Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          DZ9gFLFTXSL3wFqRuJj9zNnKy1VsFqmO1Rv3gTstl2g=
Subject key identifier:   8D:99:36:CF:C7:75:E2:74:2D:06:92:FC:DA:C3:E0:46:3B:74:36:3F
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       0198D54E2F59C2EEDB8214DA8BE25580394D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          0689
Signing time:             Sat 23 Aug 2025 05:02:07 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:07 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:07 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: a9ntenyu1ERUbQtbm6uIALEm4DhUPiQcKTEcRAiTzkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:2f:59:c2:ee:db:82:14:da:8b:e2:55:80:39:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Aug 23 05:02:07 2025 GMT
            Not After : Aug 24 05:02:07 2025 GMT
        Subject: CN=8d9936cfc775e2742d0692fcdac3e0463b74363f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8d:62:a7:5b:90:8e:94:e5:46:55:7a:f7:a8:
                    48:22:f3:00:e9:6a:ba:bc:0e:07:46:b0:cc:1a:7a:
                    d1:1b:1c:b5:b4:be:e9:94:90:40:ff:78:48:87:f5:
                    f5:63:0c:3c:81:70:1e:0a:c7:7d:36:be:84:a7:32:
                    33:46:0c:74:91:fa:a7:40:7f:92:dc:ca:65:95:cc:
                    21:19:f6:64:53:89:3a:79:ea:83:89:64:1d:c9:e8:
                    66:53:ff:fd:57:fc:25:e5:c0:3d:4d:06:86:5d:a5:
                    95:96:69:8d:b3:df:e8:2d:70:a6:72:16:70:33:2d:
                    e1:ab:5f:80:a6:b3:26:4a:b3:06:a6:1c:05:2f:ac:
                    75:91:6a:c9:72:98:5e:13:8f:9a:75:9e:51:01:3f:
                    43:40:a3:62:67:22:07:a7:01:76:2c:20:fe:90:30:
                    65:61:eb:54:39:a8:98:0b:ca:2e:ec:dc:84:61:d2:
                    c1:8b:b5:fa:b7:63:8b:20:0e:be:f3:39:78:c5:8a:
                    ea:88:62:98:bd:80:f2:30:5d:63:38:93:f1:8a:de:
                    ae:06:e8:64:f2:20:dc:78:1f:f0:9a:fe:8b:73:f8:
                    31:d8:9e:93:ef:a5:d0:75:43:e4:61:27:d0:5d:ff:
                    2b:b8:af:6f:0f:89:3d:f9:a7:45:59:8d:dc:54:b8:
                    4c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:99:36:CF:C7:75:E2:74:2D:06:92:FC:DA:C3:E0:46:3B:74:36:3F
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:35:85:00:3d:ab:13:f0:ea:65:e2:c2:b6:f2:70:24:78:33:
         63:49:36:1d:e4:e6:b4:be:2c:20:29:0d:92:c1:10:0a:3d:92:
         fc:c4:2c:b1:a6:12:c9:b6:6d:05:d8:7b:9f:8f:9f:b5:39:da:
         58:42:00:6b:6b:25:ed:a3:03:cf:cc:25:b5:fb:a1:e6:a7:7e:
         34:2c:5c:81:78:28:db:8e:1a:89:0a:fc:82:b0:5d:b4:4a:09:
         7c:1c:e5:8a:af:25:06:7e:39:4e:fa:42:22:ba:e0:b2:a3:73:
         f6:3b:ca:57:d5:86:b3:90:52:99:d3:46:3f:64:73:f8:a7:2b:
         98:e6:11:6c:6f:92:c3:80:ca:3e:00:20:1b:f4:fd:e8:1c:ca:
         2c:4c:d7:6e:25:bf:3e:ec:ee:f0:26:a6:82:f9:39:eb:78:b2:
         c7:d6:86:2e:c6:d8:c2:82:df:27:80:90:4e:98:53:9c:be:11:
         a4:88:e6:98:a8:9b:0b:85:6d:00:c8:28:1c:49:9d:14:16:e5:
         59:a4:f5:aa:8b:67:cd:ae:52:02:8a:e4:89:52:a5:1f:e2:da:
         10:af:32:a8:e4:1f:ea:5e:a4:f3:dd:7f:18:bd:ea:2a:ec:af:
         d9:ef:c4:18:91:c5:ea:8c:92:66:4a:7e:fa:a0:91:f2:26:c4:
         62:ab:a4:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTi9Zwu7bghTai+JVgDlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwODIzMDUwMjA3WhcNMjUwODI0MDUwMjA3WjAzMTEwLwYDVQQD
Eyg4ZDk5MzZjZmM3NzVlMjc0MmQwNjkyZmNkYWMzZTA0NjNiNzQzNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw41ip1uQjpTlRlV696hIIvMA6Wq6
vA4HRrDMGnrRGxy1tL7plJBA/3hIh/X1Yww8gXAeCsd9Nr6EpzIzRgx0kfqnQH+S
3MpllcwhGfZkU4k6eeqDiWQdyehmU//9V/wl5cA9TQaGXaWVlmmNs9/oLXCmchZw
My3hq1+AprMmSrMGphwFL6x1kWrJcpheE4+adZ5RAT9DQKNiZyIHpwF2LCD+kDBl
YetUOaiYC8ou7NyEYdLBi7X6t2OLIA6+8zl4xYrqiGKYvYDyMF1jOJPxit6uBuhk
8iDceB/wmv6Lc/gx2J6T76XQdUPkYSfQXf8ruK9vD4k9+adFWY3cVLhMywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2ZNs/HdeJ0LQaS/NrD4EY7dDY/MB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEDWFAD2r
E/DqZeLCtvJwJHgzY0k2HeTmtL4sICkNksEQCj2S/MQssaYSybZtBdh7n4+ftTna
WEIAa2sl7aMDz8wltfuh5qd+NCxcgXgo244aiQr8grBdtEoJfBzliq8lBn45TvpC
IrrgsqNz9jvKV9WGs5BSmdNGP2Rz+KcrmOYRbG+Sw4DKPgAgG/T96BzKLEzXbiW/
Puzu8Camgvk563iyx9aGLsbYwoLfJ4CQTphTnL4RpIjmmKibC4VtAMgoHEmdFBbl
WaT1qotnza5SAorkiVKlH+LaEK8yqOQf6l6k891/GL3qKuyv2e/EGJHF6oySZkp+
+qCR8ibEYqukJA==
-----END CERTIFICATE-----