Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          gOVaIYaN3zq9htfBLRTOdgiFTDTPuRfXzFs5KUSQIpQ=
Subject key identifier:   0A:59:6A:00:DD:AB:B4:94:6F:13:99:65:F6:E8:EA:CD:D9:8F:74:DF
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       019A71133A12A011F2098B0A2B8793A8F3FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          08DE
Signing time:             Tue 11 Nov 2025 04:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:16 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: NFMRJ7MHbHIydEg2L8mT+/wh/vjwOPvaoim+ENzpvGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:3a:12:a0:11:f2:09:8b:0a:2b:87:93:a8:f3:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Nov 11 04:01:16 2025 GMT
            Not After : Nov 12 04:01:16 2025 GMT
        Subject: CN=0a596a00ddabb4946f139965f6e8eacdd98f74df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b3:91:55:20:30:cd:e0:31:97:ac:26:79:1d:
                    e8:3f:21:54:33:94:9f:28:d7:2a:e9:4e:dd:dd:79:
                    d5:dc:7d:dc:b2:2b:e2:91:d3:3d:a8:7a:75:f5:32:
                    73:45:4e:67:22:1d:ff:a8:71:5b:a7:0f:6c:d1:de:
                    79:8b:d3:10:d0:ff:c5:f8:70:44:cb:45:a0:d1:f3:
                    e5:3e:81:65:22:8f:e9:44:c8:41:d1:30:48:cb:3c:
                    b5:e6:0c:95:59:db:22:17:2d:a9:cf:1a:28:5c:ca:
                    42:94:ac:ab:50:53:19:9c:97:5a:63:b5:b7:a5:17:
                    dd:82:75:6c:05:4f:d6:70:ed:39:c1:6a:de:fc:c6:
                    ed:b9:2a:99:ba:54:f7:9f:bf:a9:a4:00:51:d7:d2:
                    32:e4:70:89:32:ab:f8:82:a5:34:6c:0f:e7:16:e3:
                    97:01:75:99:d0:82:99:0e:ac:58:56:c8:d8:c5:7d:
                    37:78:68:27:58:4e:ff:15:a2:82:e6:89:2e:22:6b:
                    64:4d:9f:67:f5:be:24:b5:9e:42:09:1e:6a:df:f7:
                    73:fa:13:52:52:f1:e7:16:d6:75:cf:04:ba:fb:07:
                    66:88:f5:c1:10:52:47:ea:2f:39:8a:1d:a0:10:7e:
                    87:38:ab:87:4c:5b:3f:49:89:77:03:11:02:fd:d8:
                    3f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:59:6A:00:DD:AB:B4:94:6F:13:99:65:F6:E8:EA:CD:D9:8F:74:DF
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:7a:a7:75:e0:90:a3:f1:94:14:02:41:28:3a:1e:4f:cf:15:
         55:08:b2:0d:97:ef:c6:74:7b:eb:67:96:ac:a7:ac:41:78:d9:
         e4:3c:3c:25:87:48:29:2d:f6:5c:52:7a:ef:7a:7e:64:f4:09:
         29:8e:57:2b:92:fa:59:9b:f6:56:d1:e0:0a:84:32:96:a7:ce:
         46:ec:e0:cf:25:00:0d:93:df:ae:fa:0f:e5:06:0c:2b:7f:b6:
         d7:88:89:0e:7c:e3:36:6e:2d:f1:38:0b:e5:d2:b8:11:3c:b9:
         89:37:d4:68:2a:36:a5:c7:19:dd:79:62:28:a0:31:de:bf:64:
         73:28:d8:26:05:b4:7e:da:c9:a6:21:64:e9:bf:68:52:90:b5:
         d9:2f:99:d6:cb:40:3e:07:c3:5d:bd:95:19:00:d3:1c:e9:d7:
         cd:a2:39:c5:2f:cc:e2:1c:bf:9e:66:2a:dc:2a:60:e6:7c:f3:
         92:9e:75:81:8a:bd:b2:2d:4e:44:fa:7c:5c:36:55:14:1f:7a:
         52:64:63:70:04:08:43:45:0b:89:50:8e:38:51:fe:9d:90:c6:
         a7:96:e2:9d:b1:74:97:0b:61:43:6d:5b:12:07:43:af:ef:40:
         67:31:c8:c9:05:86:d4:9d:67:ea:b5:d7:90:d1:c3:e0:aa:c6:
         2e:e0:1b:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEzoSoBHyCYsKK4eTqPP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUxMTExMDQwMTE2WhcNMjUxMTEyMDQwMTE2WjAzMTEwLwYDVQQD
EygwYTU5NmEwMGRkYWJiNDk0NmYxMzk5NjVmNmU4ZWFjZGQ5OGY3NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ORVSAwzeAxl6wmeR3oPyFUM5Sf
KNcq6U7d3XnV3H3csivikdM9qHp19TJzRU5nIh3/qHFbpw9s0d55i9MQ0P/F+HBE
y0Wg0fPlPoFlIo/pRMhB0TBIyzy15gyVWdsiFy2pzxooXMpClKyrUFMZnJdaY7W3
pRfdgnVsBU/WcO05wWre/MbtuSqZulT3n7+ppABR19Iy5HCJMqv4gqU0bA/nFuOX
AXWZ0IKZDqxYVsjYxX03eGgnWE7/FaKC5okuImtkTZ9n9b4ktZ5CCR5q3/dz+hNS
UvHnFtZ1zwS6+wdmiPXBEFJH6i85ih2gEH6HOKuHTFs/SYl3AxEC/dg/lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApZagDdq7SUbxOZZfbo6s3Zj3TfMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS3qndeCQ
o/GUFAJBKDoeT88VVQiyDZfvxnR762eWrKesQXjZ5Dw8JYdIKS32XFJ673p+ZPQJ
KY5XK5L6WZv2VtHgCoQylqfORuzgzyUADZPfrvoP5QYMK3+214iJDnzjNm4t8TgL
5dK4ETy5iTfUaCo2pccZ3XliKKAx3r9kcyjYJgW0ftrJpiFk6b9oUpC12S+Z1stA
PgfDXb2VGQDTHOnXzaI5xS/M4hy/nmYq3Cpg5nzzkp51gYq9si1ORPp8XDZVFB96
UmRjcAQIQ0ULiVCOOFH+nZDGp5binbF0lwthQ21bEgdDr+9AZzHIyQWG1J1n6rXX
kNHD4KrGLuAbRw==
-----END CERTIFICATE-----