Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          GGDaA/yJY7tNQmasZBGe1YkQyZbOvStaMAlAa6RmRQs=
Subject key identifier:   6E:EF:F1:8D:64:A4:16:75:C6:5B:79:EB:83:83:40:B9:DE:10:78:52
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       0198D4E08F05CA85358F18583DA5B7E8B4D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          1041
Signing time:             Sat 23 Aug 2025 03:02:22 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:22 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:22 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: KnHzsnUvVejBrEd/nG23zc6OwmoiKIY6z4tYyeGohBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:8f:05:ca:85:35:8f:18:58:3d:a5:b7:e8:b4:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Aug 23 03:02:22 2025 GMT
            Not After : Aug 24 03:02:22 2025 GMT
        Subject: CN=6eeff18d64a41675c65b79eb838340b9de107852
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:fb:10:4f:4f:21:97:f9:90:dc:af:eb:b9:66:
                    a2:22:00:34:8a:eb:0f:87:14:09:11:83:0a:71:5d:
                    16:93:fb:e3:df:58:bd:64:3c:aa:c2:59:e8:8d:2d:
                    96:41:76:8b:26:27:1f:8b:a8:57:12:be:97:48:2a:
                    02:2b:2e:3c:cc:fd:81:15:93:64:73:c4:4b:dd:9c:
                    c2:32:26:4d:9a:46:99:68:73:ef:98:43:40:f8:0e:
                    a1:f6:b5:02:9f:b3:3a:cf:6a:f1:60:f4:35:ad:b5:
                    05:a0:6d:da:86:44:56:0d:b7:ab:75:25:54:1a:44:
                    35:c6:07:21:d8:20:3e:50:25:54:fe:a4:fc:f1:90:
                    3a:df:32:03:2a:1f:d7:6d:62:63:34:4f:e3:e4:68:
                    d6:dc:2d:28:a4:15:18:5b:53:21:0d:ee:2f:ec:d4:
                    cf:22:ec:25:b0:b2:c6:6c:b6:75:89:7c:18:2e:f1:
                    e2:3d:ac:75:f4:62:74:bd:58:e7:ab:0e:e4:b4:63:
                    a7:1b:36:b7:41:44:0c:8f:ad:3d:4b:fa:52:9d:0f:
                    48:87:70:89:88:96:c5:8e:3b:a3:72:5e:d1:92:1d:
                    0a:68:b3:67:af:32:10:c7:52:89:d4:74:d0:0a:2a:
                    5a:2b:1f:66:c4:0d:76:c7:ab:ca:fa:73:cb:e2:5d:
                    31:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:EF:F1:8D:64:A4:16:75:C6:5B:79:EB:83:83:40:B9:DE:10:78:52
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:1b:d9:db:40:b2:14:6d:5e:b6:75:6d:37:50:8c:61:48:db:
         2a:15:19:e1:42:fc:9d:f8:68:7d:98:51:cf:00:aa:8c:f4:44:
         05:a1:85:f4:d0:8e:e7:01:86:01:b3:89:0c:8c:76:35:b4:c0:
         2c:69:21:73:42:b3:21:4d:67:8b:b2:dd:55:9c:db:f7:2f:68:
         bd:42:eb:7b:4b:52:d4:f8:2a:37:ee:bc:e5:6a:a9:02:55:3e:
         8f:27:2b:ba:b0:cc:e8:ea:42:57:f7:9d:ba:22:78:f4:71:19:
         f8:cc:77:db:15:5b:b4:14:52:88:e7:b8:51:78:63:c3:2a:b6:
         94:35:8e:cd:70:a6:61:4f:f6:24:ff:c5:05:59:12:84:a2:a3:
         8d:01:40:1f:78:75:3c:ac:ea:a6:b1:0a:94:a5:1e:ab:2f:54:
         ec:74:6f:9d:9c:82:73:92:2a:43:a2:0d:84:3c:a4:ef:5a:dd:
         7f:71:22:fc:6d:38:ca:9a:81:26:2b:57:1a:40:46:78:8b:72:
         ae:27:9a:22:df:85:5c:b8:33:f2:8b:98:17:8a:1f:b3:79:48:
         1a:44:ef:a8:c3:63:5b:88:cb:cd:ee:5e:67:8d:5b:99:4d:fc:
         2b:eb:30:6d:c2:35:85:7a:dc:4a:21:bd:42:73:01:a7:5a:99:
         87:06:24:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4I8FyoU1jxhYPaW36LTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwODIzMDMwMjIyWhcNMjUwODI0MDMwMjIyWjAzMTEwLwYDVQQD
Eyg2ZWVmZjE4ZDY0YTQxNjc1YzY1Yjc5ZWI4MzgzNDBiOWRlMTA3ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfsQT08hl/mQ3K/ruWaiIgA0iusP
hxQJEYMKcV0Wk/vj31i9ZDyqwlnojS2WQXaLJicfi6hXEr6XSCoCKy48zP2BFZNk
c8RL3ZzCMiZNmkaZaHPvmENA+A6h9rUCn7M6z2rxYPQ1rbUFoG3ahkRWDberdSVU
GkQ1xgch2CA+UCVU/qT88ZA63zIDKh/XbWJjNE/j5GjW3C0opBUYW1MhDe4v7NTP
IuwlsLLGbLZ1iXwYLvHiPax19GJ0vVjnqw7ktGOnGza3QUQMj609S/pSnQ9Ih3CJ
iJbFjjujcl7Rkh0KaLNnrzIQx1KJ1HTQCipaKx9mxA12x6vK+nPL4l0xCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7v8Y1kpBZ1xlt564ODQLneEHhSMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPhvZ20Cy
FG1etnVtN1CMYUjbKhUZ4UL8nfhofZhRzwCqjPREBaGF9NCO5wGGAbOJDIx2NbTA
LGkhc0KzIU1ni7LdVZzb9y9ovULre0tS1PgqN+685WqpAlU+jycrurDM6OpCV/ed
uiJ49HEZ+Mx32xVbtBRSiOe4UXhjwyq2lDWOzXCmYU/2JP/FBVkShKKjjQFAH3h1
PKzqprEKlKUeqy9U7HRvnZyCc5IqQ6INhDyk71rdf3Ei/G04ypqBJitXGkBGeIty
rieaIt+FXLgz8ouYF4ofs3lIGkTvqMNjW4jLze5eZ41bmU38K+swbcI1hXrcSiG9
QnMBp1qZhwYkvg==
-----END CERTIFICATE-----