Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          3zqZlE2XfR4FdKNBA/wsBP/zOWXx3ELRpp2NiMBSEdE=
Subject key identifier:   97:41:D6:F8:16:F7:85:E3:A4:0C:23:97:F5:9A:17:4A:A4:3B:9C:69
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       0198D4E00FB2A4777C92DB72F8F1E66C8C51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          1260
Signing time:             Sat 23 Aug 2025 03:01:50 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:50 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:50 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: Gv/bBVtWRfl/HRjcc7taTCsIEJDkpnrp1NIicytsitc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:0f:b2:a4:77:7c:92:db:72:f8:f1:e6:6c:8c:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Aug 23 03:01:50 2025 GMT
            Not After : Aug 24 03:01:50 2025 GMT
        Subject: CN=9741d6f816f785e3a40c2397f59a174aa43b9c69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:37:7a:1a:6b:57:e3:48:13:9f:93:5f:63:f5:
                    2d:9d:bc:6e:5f:78:15:19:39:9d:02:82:3e:a5:4b:
                    fd:a7:38:fc:67:c4:4d:c3:69:2a:03:44:ca:c2:db:
                    29:f1:fa:65:71:b5:13:06:f8:eb:7d:22:30:60:45:
                    98:4a:1a:6b:1a:ab:d0:2f:48:7c:71:1b:5d:72:8e:
                    f4:52:36:01:c9:42:1b:3d:28:40:e4:05:47:a6:20:
                    4b:1e:ba:75:67:22:f6:e6:08:89:1a:99:84:16:91:
                    f9:d3:ca:60:fd:8a:e0:15:fe:f1:a1:04:a0:72:8e:
                    a5:78:21:9e:a9:6f:95:af:66:4d:ec:ad:0f:49:da:
                    43:a9:13:3f:d6:40:1b:de:db:fb:c7:2e:51:f1:ba:
                    f7:cc:75:15:ec:57:9b:7d:50:91:50:08:a9:13:a1:
                    fa:b2:ef:fd:f8:12:87:b9:8a:bc:02:f4:3e:42:ef:
                    0e:6f:75:d1:dc:c1:6a:42:33:eb:fb:fa:c7:05:7d:
                    12:65:fa:20:dd:21:7f:dc:20:a2:3d:3e:0a:1d:f6:
                    37:5b:9d:b8:d8:c7:0b:06:8d:b4:23:46:dd:47:28:
                    16:2d:75:2b:75:3e:ab:fc:a9:ba:0f:b0:fa:d9:5e:
                    60:c7:93:48:34:ab:d9:10:77:11:eb:dd:cd:fa:85:
                    93:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:41:D6:F8:16:F7:85:E3:A4:0C:23:97:F5:9A:17:4A:A4:3B:9C:69
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:a3:c4:27:2c:4d:2b:63:0f:42:77:3c:33:fe:a0:3d:1a:c7:
         8c:80:8c:5a:3d:5d:b4:b6:3d:fc:a1:13:9b:2f:99:bd:b0:89:
         f1:4e:0d:0c:11:3e:99:e7:f2:db:af:ef:98:5e:88:15:ee:e8:
         b0:5f:f7:1b:f9:7b:89:c2:fd:21:67:b7:1b:6b:3a:e7:80:45:
         12:1a:77:e1:0e:1c:67:52:67:a9:6a:88:3c:08:99:c8:db:98:
         bb:ee:86:ec:d2:55:4b:49:fc:66:98:b7:52:5a:7f:65:7b:d2:
         b2:a1:16:48:3f:dd:a5:ef:0d:b9:e5:f0:e3:f6:a8:c9:46:21:
         2c:54:62:f6:2f:df:ad:cd:c5:0b:28:f3:18:a1:57:dc:1b:04:
         c3:1b:87:3b:73:32:de:ff:51:4c:fb:8f:23:7f:6b:f9:79:6b:
         c6:25:5f:07:0d:14:e2:57:be:34:41:09:50:42:89:7f:88:8f:
         2d:33:68:9e:20:c3:33:6f:57:f7:90:83:da:7b:d4:80:3b:07:
         59:b9:25:63:13:f2:d4:0d:4d:e4:c8:13:24:c7:7e:a9:0f:d3:
         63:46:62:62:eb:a4:ce:6d:35:f7:b3:a2:61:cb:6c:5b:84:bf:
         23:63:75:8d:70:43:72:35:f6:3f:8c:b7:83:e1:c8:a4:f4:8b:
         07:11:89:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4A+ypHd8ktty+PHmbIxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUwODIzMDMwMTUwWhcNMjUwODI0MDMwMTUwWjAzMTEwLwYDVQQD
Eyg5NzQxZDZmODE2Zjc4NWUzYTQwYzIzOTdmNTlhMTc0YWE0M2I5YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzd6GmtX40gTn5NfY/UtnbxuX3gV
GTmdAoI+pUv9pzj8Z8RNw2kqA0TKwtsp8fplcbUTBvjrfSIwYEWYShprGqvQL0h8
cRtdco70UjYByUIbPShA5AVHpiBLHrp1ZyL25giJGpmEFpH508pg/YrgFf7xoQSg
co6leCGeqW+Vr2ZN7K0PSdpDqRM/1kAb3tv7xy5R8br3zHUV7FebfVCRUAipE6H6
su/9+BKHuYq8AvQ+Qu8Ob3XR3MFqQjPr+/rHBX0SZfog3SF/3CCiPT4KHfY3W524
2McLBo20I0bdRygWLXUrdT6r/Km6D7D62V5gx5NINKvZEHcR693N+oWTHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdB1vgW94XjpAwjl/WaF0qkO5xpMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqaPEJyxN
K2MPQnc8M/6gPRrHjICMWj1dtLY9/KETmy+ZvbCJ8U4NDBE+mefy26/vmF6IFe7o
sF/3G/l7icL9IWe3G2s654BFEhp34Q4cZ1JnqWqIPAiZyNuYu+6G7NJVS0n8Zpi3
Ulp/ZXvSsqEWSD/dpe8NueXw4/aoyUYhLFRi9i/frc3FCyjzGKFX3BsEwxuHO3My
3v9RTPuPI39r+XlrxiVfBw0U4le+NEEJUEKJf4iPLTNoniDDM29X95CD2nvUgDsH
WbklYxPy1A1N5MgTJMd+qQ/TY0ZiYuukzm0197OiYctsW4S/I2N1jXBDcjX2P4y3
g+HIpPSLBxGJow==
-----END CERTIFICATE-----