    c9:78:a5:32:f5:aa:24:34:3d:d0:62:8a:20:f5:b5:
                    66:a5:e6:55:a9:34:7c:49:76:d0:1b:f2:d4:f0:f6:
                    75:f6:c5:2a:76:87:bd:62:a0:2f:76:4a:05:2b:9f:
                    40:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:FA:B2:CA:FC:A4:FC:ED:1B:E5:A6:CC:2C:92:42:6E:6F:27:50:2E
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b3:c4:cb:c0:1a:5e:df:5f:bc:9b:6f:08:9e:6a:ff:35:f2:
         b7:29:ff:0e:de:8d:2f:e6:a9:45:56:fc:6f:68:74:61:cd:98:
         75:83:04:99:e9:6c:75:ff:2e:27:4f:cf:0c:79:eb:85:0c:a3:
         4a:b8:1c:d9:2c:56:ea:29:50:b7:a7:9c:1c:4b:2b:b3:bd:e9:
         62:9a:80:b5:f2:ed:9b:3d:bf:f6:fd:8b:35:1f:f0:18:d3:f7:
         01:22:06:41:ea:ee:70:36:60:50:b5:39:f3:f1:58:46:2f:bf:
         11:cb:00:24:7c:d1:80:73:f8:36:73:77:24:d4:a1:b1:0f:4e:
         30:0a:5d:6c:6d:76:96:ad:74:df:5a:9d:04:eb:7a:b1:fc:6a:
         90:73:f9:39:79:61:06:5c:20:af:89:e1:79:3d:04:d8:b9:e8:
         1a:ce:74:8e:71:0e:bb:74:e7:b6:6c:15:f2:d7:f6:26:c5:cc:
         dd:9e:09:ef:32:75:f2:16:b1:0c:cb:dc:d6:f1:f7:40:c0:43:
         02:9d:bc:52:f7:ec:5b:08:92:29:25:10:48:3a:1b:47:c3:ba:
         8f:bc:a8:1f:cf:d1:52:da:b3:f5:6f:6b:ab:28:7c:62:a9:e6:
         9e:55:95:c5:0c:eb:a9:5e:c1:ff:db:37:a9:dd:a1:f5:20:71:
         38:26:44:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oL1r0hbxcDhVPgynmrOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUwNjI4MTMwMTE2WhcNMjUwNjI5MTMwMTE2WjAzMTEwLwYDVQQD
EygyN2ZhYjJjYWZjYTRmY2VkMWJlNWE2Y2MyYzkyNDI2ZTZmMjc1MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjcWe7rzqokCXlp6fwrwP0iLEdQ0
sGW+hWqD5XzQ+o9YrShh5dQuTuItNCSfiWla1jWmjfoxNeqmneEjhINeoVffC3ib
8+jIXrvy50znOAYUz3dQu8m+qx/gTn+uEwx1606sDiBH1GmSDFzDuu7xJcxHQ2/M
Vx79UP2BnJMfBzbJW0okAVRGrZ/XsbCoqW8lFzCCYarzlOBUpaTwVWXCgPLJAhzw
wAo6uJ2N6jgO4eJmBTEvCGao07UC9TS28js77yzjB57u182EGJYBYuCz9IfJeKUy
9aokND3QYoog9bVmpeZVqTR8SXbQG/LU8PZ19sUqdoe9YqAvdkoFK59AqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf6ssr8pPztG+WmzCySQm5vJ1AuMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLPEy8Aa
Xt9fvJtvCJ5q/zXytyn/Dt6NL+apRVb8b2h0Yc2YdYMEmelsdf8uJ0/PDHnrhQyj
Srgc2SxW6ilQt6ecHEsrs73pYpqAtfLtmz2/9v2LNR/wGNP3ASIGQerucDZgULU5
8/FYRi+/EcsAJHzRgHP4NnN3JNShsQ9OMApdbG12lq1031qdBOt6sfxqkHP5OXlh
Blwgr4nheT0E2LnoGs50jnEOu3TntmwV8tf2JsXM3Z4J7zJ18haxDMvc1vH3QMBD
Ap28UvfsWwiSKSUQSDobR8O6j7yoH8/RUtqz9W9rqyh8YqnmnlWVxQzrqV7B/9s3
qd2h9SBxOCZE/w==
-----END CERTIFICATE-----