Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
File:                     HGce_RKBEUKXWJ51k6fgUFTZJVs.mft (raw, json)
Hash identifier:          leP4EJFidjPMhZ103fUE/A/LxRSzV/ei24f0/SPzk1o=
Subject key identifier:   05:11:76:4A:D9:5E:5A:AC:E0:96:FA:F2:9F:D7:F7:98:8B:78:86:F5
Authority key identifier: 1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B
Certificate issuer:       /CN=1c671efd1281114297589e7593a7e05054d9255b
Certificate serial:       01984AAEE42AC756DB03430BCED7351A6668
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
Manifest number:          1101
Signing time:             Sun 27 Jul 2025 07:00:32 +0000
Manifest this update:     Sun 27 Jul 2025 07:00:32 +0000
Manifest next update:     Mon 28 Jul 2025 07:00:32 +0000
Files and hashes:         1: HGce_RKBEUKXWJ51k6fgUFTZJVs.crl (hash: JojT7megxC8S4zsq1AByZBKMFhQGqrhIrHsHnPNxvWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:ae:e4:2a:c7:56:db:03:43:0b:ce:d7:35:1a:66:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c671efd1281114297589e7593a7e05054d9255b
        Validity
            Not Before: Jul 27 07:00:32 2025 GMT
            Not After : Jul 28 07:00:32 2025 GMT
        Subject: CN=0511764ad95e5aace096faf29fd7f7988b7886f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:67:db:20:b0:06:19:83:01:24:c7:59:3e:21:
                    1e:21:16:3d:66:ba:d8:81:75:ac:85:82:e3:0a:ca:
                    e4:50:ab:4b:bb:c0:29:cc:38:b9:0b:49:40:44:bb:
                    fd:d3:38:c4:9c:bd:f9:3c:c3:b1:48:e5:06:5a:a4:
                    46:f4:86:b2:2f:69:c7:37:9a:db:b3:13:16:39:ca:
                    fb:43:55:e4:0c:dd:e4:3f:b6:44:5d:a6:d0:60:dd:
                    c6:7e:f7:37:9c:81:5b:63:88:89:dc:88:6b:0c:56:
                    27:a0:3f:aa:85:71:cd:65:9b:23:93:a9:3e:65:81:
                    95:aa:be:73:69:51:57:4c:3e:59:27:2f:da:36:37:
                    42:e6:3f:79:90:0f:59:7b:55:2d:ea:be:67:97:93:
                    84:a5:24:d2:96:58:71:21:62:7c:19:9c:b1:1e:06:
                    91:c6:64:07:b9:51:16:90:e7:d3:81:60:21:fe:d2:
                    d4:cb:39:da:24:19:1a:34:be:75:75:3a:84:52:0c:
                    be:88:a7:59:95:be:d8:9c:e3:6a:3f:f9:b9:f4:1f:
                    bd:38:67:cb:4b:81:fc:f3:d5:57:81:3e:1b:78:03:
                    70:62:c7:49:3e:de:0a:8a:d6:a0:44:3a:71:31:6c:
                    7f:8d:58:d5:b4:87:26:45:0b:30:c8:90:57:d3:cd:
                    86:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:11:76:4A:D9:5E:5A:AC:E0:96:FA:F2:9F:D7:F7:98:8B:78:86:F5
            X509v3 Authority Key Identifier:
