Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          a02Leb4UrK9gcsao0F29ioai59ux+m3p7HAWe7RIyZY=
Subject key identifier:   A7:45:EF:9B:3B:1C:AF:7D:13:5A:E9:EC:13:CF:47:0B:C8:4C:E4:E5
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       0197B77C93176519755691421287DF9A894C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          028C
Signing time:             Sat 28 Jun 2025 17:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:23 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: f2b+iwl92BZsoim3Tbnzws3XyaWAzNXp3OTy+Ct8lKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:93:17:65:19:75:56:91:42:12:87:df:9a:89:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Jun 28 17:01:23 2025 GMT
            Not After : Jun 29 17:01:23 2025 GMT
        Subject: CN=a745ef9b3b1caf7d135ae9ec13cf470bc84ce4e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:17:1c:ce:fe:38:c4:26:6c:63:7e:1e:e6:73:
                    3a:9f:29:8a:db:15:b7:e2:7a:f1:9b:6c:3b:57:0d:
                    1a:34:3d:ce:c3:a4:43:da:53:b7:ad:52:42:79:bd:
                    ad:ea:9f:c0:52:0f:e9:e4:90:29:ec:f4:17:46:72:
                    59:85:df:a2:1b:ff:54:9b:a8:6e:b4:a5:df:45:0c:
                    ac:50:85:a9:88:66:28:4e:73:13:97:2d:fa:69:8b:
                    2b:bd:1c:a8:37:5f:c6:0c:5b:f3:62:96:fe:aa:42:
                    47:09:bf:6c:c7:d5:56:92:7c:ee:c5:f8:07:6c:3f:
                    42:c9:31:8a:4b:a4:45:04:df:86:86:b5:75:5b:ec:
                    b3:5b:b2:16:6d:d0:51:eb:88:51:43:63:e3:8c:d4:
                    b8:c8:c6:9b:1f:84:f6:68:31:56:b5:91:2a:78:91:
                    1c:51:05:7c:20:54:e3:f8:28:83:6b:e8:a2:16:ce:
                    0b:8c:ad:a5:27:18:0b:e8:7a:c4:43:d0:c9:64:5e:
                    7b:a8:b6:37:c4:f6:18:98:94:94:16:25:20:82:63:
                    66:81:88:39:07:e4:e6:5a:0f:7d:62:9d:22:4f:c8:
                    20:f1:f3:f4:00:40:a3:6d:70:54:2b:ae:d3:cb:d8:
                    83:f1:87:01:21:1c:84:18:67:9b:ae:3b:88:38:77:
                    ef:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:45:EF:9B:3B:1C:AF:7D:13:5A:E9:EC:13:CF:47:0B:C8:4C:E4:E5
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:12:4f:ca:c1:c8:e1:17:f7:cb:6e:88:d2:eb:f7:c5:80:7a:
         2f:ae:54:1d:30:d9:40:94:b9:a3:78:1f:87:91:f1:1a:1e:ee:
         ea:5e:a3:01:4c:ab:32:72:32:67:51:e5:02:18:f2:23:5d:65:
         2b:0e:f9:33:ed:47:0e:e5:bb:82:3b:9a:68:2d:93:d1:af:3e:
         09:92:92:74:17:db:fd:8d:d4:b9:a9:fb:37:f5:8c:f0:db:bc:
         de:07:a6:11:44:c0:3d:37:9f:e1:30:b4:9e:d1:0c:ce:06:92:
         cf:f0:4b:1a:54:82:5a:96:49:5f:10:ef:70:4f:3e:64:8a:b2:
         ee:2c:a9:0a:d5:3c:55:a4:9c:b7:b2:73:d5:f0:c1:56:3c:89:
         65:97:ac:f9:be:cf:76:5d:b0:f7:f6:ed:77:f7:a8:3d:dd:d2:
         26:9f:cf:71:24:27:aa:dc:f8:b7:95:8a:6e:3a:76:84:a4:9d:
         97:8a:66:ba:e1:0d:9c:3c:37:03:4e:c2:73:63:90:09:fe:18:
         f5:10:4c:81:b4:d6:31:67:5b:e6:81:be:79:ad:4c:0f:ae:ba:
         3b:e4:86:54:92:72:16:ad:6f:8f:bc:67:6e:7d:0e:53:d1:3a:
         a6:2d:45:4b:69:73:1e:b0:c1:7b:61:eb:4e:39:35:3a:39:23:
         0e:04:c0:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJMXZRl1VpFCEoffmolMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwNjI4MTcwMTIzWhcNMjUwNjI5MTcwMTIzWjAzMTEwLwYDVQQD
EyhhNzQ1ZWY5YjNiMWNhZjdkMTM1YWU5ZWMxM2NmNDcwYmM4NGNlNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xcczv44xCZsY34e5nM6nymK2xW3
4nrxm2w7Vw0aND3Ow6RD2lO3rVJCeb2t6p/AUg/p5JAp7PQXRnJZhd+iG/9Um6hu
tKXfRQysUIWpiGYoTnMTly36aYsrvRyoN1/GDFvzYpb+qkJHCb9sx9VWknzuxfgH
bD9CyTGKS6RFBN+GhrV1W+yzW7IWbdBR64hRQ2PjjNS4yMabH4T2aDFWtZEqeJEc
UQV8IFTj+CiDa+iiFs4LjK2lJxgL6HrEQ9DJZF57qLY3xPYYmJSUFiUggmNmgYg5
B+TmWg99Yp0iT8gg8fP0AECjbXBUK67Ty9iD8YcBIRyEGGebrjuIOHfv9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdF75s7HK99E1rp7BPPRwvITOTlMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZRJPysHI
4Rf3y26I0uv3xYB6L65UHTDZQJS5o3gfh5HxGh7u6l6jAUyrMnIyZ1HlAhjyI11l
Kw75M+1HDuW7gjuaaC2T0a8+CZKSdBfb/Y3Uuan7N/WM8Nu83gemEUTAPTef4TC0
ntEMzgaSz/BLGlSCWpZJXxDvcE8+ZIqy7iypCtU8VaSct7Jz1fDBVjyJZZes+b7P
dl2w9/btd/eoPd3SJp/PcSQnqtz4t5WKbjp2hKSdl4pmuuENnDw3A07Cc2OQCf4Y
9RBMgbTWMWdb5oG+ea1MD666O+SGVJJyFq1vj7xnbn0OU9E6pi1FS2lzHrDBe2Hr
Tjk1OjkjDgTAgw==
-----END CERTIFICATE-----