Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          0vdjvn+WFZMoLDX1fQIrafbpOeczFYTJH7f8mYiQ+uM=
Subject key identifier:   B4:97:70:01:A8:5D:FE:57:82:0C:43:C1:BA:01:66:5C:BC:C1:D5:B7
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       019922FAB84B50B952CCAA6C332141C5316E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0831
Signing time:             Sun 07 Sep 2025 07:01:20 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:20 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:20 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: L/e167YTssNNCUghWhbQ1yqizfDgWmbvG9xjACACir0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:b8:4b:50:b9:52:cc:aa:6c:33:21:41:c5:31:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Sep  7 07:01:20 2025 GMT
            Not After : Sep  8 07:01:20 2025 GMT
        Subject: CN=b4977001a85dfe57820c43c1ba01665cbcc1d5b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:77:b8:01:b9:3a:fb:f2:d4:5f:50:d3:30:22:
                    54:2f:24:9f:31:be:90:47:89:8f:e7:96:1b:7e:e9:
                    ca:bf:1a:7b:1a:0c:a7:bb:ce:9f:64:72:3f:49:7c:
                    7f:84:19:19:cd:6e:c0:f7:03:8a:52:3d:84:fc:01:
                    60:c2:80:45:c2:37:41:36:e6:53:60:90:5d:cf:8d:
                    17:b5:5d:1d:0d:8a:83:ca:93:a6:e4:87:ed:57:58:
                    3c:49:49:8d:af:c3:b7:90:d1:d0:c4:04:6d:87:cd:
                    8f:39:f8:2d:78:ec:43:54:5e:6e:2d:8c:fb:d4:06:
                    6c:b0:bc:3e:8e:59:0f:cc:9e:5a:86:16:0d:95:a6:
                    23:14:32:ce:d1:4a:37:9c:92:3b:08:e3:0a:a1:92:
                    57:29:48:39:2d:34:73:e5:3a:3b:d2:2b:2a:87:7c:
                    2d:89:4d:3f:c5:49:52:dc:3b:64:ce:fc:20:d6:57:
                    ef:d1:17:bb:48:9e:ad:c5:c1:e6:33:e1:d2:20:cb:
                    f4:4b:6c:53:8e:ca:65:ef:a4:12:d6:0e:38:7d:ff:
                    9f:e8:a0:5d:46:21:c5:2d:b0:f0:f4:64:7a:82:3c:
                    b9:75:12:1c:28:2c:c1:93:9a:67:9f:38:bc:30:c5:
                    16:a2:ea:e8:a2:51:5f:73:2a:b8:1f:59:3e:0f:2f:
                    96:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:97:70:01:A8:5D:FE:57:82:0C:43:C1:BA:01:66:5C:BC:C1:D5:B7
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:15:3f:b9:f1:08:38:a5:7a:e5:ed:3f:21:cd:1a:37:f6:7c:
         50:0d:3f:12:89:9c:ce:3b:50:b1:fa:59:f2:43:6d:af:da:9b:
         07:5f:fa:0a:32:ea:4f:ab:1c:fd:7c:f2:e9:4d:6c:be:d9:31:
         cd:de:94:c2:a8:60:45:3a:ed:69:c0:7c:eb:69:38:33:e3:2e:
         da:87:02:7f:02:17:1a:2f:47:dc:83:84:ba:7a:69:1e:74:de:
         2c:0e:a7:d8:44:52:10:cc:f9:2b:1d:1a:df:ca:ab:01:2a:70:
         99:89:27:e1:3c:1a:13:1b:78:44:7e:1e:51:29:52:73:58:40:
         2c:86:62:a2:86:85:bf:63:58:e4:09:82:ce:ed:88:37:5a:f6:
         95:5e:4b:ae:63:70:08:4d:ab:c3:8f:a9:de:56:ab:a8:c6:d4:
         ba:ad:35:8f:01:d3:9e:64:70:0c:bb:39:be:50:89:c2:9b:1f:
         95:ab:4d:cd:3e:75:63:bf:3b:33:64:19:93:eb:b6:72:5b:17:
         cb:db:79:42:20:1b:14:bc:07:f4:69:8b:95:2c:a5:9d:36:33:
         32:f8:84:de:87:ed:42:a6:ff:bc:9d:31:79:d5:7a:a2:90:be:
         f5:d8:6d:36:3b:e5:38:85:a0:45:0d:77:76:48:8b:fe:72:b4:
         6f:29:86:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+rhLULlSzKpsMyFBxTFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwOTA3MDcwMTIwWhcNMjUwOTA4MDcwMTIwWjAzMTEwLwYDVQQD
EyhiNDk3NzAwMWE4NWRmZTU3ODIwYzQzYzFiYTAxNjY1Y2JjYzFkNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHe4Abk6+/LUX1DTMCJULySfMb6Q
R4mP55YbfunKvxp7Ggynu86fZHI/SXx/hBkZzW7A9wOKUj2E/AFgwoBFwjdBNuZT
YJBdz40XtV0dDYqDypOm5IftV1g8SUmNr8O3kNHQxARth82POfgteOxDVF5uLYz7
1AZssLw+jlkPzJ5ahhYNlaYjFDLO0Uo3nJI7COMKoZJXKUg5LTRz5To70isqh3wt
iU0/xUlS3Dtkzvwg1lfv0Re7SJ6txcHmM+HSIMv0S2xTjspl76QS1g44ff+f6KBd
RiHFLbDw9GR6gjy5dRIcKCzBk5pnnzi8MMUWouroolFfcyq4H1k+Dy+WawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSXcAGoXf5XggxDwboBZly8wdW3MB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAthU/ufEI
OKV65e0/Ic0aN/Z8UA0/EomczjtQsfpZ8kNtr9qbB1/6CjLqT6sc/Xzy6U1svtkx
zd6UwqhgRTrtacB862k4M+Mu2ocCfwIXGi9H3IOEunppHnTeLA6n2ERSEMz5Kx0a
38qrASpwmYkn4TwaExt4RH4eUSlSc1hALIZiooaFv2NY5AmCzu2IN1r2lV5LrmNw
CE2rw4+p3larqMbUuq01jwHTnmRwDLs5vlCJwpsflatNzT51Y787M2QZk+u2clsX
y9t5QiAbFLwH9GmLlSylnTYzMviE3oftQqb/vJ0xedV6opC+9dhtNjvlOIWgRQ13
dkiL/nK0bymGcA==
-----END CERTIFICATE-----