Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          kcAJITsoTy+VoHt/WS2FbYr5iIkSwCrMOAiZwunFS5U=
Subject key identifier:   25:6C:4B:AB:2B:64:84:F0:C1:D3:81:25:59:4D:C7:24:1C:3A:31:02
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       0197575A33A547DC8E96D472EE007F3413F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          0743
Signing time:             Tue 10 Jun 2025 01:00:18 +0000
Manifest this update:     Tue 10 Jun 2025 01:00:18 +0000
Manifest next update:     Wed 11 Jun 2025 01:00:18 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: u6u6F9kjHD2Xq/UtI5Pl9dVk4XErKUjStke6+34sQ50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:5a:33:a5:47:dc:8e:96:d4:72:ee:00:7f:34:13:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Jun 10 01:00:18 2025 GMT
            Not After : Jun 11 01:00:18 2025 GMT
        Subject: CN=256c4bab2b6484f0c1d38125594dc7241c3a3102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b7:9e:8d:36:d0:d2:32:8f:f0:08:3d:7c:89:
                    7b:49:20:58:d6:9b:6d:72:4e:19:9d:7e:a4:90:da:
                    59:29:95:5e:11:83:97:59:cf:b0:a1:9a:67:22:f9:
                    9f:2f:34:90:82:10:aa:80:f6:20:0e:ff:06:b9:93:
                    68:1c:30:91:b1:c7:d6:ad:20:f3:df:4f:98:f7:a3:
                    1c:9f:16:1b:58:79:ae:0b:17:03:f3:fb:5c:36:20:
                    60:9a:82:cc:d3:9a:f6:6e:6e:e1:fe:61:b6:f4:59:
                    32:43:7c:54:81:00:a4:86:e4:ef:e4:95:7e:8d:25:
                    c8:92:11:fc:0b:d4:81:69:8b:fd:60:60:56:87:83:
                    79:3c:a6:0d:0b:43:d4:35:9c:82:b2:f2:4a:1a:c2:
                    5d:e9:99:d0:5b:0a:86:db:cb:c2:a7:7f:6e:24:4b:
                    e2:2d:ee:a8:81:14:b3:6a:ec:97:55:2c:fa:4d:78:
                    98:af:7e:18:ea:ba:0d:96:9b:87:c6:55:ea:23:29:
                    80:6a:79:99:77:7c:61:59:ed:35:98:84:a9:6a:1f:
                    41:a1:fb:68:41:a0:dc:b7:d0:9d:b5:1c:26:56:bd:
                    b8:e5:02:59:02:b8:bb:c7:c1:ff:d1:f5:8e:81:ce:
                    7c:1f:da:01:1e:26:d3:94:a2:48:90:48:a3:bb:e0:
                    aa:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:6C:4B:AB:2B:64:84:F0:C1:D3:81:25:59:4D:C7:24:1C:3A:31:02
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:f2:65:bd:7b:a4:d9:47:fa:6a:17:eb:68:f2:af:75:97:39:
         25:1c:f1:11:22:d8:e0:fa:35:2e:ce:cd:f0:38:d5:36:bb:dd:
         99:2f:c3:8c:31:b7:e1:35:8c:81:6d:06:33:0e:1b:1a:3b:a3:
         35:7c:89:ab:8c:6c:1d:f3:c4:a8:f0:68:d1:4a:2c:ac:76:e0:
         38:f7:8e:1a:5e:fd:89:42:c5:4e:05:26:bd:eb:df:d2:e8:df:
         c3:74:7b:eb:45:09:27:46:84:62:74:fb:74:ab:95:ea:83:40:
         4a:de:64:17:d6:cb:77:cc:44:30:27:ea:87:c1:a3:d4:9a:1d:
         9d:05:4d:4b:94:82:b1:ad:ef:a6:82:cb:d6:69:d2:55:f6:68:
         49:42:d2:3f:e9:d2:98:e6:2d:79:e2:5b:a4:70:2c:2e:2a:bb:
         ee:f7:26:f4:43:2e:14:56:72:dd:0f:13:27:35:d5:39:81:78:
         fd:97:88:59:a3:5a:e8:79:8d:fb:4c:bb:12:d8:5b:ce:81:a2:
         e1:1c:02:0d:14:00:c2:64:10:1b:f6:c7:2c:9a:50:56:46:ae:
         a5:5f:f8:52:ab:a4:96:1f:9f:a9:52:96:78:20:16:7b:93:14:
         41:27:5b:5c:e5:c5:1e:d4:19:62:ed:54:ba:73:e3:d8:38:cd:
         bf:66:23:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXWjOlR9yOltRy7gB/NBP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwNjEwMDEwMDE4WhcNMjUwNjExMDEwMDE4WjAzMTEwLwYDVQQD
EygyNTZjNGJhYjJiNjQ4NGYwYzFkMzgxMjU1OTRkYzcyNDFjM2EzMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7eejTbQ0jKP8Ag9fIl7SSBY1ptt
ck4ZnX6kkNpZKZVeEYOXWc+woZpnIvmfLzSQghCqgPYgDv8GuZNoHDCRscfWrSDz
30+Y96McnxYbWHmuCxcD8/tcNiBgmoLM05r2bm7h/mG29FkyQ3xUgQCkhuTv5JV+
jSXIkhH8C9SBaYv9YGBWh4N5PKYNC0PUNZyCsvJKGsJd6ZnQWwqG28vCp39uJEvi
Le6ogRSzauyXVSz6TXiYr34Y6roNlpuHxlXqIymAanmZd3xhWe01mISpah9Bofto
QaDct9CdtRwmVr245QJZAri7x8H/0fWOgc58H9oBHibTlKJIkEiju+CquwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVsS6srZITwwdOBJVlNxyQcOjECMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC/JlvXuk
2Uf6ahfraPKvdZc5JRzxESLY4Po1Ls7N8DjVNrvdmS/DjDG34TWMgW0GMw4bGjuj
NXyJq4xsHfPEqPBo0UosrHbgOPeOGl79iULFTgUmvevf0ujfw3R760UJJ0aEYnT7
dKuV6oNASt5kF9bLd8xEMCfqh8Gj1JodnQVNS5SCsa3vpoLL1mnSVfZoSULSP+nS
mOYteeJbpHAsLiq77vcm9EMuFFZy3Q8TJzXVOYF4/ZeIWaNa6HmN+0y7EthbzoGi
4RwCDRQAwmQQG/bHLJpQVkaupV/4Uquklh+fqVKWeCAWe5MUQSdbXOXFHtQZYu1U
unPj2DjNv2YjCw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:54:09 2025 by rpki-client