Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          irK60P5YjoS+KrnuqO6ft15KArm21QAm7wC20v6y4DU=
Subject key identifier:   EB:B1:67:DC:D6:97:6B:1C:52:F5:C4:F7:41:A8:D6:41:46:8B:C9:36
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       01976E86D89D01334631011B04E1EF51C39F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          074F
Signing time:             Sat 14 Jun 2025 13:00:20 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:20 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:20 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: MFHVYBLotoIgeXfzE4Ie55YRL3LzUrMlbHHNZp6DV8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:86:d8:9d:01:33:46:31:01:1b:04:e1:ef:51:c3:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Jun 14 13:00:20 2025 GMT
            Not After : Jun 15 13:00:20 2025 GMT
        Subject: CN=ebb167dcd6976b1c52f5c4f741a8d641468bc936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f8:5d:3f:17:01:60:be:5e:98:a6:96:68:d4:
                    e9:3d:62:14:fe:02:f4:8a:4f:5e:e4:a8:ef:ec:29:
                    52:99:30:e5:4c:dd:f1:f1:94:68:85:c2:cb:79:37:
                    90:e2:c0:ec:43:c2:e7:a9:6d:e0:ae:52:cb:03:5f:
                    25:96:06:f4:5b:e1:31:60:cd:42:b3:e4:55:71:e7:
                    26:a9:5b:d8:83:77:b8:9a:ff:48:da:e8:60:97:90:
                    b6:89:cd:1a:8e:90:ac:22:c2:ac:13:2a:9e:f7:24:
                    78:93:d7:e1:0c:68:69:e6:fc:f6:58:ad:bc:a6:2a:
                    2d:ec:1c:95:56:7d:f0:b6:57:1a:4c:da:d8:9e:14:
                    b6:a6:b4:8e:a8:cb:a1:f2:c4:a0:5e:50:9f:95:92:
                    67:4a:a3:88:c2:fd:e5:85:3d:1e:49:b3:be:f5:cc:
                    60:14:73:fb:56:ee:70:a8:a2:03:22:c3:b2:9a:b5:
                    77:72:2f:42:d7:d5:2a:2e:76:ca:5c:e3:59:7f:63:
                    c0:c4:64:6f:11:90:c9:bb:e1:db:ee:a9:79:a9:87:
                    97:d4:b8:8f:23:a0:56:27:8c:9f:06:a0:f2:dd:94:
                    7c:16:e7:ee:04:24:24:86:93:8c:3b:a1:e1:9c:09:
                    08:c4:61:00:4b:b1:4a:8d:d6:83:70:6c:06:82:5b:
                    fe:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:B1:67:DC:D6:97:6B:1C:52:F5:C4:F7:41:A8:D6:41:46:8B:C9:36
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:5e:1a:e5:1e:bd:a3:70:ef:96:76:4a:ac:a8:ad:66:c2:ff:
         f6:79:3c:f5:26:08:1d:9b:7a:2d:4e:d9:94:46:dc:de:c3:de:
         cf:d9:d3:d6:0a:6b:0d:c0:1e:bb:2e:85:bb:13:b2:93:1f:98:
         0e:5a:fa:ef:f3:43:6d:30:c3:56:4f:9a:ef:ec:41:e9:a7:ff:
         35:fe:fc:0e:2b:ed:f4:17:38:c3:c2:7e:14:8b:e6:45:ca:27:
         e4:a6:cd:32:37:1a:18:f6:06:10:3c:ba:07:a6:66:6c:1e:3a:
         50:6f:5a:94:6c:53:ed:1e:09:13:95:e7:62:8d:0b:08:7e:17:
         30:5a:7c:0a:73:9d:d1:5f:f9:b8:ab:78:6a:dd:68:16:f4:8a:
         81:eb:62:74:3b:75:29:84:2a:82:cd:8e:51:01:b1:71:29:25:
         5f:2c:0c:ff:98:81:fc:09:9e:3b:c5:df:28:9b:62:6d:41:c9:
         9a:89:9f:e7:25:78:4e:02:d6:5d:1e:98:7d:f2:45:ec:c8:52:
         72:c5:bf:e6:9d:f4:b3:0f:10:72:0d:a6:81:4b:16:1c:da:ad:
         81:93:da:b3:16:a0:09:4e:f1:b8:12:e6:0e:f2:b0:10:11:09:
         46:bb:96:c1:ad:9f:bf:0c:58:99:74:01:ab:29:21:fc:60:d3:
         a0:cd:6a:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhtidATNGMQEbBOHvUcOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwNjE0MTMwMDIwWhcNMjUwNjE1MTMwMDIwWjAzMTEwLwYDVQQD
EyhlYmIxNjdkY2Q2OTc2YjFjNTJmNWM0Zjc0MWE4ZDY0MTQ2OGJjOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/hdPxcBYL5emKaWaNTpPWIU/gL0
ik9e5Kjv7ClSmTDlTN3x8ZRohcLLeTeQ4sDsQ8LnqW3grlLLA18llgb0W+ExYM1C
s+RVcecmqVvYg3e4mv9I2uhgl5C2ic0ajpCsIsKsEyqe9yR4k9fhDGhp5vz2WK28
piot7ByVVn3wtlcaTNrYnhS2prSOqMuh8sSgXlCflZJnSqOIwv3lhT0eSbO+9cxg
FHP7Vu5wqKIDIsOymrV3ci9C19UqLnbKXONZf2PAxGRvEZDJu+Hb7ql5qYeX1LiP
I6BWJ4yfBqDy3ZR8FufuBCQkhpOMO6HhnAkIxGEAS7FKjdaDcGwGglv+nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuxZ9zWl2scUvXE90Go1kFGi8k2MB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJF4a5R69
o3DvlnZKrKitZsL/9nk89SYIHZt6LU7ZlEbc3sPez9nT1gprDcAeuy6FuxOykx+Y
Dlr67/NDbTDDVk+a7+xB6af/Nf78Divt9Bc4w8J+FIvmRcon5KbNMjcaGPYGEDy6
B6ZmbB46UG9alGxT7R4JE5XnYo0LCH4XMFp8CnOd0V/5uKt4at1oFvSKgetidDt1
KYQqgs2OUQGxcSklXywM/5iB/AmeO8XfKJtibUHJmomf5yV4TgLWXR6YffJF7MhS
csW/5p30sw8Qcg2mgUsWHNqtgZPasxagCU7xuBLmDvKwEBEJRruWwa2fvwxYmXQB
qykh/GDToM1qpg==
-----END CERTIFICATE-----