Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          tixWl+nRNlzLDY8TH0U2qoGFTXhx4KIAZWXMDcKX98M=
Subject key identifier:   AF:28:93:EF:AF:AA:85:29:37:EF:F1:03:35:42:C5:62:F5:61:6B:39
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       019A00A2C98DCDDECC0018525146338C9B6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          0724
Signing time:             Mon 20 Oct 2025 08:00:59 +0000
Manifest this update:     Mon 20 Oct 2025 08:00:59 +0000
Manifest next update:     Tue 21 Oct 2025 08:00:59 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: JlJnB9VC1RSxMWMuQImGUCAoLpltCW03hg07VNbFO80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a2:c9:8d:cd:de:cc:00:18:52:51:46:33:8c:9b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Oct 20 08:00:59 2025 GMT
            Not After : Oct 21 08:00:59 2025 GMT
        Subject: CN=af2893efafaa852937eff1033542c562f5616b39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:03:68:42:ba:ad:b0:79:4d:7c:73:bc:75:40:
                    34:eb:cd:13:b8:f6:f8:89:ac:f9:6a:26:52:ff:d0:
                    a9:f5:e3:e9:f6:75:47:a7:cd:0b:17:ea:db:57:42:
                    4c:53:a2:9b:ce:d5:ba:e1:d8:5e:c7:71:04:c4:c7:
                    12:7d:78:1a:93:2c:f8:cf:bc:7d:61:c2:86:9d:bd:
                    a6:ae:24:ea:1b:b9:00:fa:96:e1:63:48:2e:40:e1:
                    ee:b2:7a:cc:7b:df:f4:26:0e:d0:dd:06:68:28:0f:
                    37:b7:de:47:4a:7c:13:b9:17:19:a2:32:a8:47:f9:
                    f7:9d:0f:64:b0:9e:3e:a8:c5:d2:47:ff:ca:dd:73:
                    d5:2c:25:83:54:6b:98:8a:2c:40:e6:62:de:9f:72:
                    19:83:db:85:1a:17:dd:38:cd:f8:f2:12:0b:d6:59:
                    54:e3:fe:a4:c4:b6:1e:31:06:cd:f4:4f:12:ec:87:
                    97:6d:2c:5f:85:8d:70:92:7e:a2:21:77:9d:d8:05:
                    96:a4:2c:9b:8f:c9:58:a0:76:06:b9:2d:d9:3d:e2:
                    60:e2:98:7d:99:22:e5:89:04:ff:13:1b:4f:55:78:
                    ca:4a:ab:63:e2:2f:b8:79:ce:63:8c:2f:fa:f7:16:
                    7f:ae:83:89:92:77:ee:d6:84:2f:ca:37:6d:2f:65:
                    23:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:28:93:EF:AF:AA:85:29:37:EF:F1:03:35:42:C5:62:F5:61:6B:39
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:8d:45:c5:02:e8:87:b4:b1:26:6f:c0:41:b8:27:d8:bf:26:
         b4:80:05:60:45:9c:79:8e:a6:0e:09:b9:bb:de:ff:9e:85:d5:
         1f:c7:bd:81:35:71:1a:68:fe:60:91:ee:e2:0c:28:8f:68:cd:
         40:83:bc:a4:5f:ce:32:31:e0:9b:f7:83:22:59:18:8f:f8:f9:
         47:ba:f9:cb:90:63:ff:7f:66:1d:2e:78:6b:7c:e9:9a:d9:48:
         62:78:78:fa:41:42:9a:53:71:a7:d2:33:1d:c5:39:34:d9:e1:
         11:6f:7d:0c:b5:f0:d5:4f:c9:81:8b:67:25:0c:ca:89:d7:b4:
         fe:72:de:f6:c7:53:03:3f:7d:4e:05:5c:44:56:a6:4f:35:58:
         5e:35:49:db:46:39:e4:43:8a:a9:28:ff:f6:bd:c1:d9:c2:1e:
         92:b1:fa:d8:f6:81:86:1b:37:6a:23:c8:d8:24:52:55:d6:5e:
         09:72:8a:e4:05:16:ce:5e:d7:84:77:8a:0c:b3:6d:bd:42:31:
         35:99:45:9c:b0:bf:de:f2:e8:4c:ae:25:52:23:7b:22:db:a1:
         33:3b:2b:41:e2:e1:56:a8:3a:89:4e:b7:eb:ec:64:de:c8:ed:
         d4:c8:91:03:a6:bb:01:55:ac:5e:db:51:11:f2:71:7d:64:8d:
         92:0a:d3:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAosmNzd7MABhSUUYzjJtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUxMDIwMDgwMDU5WhcNMjUxMDIxMDgwMDU5WjAzMTEwLwYDVQQD
EyhhZjI4OTNlZmFmYWE4NTI5MzdlZmYxMDMzNTQyYzU2MmY1NjE2YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQNoQrqtsHlNfHO8dUA0680TuPb4
iaz5aiZS/9Cp9ePp9nVHp80LF+rbV0JMU6KbztW64dhex3EExMcSfXgakyz4z7x9
YcKGnb2mriTqG7kA+pbhY0guQOHusnrMe9/0Jg7Q3QZoKA83t95HSnwTuRcZojKo
R/n3nQ9ksJ4+qMXSR//K3XPVLCWDVGuYiixA5mLen3IZg9uFGhfdOM348hIL1llU
4/6kxLYeMQbN9E8S7IeXbSxfhY1wkn6iIXed2AWWpCybj8lYoHYGuS3ZPeJg4ph9
mSLliQT/ExtPVXjKSqtj4i+4ec5jjC/69xZ/roOJknfu1oQvyjdtL2UjZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8ok++vqoUpN+/xAzVCxWL1YWs5MB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK41FxQLo
h7SxJm/AQbgn2L8mtIAFYEWceY6mDgm5u97/noXVH8e9gTVxGmj+YJHu4gwoj2jN
QIO8pF/OMjHgm/eDIlkYj/j5R7r5y5Bj/39mHS54a3zpmtlIYnh4+kFCmlNxp9Iz
HcU5NNnhEW99DLXw1U/JgYtnJQzKide0/nLe9sdTAz99TgVcRFamTzVYXjVJ20Y5
5EOKqSj/9r3B2cIekrH62PaBhhs3aiPI2CRSVdZeCXKK5AUWzl7XhHeKDLNtvUIx
NZlFnLC/3vLoTK4lUiN7ItuhMzsrQeLhVqg6iU636+xk3sjt1MiRA6a7AVWsXttR
EfJxfWSNkgrTVw==
-----END CERTIFICATE-----