Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          qyRHNFYmArylW9Y1PlkBmT5GubXEaxLTqL1nChnLfIw=
Subject key identifier:   79:24:D8:0E:7F:F2:66:7C:4C:84:2F:4D:71:B2:BF:0E:5A:93:91:7D
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       0197B77C47B3F1317888D8C57C292BB2489E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          05F5
Signing time:             Sat 28 Jun 2025 17:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:04 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: nwAOu/f0spHDzk8ASOAiAaTVD42vtt2lyTPBcrzjXa4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:47:b3:f1:31:78:88:d8:c5:7c:29:2b:b2:48:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Jun 28 17:01:04 2025 GMT
            Not After : Jun 29 17:01:04 2025 GMT
        Subject: CN=7924d80e7ff2667c4c842f4d71b2bf0e5a93917d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:96:52:74:17:43:92:b5:8a:4b:51:82:67:ec:
                    6d:56:bd:ee:9e:91:de:b1:c0:22:f1:41:9e:e3:d1:
                    2b:f4:c7:e2:1c:3f:15:1b:97:e2:60:54:7a:ed:ce:
                    11:4b:b0:ed:ee:bb:49:60:24:cb:02:91:17:f7:f4:
                    10:fc:4a:9e:f9:79:db:c9:1f:81:7b:6f:47:59:44:
                    87:fe:73:42:9b:82:e0:95:07:69:a9:0b:3b:12:58:
                    02:58:ad:71:85:b9:87:bf:33:67:c0:a5:19:ee:38:
                    85:77:aa:aa:6e:f0:1b:36:50:a6:fd:a7:ed:30:d8:
                    63:73:bd:62:4a:04:77:47:d7:b8:c1:71:b7:53:6e:
                    40:72:ce:ad:e4:91:49:2b:fe:b6:43:92:c6:d4:1e:
                    0a:44:d2:58:39:4a:77:3e:85:98:b7:19:13:17:7d:
                    18:7a:5c:fd:21:24:2a:4e:3a:fc:8a:a6:36:ba:06:
                    ae:74:71:a4:23:c0:54:42:c3:25:9d:31:9d:48:1c:
                    25:e0:3d:5b:f7:f2:4d:9f:02:11:2a:1b:d9:32:e4:
                    67:62:e7:d9:e9:7b:b8:a6:ae:91:18:63:31:0d:97:
                    a0:cc:53:6d:4a:0c:f3:d3:ab:1f:3f:fe:07:2f:80:
                    74:0d:7e:90:ca:33:ae:71:04:75:34:f8:20:b3:ff:
                    e1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:24:D8:0E:7F:F2:66:7C:4C:84:2F:4D:71:B2:BF:0E:5A:93:91:7D
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:0b:a4:9f:98:60:fd:23:cf:a8:a4:be:94:57:b1:c1:fa:3f:
         63:71:a7:00:44:35:3f:71:8c:49:33:34:51:f2:77:4a:b0:82:
         1b:8c:f8:a5:ff:78:e1:bc:cb:ce:6d:40:2b:e2:01:fa:68:3e:
         b5:00:37:58:d5:13:b2:16:9e:a7:f3:f5:01:3d:b1:68:3d:ce:
         58:86:b1:10:3b:c2:bd:fb:cb:07:4f:24:8f:d3:42:ee:24:dd:
         52:66:89:11:2b:0b:43:97:2a:54:23:09:cd:21:89:4b:5a:75:
         41:fc:d8:3d:a0:a2:6f:41:b6:13:35:02:42:fb:bc:e9:28:c0:
         f0:d2:68:77:71:1d:15:9a:08:e1:28:13:2c:4f:76:99:1c:c9:
         22:21:cd:5d:60:3d:ff:69:b4:a6:06:10:cb:5a:33:18:63:9c:
         55:74:7e:f8:78:4d:2a:12:91:7f:14:24:3c:77:16:0d:dc:4a:
         f1:b9:2e:46:27:10:5e:6a:68:bc:8e:26:37:c1:fd:a5:a8:b7:
         70:2c:fd:6d:f1:73:af:67:b1:24:c8:91:5e:35:6b:74:b9:d5:
         81:bc:bc:a8:db:6a:2a:65:29:59:f1:4b:ce:d1:98:30:83:44:
         2b:8c:a9:17:64:f5:a5:d7:89:6d:f6:6b:df:fb:9b:42:7b:94:
         3c:56:2a:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fEez8TF4iNjFfCkrskieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwNjI4MTcwMTA0WhcNMjUwNjI5MTcwMTA0WjAzMTEwLwYDVQQD
Eyg3OTI0ZDgwZTdmZjI2NjdjNGM4NDJmNGQ3MWIyYmYwZTVhOTM5MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pZSdBdDkrWKS1GCZ+xtVr3unpHe
scAi8UGe49Er9MfiHD8VG5fiYFR67c4RS7Dt7rtJYCTLApEX9/QQ/Eqe+XnbyR+B
e29HWUSH/nNCm4LglQdpqQs7ElgCWK1xhbmHvzNnwKUZ7jiFd6qqbvAbNlCm/aft
MNhjc71iSgR3R9e4wXG3U25Acs6t5JFJK/62Q5LG1B4KRNJYOUp3PoWYtxkTF30Y
elz9ISQqTjr8iqY2ugaudHGkI8BUQsMlnTGdSBwl4D1b9/JNnwIRKhvZMuRnYufZ
6Xu4pq6RGGMxDZegzFNtSgzz06sfP/4HL4B0DX6QyjOucQR1NPggs//h5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkk2A5/8mZ8TIQvTXGyvw5ak5F9MB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbwukn5hg
/SPPqKS+lFexwfo/Y3GnAEQ1P3GMSTM0UfJ3SrCCG4z4pf944bzLzm1AK+IB+mg+
tQA3WNUTshaep/P1AT2xaD3OWIaxEDvCvfvLB08kj9NC7iTdUmaJESsLQ5cqVCMJ
zSGJS1p1QfzYPaCib0G2EzUCQvu86SjA8NJod3EdFZoI4SgTLE92mRzJIiHNXWA9
/2m0pgYQy1ozGGOcVXR++HhNKhKRfxQkPHcWDdxK8bkuRicQXmpovI4mN8H9pai3
cCz9bfFzr2exJMiRXjVrdLnVgby8qNtqKmUpWfFLztGYMINEK4ypF2T1pdeJbfZr
3/ubQnuUPFYqtQ==
-----END CERTIFICATE-----