Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          1UTdFqFaNEeRgHvRPChIGf1rQJmfiYkiA/2fEXsD7gY=
Subject key identifier:   1E:5E:02:D4:0A:3B:04:1A:81:7A:E6:0A:21:D3:C6:41:98:F0:0E:4E
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       0198D661389FEBDD351AECA02BD82A0A5279
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:02:32 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:32 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:32 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: tKLp3Hox+brMBl/6SHENZZONSCc3Zvfhw1q+JeeNlUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:38:9f:eb:dd:35:1a:ec:a0:2b:d8:2a:0a:52:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Aug 23 10:02:32 2025 GMT
            Not After : Aug 24 10:02:32 2025 GMT
        Subject: CN=1e5e02d40a3b041a817ae60a21d3c64198f00e4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a5:a9:4c:55:02:a5:e2:8a:5a:ff:42:ea:f6:
                    dc:2a:9b:49:ae:79:29:ad:25:cb:70:5d:f6:56:07:
                    71:31:98:3a:d0:a7:85:da:77:2f:08:e3:d4:b1:36:
                    61:c5:08:6b:b5:37:d4:d8:c9:03:46:07:02:ac:99:
                    fa:88:16:87:99:37:76:01:cf:18:c6:21:d9:a2:6c:
                    ba:73:01:b6:34:79:9d:eb:87:6f:5e:01:0d:9a:45:
                    0f:38:a5:0b:50:7b:bf:a7:08:bf:fb:ca:fa:1e:71:
                    72:c4:ab:43:be:54:4f:66:0f:d2:5d:fe:0a:1e:56:
                    8b:9e:35:cf:21:56:b4:93:64:c8:52:96:23:d3:d4:
                    b1:c3:e7:86:76:e9:26:41:29:4c:b9:cf:bb:fe:84:
                    44:27:3e:eb:6b:0f:9a:3f:3e:5c:c2:e4:1d:35:a2:
                    2c:90:e3:b3:3d:29:72:29:8b:6e:68:0a:b1:2f:e0:
                    87:7f:e6:7a:77:78:4d:5e:e1:ae:97:14:f9:30:5e:
                    be:6b:86:97:a3:11:90:34:09:ef:6e:66:3f:3b:d6:
                    85:88:3e:be:bd:3c:57:8b:d9:9b:01:fb:b2:d4:96:
                    55:d4:e5:fc:a0:b8:4e:28:67:47:dd:f9:f8:b8:85:
                    e5:dc:e8:6e:45:8b:2c:37:85:02:20:71:ac:20:09:
                    d5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5E:02:D4:0A:3B:04:1A:81:7A:E6:0A:21:D3:C6:41:98:F0:0E:4E
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:9d:31:a0:41:1b:32:d9:af:ed:87:91:82:ca:46:6e:5f:6e:
         9a:9c:ec:f9:c2:06:83:46:91:c6:61:09:34:f0:da:ba:d4:ca:
         5e:cc:be:6a:9b:e9:89:ee:70:f8:c2:c9:19:fc:fb:d3:ba:ea:
         1e:7d:81:e8:3e:4f:5c:e9:30:98:d9:f4:83:3c:d7:5e:fa:b8:
         0d:28:a9:fc:9e:c0:7f:64:45:d1:e0:35:04:ca:07:cb:32:d3:
         bd:68:19:fd:3f:1c:ee:85:1a:07:00:54:39:1f:be:70:c5:12:
         bb:04:01:86:8f:4c:33:44:70:9d:82:fd:15:62:d1:3a:be:04:
         2f:ee:2d:45:da:24:b5:41:4c:fb:bd:00:be:bd:a6:39:d6:2e:
         cf:3f:6b:5c:c1:93:42:32:e0:ee:55:e7:07:30:98:5c:ee:03:
         c9:b4:a4:74:ad:7f:78:21:8e:3b:9c:31:87:49:77:78:01:3d:
         7f:57:82:0d:37:b6:df:fe:fe:97:29:69:93:8e:ec:62:5a:0f:
         a1:46:27:2b:5d:89:e7:04:07:40:50:10:a3:22:15:57:5a:bb:
         45:97:da:d6:39:bb:c1:c4:a4:00:59:79:7a:0f:2b:63:25:c6:
         55:d0:da:ec:28:d5:9c:a6:d5:84:a2:a4:58:20:d2:86:f6:75:
         a7:4f:90:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYTif6901GuygK9gqClJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUwODIzMTAwMjMyWhcNMjUwODI0MTAwMjMyWjAzMTEwLwYDVQQD
EygxZTVlMDJkNDBhM2IwNDFhODE3YWU2MGEyMWQzYzY0MTk4ZjAwZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WpTFUCpeKKWv9C6vbcKptJrnkp
rSXLcF32VgdxMZg60KeF2ncvCOPUsTZhxQhrtTfU2MkDRgcCrJn6iBaHmTd2Ac8Y
xiHZomy6cwG2NHmd64dvXgENmkUPOKULUHu/pwi/+8r6HnFyxKtDvlRPZg/SXf4K
HlaLnjXPIVa0k2TIUpYj09Sxw+eGdukmQSlMuc+7/oREJz7raw+aPz5cwuQdNaIs
kOOzPSlyKYtuaAqxL+CHf+Z6d3hNXuGulxT5MF6+a4aXoxGQNAnvbmY/O9aFiD6+
vTxXi9mbAfuy1JZV1OX8oLhOKGdH3fn4uIXl3OhuRYssN4UCIHGsIAnVXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5eAtQKOwQagXrmCiHTxkGY8A5OMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnp0xoEEb
Mtmv7YeRgspGbl9umpzs+cIGg0aRxmEJNPDautTKXsy+apvpie5w+MLJGfz707rq
Hn2B6D5PXOkwmNn0gzzXXvq4DSip/J7Af2RF0eA1BMoHyzLTvWgZ/T8c7oUaBwBU
OR++cMUSuwQBho9MM0RwnYL9FWLROr4EL+4tRdoktUFM+70Avr2mOdYuzz9rXMGT
QjLg7lXnBzCYXO4DybSkdK1/eCGOO5wxh0l3eAE9f1eCDTe23/7+lylpk47sYloP
oUYnK12J5wQHQFAQoyIVV1q7RZfa1jm7wcSkAFl5eg8rYyXGVdDa7CjVnKbVhKKk
WCDShvZ1p0+Q6g==
-----END CERTIFICATE-----