Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
File:                     HVdIhaDItCBcPfLR_Nc0h33hBdk.mft (raw, json)
Hash identifier:          1y8fY3B8wfeezGNbXSdZeFpQi35amghkeYa/5+UyBdM=
Subject key identifier:   8E:2F:A4:8F:46:DE:A2:38:12:F0:1F:0E:00:13:16:64:4F:94:E6:93
Authority key identifier: 1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9
Certificate issuer:       /CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
Certificate serial:       0198462D4A601025592FE10502C8559E23D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
Manifest number:          01D0
Signing time:             Sat 26 Jul 2025 10:00:29 +0000
Manifest this update:     Sat 26 Jul 2025 10:00:29 +0000
Manifest next update:     Sun 27 Jul 2025 10:00:29 +0000
Files and hashes:         1: HVdIhaDItCBcPfLR_Nc0h33hBdk.crl (hash: LSkD40siDudujc9Ijw/fdcGt6qovGgoiDPLDbgTSQCg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 10:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:46:2d:4a:60:10:25:59:2f:e1:05:02:c8:55:9e:23:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
        Validity
            Not Before: Jul 26 10:00:29 2025 GMT
            Not After : Jul 27 10:00:29 2025 GMT
        Subject: CN=8e2fa48f46dea23812f01f0e001316644f94e693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:ab:9a:3a:5d:be:96:2c:23:be:29:c8:51:
                    34:33:30:ad:78:1a:3b:e5:f5:90:45:c7:3a:6c:37:
                    22:93:22:da:f5:77:50:a3:f7:86:ea:a0:ca:ef:8b:
                    dd:de:ef:aa:df:ca:fe:ca:cd:96:f4:98:98:b6:94:
                    af:9f:bb:e1:e4:6f:3d:12:29:17:e8:8f:b0:49:2b:
                    14:ae:97:ad:3a:7c:1f:95:55:de:79:a2:04:07:0a:
                    47:f5:e3:98:21:83:d2:19:ea:10:3e:18:94:1a:39:
                    37:64:e4:9e:f2:d7:70:f9:91:a4:79:24:7b:31:95:
                    4a:5f:a3:98:1d:c0:47:d2:c5:fc:c4:d5:90:95:0e:
                    16:35:7a:0f:be:a7:60:fd:b5:bb:df:51:88:c5:ee:
                    39:da:4b:ed:c2:41:60:e1:87:2e:e4:87:a5:6a:fd:
                    de:f2:f1:ad:24:86:af:9d:b6:7d:7c:67:c3:13:46:
                    6d:a5:dc:6f:a9:ff:d0:28:c7:45:20:4d:03:c4:02:
                    58:a9:62:ff:a5:62:74:89:7e:a6:1d:31:fe:79:8c:
                    e8:81:c4:3c:30:79:66:fa:72:39:1c:3b:69:bc:34:
                    34:3e:c1:2c:77:ba:8d:e5:de:9e:67:b6:81:f0:e4:
                    a8:e1:c7:75:a1:c5:7b:29:93:34:f8:96:c6:6b:db:
                    88:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:2F:A4:8F:46:DE:A2:38:12:F0:1F:0E:00:13:16:64:4F:94:E6:93
            X509v3 Authority Key Identifier:
                keyid:1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:c1:df:5b:87:74:52:bd:11:21:fd:6b:98:54:85:79:4e:83:
         5a:98:5f:a4:8d:b5:59:d4:ff:19:a0:79:57:fb:04:cb:04:bd:
         77:5b:13:98:27:f8:5c:8c:82:51:b6:b2:44:29:71:69:60:9a:
         43:34:e2:a3:84:a1:c1:1b:41:d6:e7:de:83:90:ad:de:42:18:
         21:b2:0e:7b:31:13:00:0e:01:38:5e:87:e0:88:63:69:97:f0:
         ff:66:cb:66:9f:f6:26:14:78:0b:23:a4:99:2f:3f:b7:c5:b6:
         ec:bf:bf:1c:9b:4f:a5:38:51:ba:0e:17:26:a9:3d:5a:b3:c2:
         d2:75:13:ff:25:b3:78:e8:b9:33:45:4c:66:d0:0b:81:14:68:
         53:ed:a3:70:87:bc:b6:ea:01:70:fe:54:81:24:ff:fe:14:5a:
         dd:8d:7b:83:fb:91:d0:e1:80:a2:73:57:12:6f:5a:c3:3a:0f:
         d8:5f:10:53:55:84:74:a5:f6:66:ed:81:dd:7b:5a:4d:60:34:
         34:68:54:72:bc:69:72:e8:f6:db:85:8d:20:98:94:30:49:51:
         ee:11:87:bc:29:64:af:2f:97:dc:4f:2b:9e:dd:b7:5b:f0:29:
         f8:93:49:a2:eb:7e:5b:57:6f:bf:fc:b2:66:a8:d6:90:b3:c1:
         41:50:ed:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhGLUpgECVZL+EFAshVniPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTc0ODg1YTBjOGI0MjA1YzNkZjJkMWZjZDczNDg3N2Rl
MTA1ZDkwHhcNMjUwNzI2MTAwMDI5WhcNMjUwNzI3MTAwMDI5WjAzMTEwLwYDVQQD
Eyg4ZTJmYTQ4ZjQ2ZGVhMjM4MTJmMDFmMGUwMDEzMTY2NDRmOTRlNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4+rmjpdvpYsI74pyFE0MzCteBo7
5fWQRcc6bDcikyLa9XdQo/eG6qDK74vd3u+q38r+ys2W9JiYtpSvn7vh5G89EikX
6I+wSSsUrpetOnwflVXeeaIEBwpH9eOYIYPSGeoQPhiUGjk3ZOSe8tdw+ZGkeSR7
MZVKX6OYHcBH0sX8xNWQlQ4WNXoPvqdg/bW731GIxe452kvtwkFg4Ycu5Ielav3e
8vGtJIavnbZ9fGfDE0Ztpdxvqf/QKMdFIE0DxAJYqWL/pWJ0iX6mHTH+eYzogcQ8
MHlm+nI5HDtpvDQ0PsEsd7qN5d6eZ7aB8OSo4cd1ocV7KZM0+JbGa9uIwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4vpI9G3qI4EvAfDgATFmRPlOaTMB8GA1UdIwQY
MBaAFB1XSIWgyLQgXD3y0fzXNId94QXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMt
OTE5OGNhMmFjNzY2LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMtOTE5OGNhMmFjNzY2
LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVMHfW4d0
Ur0RIf1rmFSFeU6DWphfpI21WdT/GaB5V/sEywS9d1sTmCf4XIyCUbayRClxaWCa
QzTio4ShwRtB1ufeg5Ct3kIYIbIOezETAA4BOF6H4IhjaZfw/2bLZp/2JhR4CyOk
mS8/t8W27L+/HJtPpThRug4XJqk9WrPC0nUT/yWzeOi5M0VMZtALgRRoU+2jcIe8
tuoBcP5UgST//hRa3Y17g/uR0OGAonNXEm9awzoP2F8QU1WEdKX2Zu2B3XtaTWA0
NGhUcrxpcuj224WNIJiUMElR7hGHvClkry+X3E8rnt23W/Ap+JNJout+W1dvv/yy
ZqjWkLPBQVDtOw==
-----END CERTIFICATE-----