Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          L3CW+UInruJPxxU5FAfTXsRVfJLyjLnFKdFOyBquP5c=
Subject key identifier:   AF:14:B1:29:34:8F:1D:1B:D1:A6:64:D5:D2:60:E9:D7:3A:61:65:80
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       0197B70F0D23E89FFD3A5B205FA5DA5ED9EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          0FAD
Signing time:             Sat 28 Jun 2025 15:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:46 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: EnEeCDjLcvfzVv6g69X9pNtA4pJFl/ZLDaxDttfc1Qc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:0d:23:e8:9f:fd:3a:5b:20:5f:a5:da:5e:d9:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Jun 28 15:01:46 2025 GMT
            Not After : Jun 29 15:01:46 2025 GMT
        Subject: CN=af14b129348f1d1bd1a664d5d260e9d73a616580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7e:ac:13:3a:f4:43:55:fe:00:1f:65:40:32:
                    91:a0:b2:08:83:ad:b4:3d:e0:ca:54:f5:57:1e:f3:
                    d3:a9:09:0e:ba:37:27:07:cd:20:aa:4e:1b:71:30:
                    ac:e6:98:89:61:c6:bd:bb:71:d9:0c:b4:42:30:aa:
                    30:d9:3e:04:d3:60:eb:76:6b:29:13:11:a3:5d:4e:
                    ea:8a:f6:ff:19:5d:3e:66:54:94:5e:06:5c:b1:43:
                    49:60:a7:02:b1:18:a0:43:2c:00:92:24:c3:26:c3:
                    a4:ec:90:89:c1:85:5e:7b:82:81:f3:a3:77:4c:23:
                    a2:20:51:c4:e9:9c:fb:d5:0f:10:d8:aa:5b:ba:d7:
                    d8:12:bb:64:09:ba:b7:9a:2b:ff:40:11:7d:7d:87:
                    ae:38:76:06:4d:12:34:78:76:da:83:9d:10:1d:af:
                    dd:41:ca:96:0f:a7:3d:02:72:a6:89:cf:ee:c5:ed:
                    26:84:b9:13:33:15:c0:24:d2:c8:ad:99:2d:e8:12:
                    11:7d:c9:73:29:14:f8:25:22:10:2d:06:7a:b6:bf:
                    41:c3:17:86:7b:af:2c:f3:20:84:8f:0a:fe:af:ef:
                    25:8d:e4:21:35:be:e6:7b:42:5e:e1:5c:3f:e3:f8:
                    2c:11:ed:9e:0a:a6:fa:c2:83:b5:b3:24:c5:17:61:
                    a3:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:14:B1:29:34:8F:1D:1B:D1:A6:64:D5:D2:60:E9:D7:3A:61:65:80
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:7d:8a:77:58:00:42:f2:7c:f2:41:a0:ef:80:37:0e:76:6d:
         ec:94:fb:38:2f:ca:2b:e6:87:22:fc:ef:c5:d2:45:8e:53:b0:
         c2:22:b3:02:50:01:28:52:6f:c4:dd:fe:d2:be:ed:e5:23:10:
         ea:89:b7:fc:e9:ee:a6:88:74:3a:eb:2a:59:3f:18:4d:3d:be:
         2a:c8:99:c1:9e:c9:86:24:dc:01:5d:4c:1d:6e:b9:ea:b8:37:
         ca:0c:f8:11:81:61:83:b0:a0:ca:d9:66:37:b3:8b:f3:22:40:
         0e:6d:b1:7a:b8:21:37:8d:c0:43:01:13:cc:0a:74:5f:19:ef:
         f3:58:8a:59:60:b6:39:ad:bb:10:31:5e:4e:be:22:46:70:e0:
         60:b3:56:9a:c2:90:3a:d5:5e:e8:8f:54:fe:a1:0c:87:3b:6e:
         b6:33:2a:70:d7:4b:db:5d:92:4a:9a:75:42:76:0a:99:7f:0c:
         b2:ca:89:6d:44:28:24:e2:ec:a1:55:e9:08:38:c6:ac:87:79:
         52:2a:eb:93:61:db:5d:7f:1e:12:a1:86:50:f3:d1:e1:51:84:
         b8:2b:0a:1e:46:35:11:57:21:1c:d1:73:17:a2:5a:f7:3f:1c:
         a2:cc:a9:2d:a8:0b:5d:27:9a:e9:43:c5:b4:27:63:10:5b:b9:
         3c:3d:59:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dw0j6J/9OlsgX6XaXtnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwNjI4MTUwMTQ2WhcNMjUwNjI5MTUwMTQ2WjAzMTEwLwYDVQQD
EyhhZjE0YjEyOTM0OGYxZDFiZDFhNjY0ZDVkMjYwZTlkNzNhNjE2NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs36sEzr0Q1X+AB9lQDKRoLIIg620
PeDKVPVXHvPTqQkOujcnB80gqk4bcTCs5piJYca9u3HZDLRCMKow2T4E02Drdmsp
ExGjXU7qivb/GV0+ZlSUXgZcsUNJYKcCsRigQywAkiTDJsOk7JCJwYVee4KB86N3
TCOiIFHE6Zz71Q8Q2KpbutfYErtkCbq3miv/QBF9fYeuOHYGTRI0eHbag50QHa/d
QcqWD6c9AnKmic/uxe0mhLkTMxXAJNLIrZkt6BIRfclzKRT4JSIQLQZ6tr9BwxeG
e68s8yCEjwr+r+8ljeQhNb7me0Je4Vw/4/gsEe2eCqb6woO1syTFF2GjCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8UsSk0jx0b0aZk1dJg6dc6YWWAMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsn2Kd1gA
QvJ88kGg74A3DnZt7JT7OC/KK+aHIvzvxdJFjlOwwiKzAlABKFJvxN3+0r7t5SMQ
6om3/Onupoh0OusqWT8YTT2+KsiZwZ7JhiTcAV1MHW656rg3ygz4EYFhg7Cgytlm
N7OL8yJADm2xerghN43AQwETzAp0Xxnv81iKWWC2Oa27EDFeTr4iRnDgYLNWmsKQ
OtVe6I9U/qEMhztutjMqcNdL212SSpp1QnYKmX8MssqJbUQoJOLsoVXpCDjGrId5
Uirrk2HbXX8eEqGGUPPR4VGEuCsKHkY1EVchHNFzF6Ja9z8cosypLagLXSea6UPF
tCdjEFu5PD1Z5A==
-----END CERTIFICATE-----