Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          jwKYxH8zuv2Jtu8VEIuPxMOdgXUqB969KvDT3CstYrI=
Subject key identifier:   E7:C4:24:23:57:B2:0D:A4:95:51:2F:02:17:55:67:44:3E:C1:09:AE
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       0198D6602790AB6FB7B4CD3B403860C125E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          08AC
Signing time:             Sat 23 Aug 2025 10:01:22 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:22 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:22 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: PClqiD1Xr4MJUVaGLmspROvvN+RdkFOmG++HPCV7LC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:27:90:ab:6f:b7:b4:cd:3b:40:38:60:c1:25:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Aug 23 10:01:22 2025 GMT
            Not After : Aug 24 10:01:22 2025 GMT
        Subject: CN=e7c4242357b20da495512f02175567443ec109ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c0:de:62:c9:48:97:66:2a:ac:2e:2c:a8:b5:
                    74:df:29:3b:1d:54:a7:55:f3:67:40:f8:35:ce:4e:
                    36:a7:c9:82:2a:ec:2d:68:ca:a3:3c:c8:43:49:44:
                    eb:4f:28:08:b4:6c:ac:d5:48:3a:e7:09:3f:6a:38:
                    26:c4:21:de:6b:2c:ab:dd:be:b6:cb:26:8c:1a:fc:
                    2a:bb:4a:f8:35:cf:6f:ae:b2:02:dc:bf:0f:69:03:
                    dc:5e:67:f6:8f:37:72:90:92:25:b7:6a:cd:fb:ae:
                    68:0a:09:8b:0f:8f:6c:21:6f:b2:12:1f:ef:69:08:
                    c7:d1:ec:9d:2a:68:25:80:69:fc:18:92:ce:ae:f5:
                    9e:42:97:06:ee:b3:4b:eb:10:8f:b4:62:ef:a0:10:
                    fe:42:42:66:12:a0:57:8d:ba:32:4f:e0:31:90:e0:
                    db:b0:5a:96:1e:a3:cc:ad:b3:46:29:fa:01:5d:48:
                    ab:80:7e:55:e7:99:e7:f1:d3:99:40:23:9f:50:b8:
                    89:6b:35:5b:57:75:a0:46:b3:ed:ff:57:2b:52:9c:
                    c8:2b:af:91:48:1e:20:d5:47:cc:98:4d:f2:e6:35:
                    be:7a:e1:0c:f0:b4:4e:13:bd:b3:96:79:d9:82:2b:
                    4c:f6:42:27:6d:d9:34:42:36:5a:29:ba:fe:b5:e2:
                    30:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:C4:24:23:57:B2:0D:A4:95:51:2F:02:17:55:67:44:3E:C1:09:AE
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:b0:c2:02:61:78:31:7d:ab:30:22:1b:a5:ff:e8:86:54:66:
         27:f8:46:7f:6f:ad:f6:15:8c:b6:4f:49:f9:ec:0b:b0:41:9b:
         da:fb:2f:93:cc:e6:9b:16:43:33:b3:35:e6:34:16:ba:b9:1d:
         94:28:69:4c:93:4b:3a:8f:37:90:61:32:37:fb:d9:e5:3c:b9:
         1d:41:9e:31:d6:2b:8f:3a:3e:aa:33:99:dd:74:6b:da:06:e9:
         03:2b:06:15:59:e6:0b:f2:d4:dc:28:8f:09:ea:0d:ce:fe:ba:
         91:e1:37:28:ab:2a:e3:35:62:89:3a:e1:0c:ce:80:e5:1a:eb:
         af:91:60:fe:0e:56:6d:5b:b7:c7:92:ed:ce:b6:cb:03:94:ea:
         0d:de:5e:91:18:18:d3:ec:4a:e0:6e:1e:9f:8b:a9:ec:72:2d:
         20:ba:c7:e8:3d:66:bd:76:95:6e:6e:61:8e:40:da:24:a9:65:
         47:6f:53:14:a6:ff:9c:b8:a5:19:a4:ee:94:75:b9:9d:a8:b1:
         2a:6c:0a:47:ad:57:f2:f8:c7:49:c4:72:a9:74:cd:58:3d:92:
         a6:e9:1e:db:95:54:f4:9b:7a:9d:cb:b1:4f:a6:90:35:a7:07:
         c9:52:64:5a:90:f6:23:50:fd:c2:9b:7e:71:af:69:5a:ed:d5:
         cc:fe:d6:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYCeQq2+3tM07QDhgwSXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUwODIzMTAwMTIyWhcNMjUwODI0MTAwMTIyWjAzMTEwLwYDVQQD
EyhlN2M0MjQyMzU3YjIwZGE0OTU1MTJmMDIxNzU1Njc0NDNlYzEwOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMDeYslIl2YqrC4sqLV03yk7HVSn
VfNnQPg1zk42p8mCKuwtaMqjPMhDSUTrTygItGys1Ug65wk/ajgmxCHeayyr3b62
yyaMGvwqu0r4Nc9vrrIC3L8PaQPcXmf2jzdykJIlt2rN+65oCgmLD49sIW+yEh/v
aQjH0eydKmglgGn8GJLOrvWeQpcG7rNL6xCPtGLvoBD+QkJmEqBXjboyT+AxkODb
sFqWHqPMrbNGKfoBXUirgH5V55nn8dOZQCOfULiJazVbV3WgRrPt/1crUpzIK6+R
SB4g1UfMmE3y5jW+euEM8LROE72zlnnZgitM9kInbdk0QjZaKbr+teIw1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfEJCNXsg2klVEvAhdVZ0Q+wQmuMB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXbDCAmF4
MX2rMCIbpf/ohlRmJ/hGf2+t9hWMtk9J+ewLsEGb2vsvk8zmmxZDM7M15jQWurkd
lChpTJNLOo83kGEyN/vZ5Ty5HUGeMdYrjzo+qjOZ3XRr2gbpAysGFVnmC/LU3CiP
CeoNzv66keE3KKsq4zViiTrhDM6A5Rrrr5Fg/g5WbVu3x5LtzrbLA5TqDd5ekRgY
0+xK4G4en4up7HItILrH6D1mvXaVbm5hjkDaJKllR29TFKb/nLilGaTulHW5naix
KmwKR61X8vjHScRyqXTNWD2Spuke25VU9Jt6ncuxT6aQNacHyVJkWpD2I1D9wpt+
ca9pWu3VzP7WWg==
-----END CERTIFICATE-----