Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          T1lx6F0zbj6Pu66mV49IwvhGJY74VdT3FhCF9PT7Tuk=
Subject key identifier:   11:24:28:C7:2E:68:5B:8C:B4:55:50:FE:10:BE:94:D1:59:9D:83:73
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       0198D5BC3588B1C35676360E8833AD664B08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          1648
Signing time:             Sat 23 Aug 2025 07:02:18 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:18 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:18 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: SJxLJoIux5V8sFr6HHQbZt2F47rV24HkO11ZghK7oRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:35:88:b1:c3:56:76:36:0e:88:33:ad:66:4b:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Aug 23 07:02:18 2025 GMT
            Not After : Aug 24 07:02:18 2025 GMT
        Subject: CN=112428c72e685b8cb45550fe10be94d1599d8373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3c:8f:5b:cc:49:c9:0f:89:47:1a:70:a8:d4:
                    ce:bc:ac:1e:f9:af:d9:f7:24:04:5d:4c:88:f9:b9:
                    56:af:53:a1:f1:b0:5c:ba:ec:62:12:ad:7d:c3:62:
                    84:72:75:a1:d8:26:9c:11:8e:84:3b:5f:b7:f4:38:
                    06:66:93:6a:cb:e6:bf:30:ba:c7:76:fb:99:a1:a0:
                    03:b3:23:db:09:95:18:c3:95:9b:3a:98:d3:2b:57:
                    f0:50:06:a5:33:98:37:1f:d3:be:64:84:37:ce:68:
                    07:57:5b:be:8b:7f:79:60:d6:36:34:04:3c:ad:30:
                    7e:e4:ca:d8:4d:57:0d:12:c0:98:fd:dc:e0:bd:58:
                    85:c5:cc:9b:86:cc:ce:1c:a0:35:ff:f2:1e:8f:5f:
                    95:95:21:2a:e3:73:d8:f6:c4:b5:de:63:c3:19:a9:
                    99:72:e7:f5:9a:dc:02:36:52:0b:7c:24:c8:a4:9b:
                    b1:60:6c:92:ce:86:85:3b:49:e5:a1:eb:e4:bc:d9:
                    a7:2f:a0:29:9d:6d:49:99:d3:a9:1d:a4:8c:ef:41:
                    0c:59:28:f3:14:f4:ba:8c:7b:55:00:da:9c:6e:30:
                    33:31:e8:e0:b6:78:f7:31:24:42:44:ca:6b:cf:d9:
                    a2:93:ea:c6:f7:73:e8:28:e0:81:13:c6:82:f3:8e:
                    46:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:24:28:C7:2E:68:5B:8C:B4:55:50:FE:10:BE:94:D1:59:9D:83:73
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:c0:79:0b:c4:44:97:d6:d2:9d:d4:c3:6d:55:00:cc:36:23:
         40:78:00:70:d2:16:6c:38:f9:f0:37:92:34:94:24:45:c0:6f:
         4e:31:00:05:2f:b6:1a:b1:a1:1e:9d:0b:88:de:63:59:5d:9d:
         b1:5a:81:54:3f:63:02:29:da:ec:4a:58:99:ed:30:45:0a:ee:
         84:37:4e:81:3b:21:e1:00:27:7f:cc:79:66:f1:a7:d4:94:6a:
         6c:d5:f3:a0:a6:76:f7:94:45:95:80:e8:69:65:de:36:c3:f8:
         a7:e3:4c:b9:ad:ef:af:c9:fa:15:6e:b5:da:20:3b:84:4f:c8:
         e4:62:68:88:d2:33:96:0d:76:fa:7f:67:b1:87:95:b5:33:8d:
         cc:8d:c9:82:76:20:9c:04:3f:a5:63:3f:5a:40:a5:28:1f:99:
         da:53:6f:66:5b:c5:f6:7b:cf:31:c4:56:94:4e:d1:f9:56:8e:
         7d:be:d6:3e:4d:dc:af:c4:ee:78:a1:51:2f:66:55:4d:14:b4:
         33:cb:51:b4:a4:0a:58:87:85:de:04:d6:3b:1c:70:75:20:c4:
         8a:cf:e2:83:ed:7b:f3:2f:60:05:37:7f:1e:51:a6:54:46:39:
         93:61:8d:83:1c:75:b6:16:33:4e:fb:40:65:7b:e6:89:19:a9:
         4e:17:93:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvDWIscNWdjYOiDOtZksIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUwODIzMDcwMjE4WhcNMjUwODI0MDcwMjE4WjAzMTEwLwYDVQQD
EygxMTI0MjhjNzJlNjg1YjhjYjQ1NTUwZmUxMGJlOTRkMTU5OWQ4MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TyPW8xJyQ+JRxpwqNTOvKwe+a/Z
9yQEXUyI+blWr1Oh8bBcuuxiEq19w2KEcnWh2CacEY6EO1+39DgGZpNqy+a/MLrH
dvuZoaADsyPbCZUYw5WbOpjTK1fwUAalM5g3H9O+ZIQ3zmgHV1u+i395YNY2NAQ8
rTB+5MrYTVcNEsCY/dzgvViFxcybhszOHKA1//Iej1+VlSEq43PY9sS13mPDGamZ
cuf1mtwCNlILfCTIpJuxYGySzoaFO0nloevkvNmnL6ApnW1JmdOpHaSM70EMWSjz
FPS6jHtVANqcbjAzMejgtnj3MSRCRMprz9mik+rG93PoKOCBE8aC845GUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEkKMcuaFuMtFVQ/hC+lNFZnYNzMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMB5C8RE
l9bSndTDbVUAzDYjQHgAcNIWbDj58DeSNJQkRcBvTjEABS+2GrGhHp0LiN5jWV2d
sVqBVD9jAina7EpYme0wRQruhDdOgTsh4QAnf8x5ZvGn1JRqbNXzoKZ295RFlYDo
aWXeNsP4p+NMua3vr8n6FW612iA7hE/I5GJoiNIzlg12+n9nsYeVtTONzI3JgnYg
nAQ/pWM/WkClKB+Z2lNvZlvF9nvPMcRWlE7R+VaOfb7WPk3cr8TueKFRL2ZVTRS0
M8tRtKQKWIeF3gTWOxxwdSDEis/ig+178y9gBTd/HlGmVEY5k2GNgxx1thYzTvtA
ZXvmiRmpTheT0A==
-----END CERTIFICATE-----