                keyid:1C:67:1E:FD:12:81:11:42:97:58:9E:75:93:A7:E0:50:54:D9:25:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGce_RKBEUKXWJ51k6fgUFTZJVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fdb003-fae3-4a69-9c91-e3d2f64fddd4/1/HGce_RKBEUKXWJ51k6fgUFTZJVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:8f:0d:87:3e:09:ac:25:6f:3e:92:f5:ef:4c:b6:39:18:a9:
         77:78:ae:e3:a1:8d:e6:c6:d1:8b:31:81:6c:2c:b0:13:91:48:
         51:6f:f9:49:b6:70:2a:f4:b4:df:3d:6e:26:37:77:fd:6c:91:
         e1:35:82:1d:f2:ba:9c:6b:01:13:55:8d:fc:f7:6e:08:8c:d4:
         cb:3f:c8:9f:88:53:e6:19:e3:d2:54:c6:58:f0:28:54:71:80:
         a1:c6:b3:04:2d:93:78:78:18:97:49:c0:b5:0e:df:5e:01:26:
         9c:c3:d4:76:76:04:2c:aa:90:66:89:9b:96:e5:5a:52:94:61:
         db:74:ea:0d:33:ff:a7:74:ca:0b:3c:c6:3d:7c:70:2f:ed:38:
         db:f2:7d:78:38:33:4a:e2:3f:b4:22:73:62:3c:7d:2e:f7:23:
         50:81:92:cd:e6:23:d0:92:73:bf:73:39:dd:5b:74:fa:98:67:
         7e:a1:e1:f4:a4:eb:8a:06:38:e6:a4:26:78:69:98:82:f1:43:
         d6:4a:a7:8e:25:c6:2a:05:b4:c5:64:fb:49:8a:ec:9c:6d:33:
         d6:f4:50:74:c6:e6:4d:6e:ee:e5:9a:d0:ad:7a:88:76:d0:05:
         7e:5b:32:36:6b:b5:6a:8e:b1:c8:47:f8:c7:57:f1:48:74:17:
         81:0a:a4:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKruQqx1bbA0MLztc1GmZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjcxZWZkMTI4MTExNDI5NzU4OWU3NTkzYTdlMDUwNTRk
OTI1NWIwHhcNMjUwNzI3MDcwMDMyWhcNMjUwNzI4MDcwMDMyWjAzMTEwLwYDVQQD
EygwNTExNzY0YWQ5NWU1YWFjZTA5NmZhZjI5ZmQ3Zjc5ODhiNzg4NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGfbILAGGYMBJMdZPiEeIRY9ZrrY
gXWshYLjCsrkUKtLu8ApzDi5C0lARLv90zjEnL35PMOxSOUGWqRG9IayL2nHN5rb
sxMWOcr7Q1XkDN3kP7ZEXabQYN3Gfvc3nIFbY4iJ3IhrDFYnoD+qhXHNZZsjk6k+
ZYGVqr5zaVFXTD5ZJy/aNjdC5j95kA9Ze1Ut6r5nl5OEpSTSllhxIWJ8GZyxHgaR
xmQHuVEWkOfTgWAh/tLUyznaJBkaNL51dTqEUgy+iKdZlb7YnONqP/m59B+9OGfL
S4H889VXgT4beANwYsdJPt4KitagRDpxMWx/jVjVtIcmRQswyJBX082G5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAURdkrZXlqs4Jb68p/X95iLeIb1MB8GA1UdIwQY
MBaAFBxnHv0SgRFCl1iedZOn4FBU2SVbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEt
ZTNkMmY2NGZkZGQ0LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mZGIwMDMtZmFlMy00YTY5LTljOTEtZTNkMmY2NGZkZGQ0
LzEvSEdjZV9SS0JFVUtYV0o1MWs2ZmdVRlRaSlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGo8Nhz4J
rCVvPpL170y2ORipd3iu46GN5sbRizGBbCywE5FIUW/5SbZwKvS03z1uJjd3/WyR
4TWCHfK6nGsBE1WN/PduCIzUyz/In4hT5hnj0lTGWPAoVHGAocazBC2TeHgYl0nA
tQ7fXgEmnMPUdnYELKqQZombluVaUpRh23TqDTP/p3TKCzzGPXxwL+042/J9eDgz
SuI/tCJzYjx9LvcjUIGSzeYj0JJzv3M53Vt0+phnfqHh9KTrigY45qQmeGmYgvFD
1kqnjiXGKgW0xWT7SYrsnG0z1vRQdMbmTW7u5ZrQrXqIdtAFflsyNmu1ao6xyEf4
x1fxSHQXgQqkaw==
-----END CERTIFICATE-----