Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
File:                     HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json)
Hash identifier:          XCep7uz1qgz/QlPtyppUfxgHJDFzgNtoFtfyuyvls1o=
Subject key identifier:   4C:6B:BB:DE:DA:54:8A:BB:8E:1A:3F:1C:9C:63:0C:4B:0D:1B:20:6B
Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A
Certificate issuer:       /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
Certificate serial:       019768BC029A9D52CBADC142FE9343D7B894
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
Manifest number:          074C
Signing time:             Fri 13 Jun 2025 10:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:41 +0000
Files and hashes:         1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: HJymgdyLP8zBttGz/YZxjpR6JamvX/9ySmhuvYddYD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bc:02:9a:9d:52:cb:ad:c1:42:fe:93:43:d7:b8:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a
        Validity
            Not Before: Jun 13 10:00:41 2025 GMT
            Not After : Jun 14 10:00:41 2025 GMT
        Subject: CN=4c6bbbdeda548abb8e1a3f1c9c630c4b0d1b206b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:16:e9:99:09:76:59:74:a9:0e:46:b9:2c:82:
                    8e:c3:04:85:e5:80:92:3a:db:84:de:df:9a:25:2a:
                    eb:f2:15:36:4d:fc:27:a0:8f:4d:d5:40:99:ef:58:
                    b7:3f:3b:0a:a2:17:ac:e5:a3:8d:1c:86:2b:a7:e5:
                    dd:42:7e:93:fb:8f:3f:41:ad:a2:4f:59:3b:dc:d8:
                    83:df:e6:af:c2:8a:f3:b8:a3:18:af:9c:e9:89:bc:
                    7d:1a:f0:bb:75:13:c1:49:c3:c6:2a:19:a4:59:bc:
                    56:bf:cf:4f:32:21:b7:7b:ec:a6:4f:33:35:e5:ce:
                    bf:33:40:1c:0b:68:61:37:27:d9:dd:4c:54:8b:6d:
                    5c:3f:0e:41:d5:07:22:cc:c3:58:0a:1f:fe:e9:7d:
                    65:46:fa:eb:b2:4e:1b:70:90:94:44:e6:0d:85:29:
                    6f:4e:d4:2a:11:fe:84:f6:23:05:9b:aa:f7:e9:e8:
                    2b:6d:59:77:72:b4:8a:d0:2f:34:13:0b:0d:4c:01:
                    bf:a8:b8:05:cc:de:94:30:70:dc:6d:8d:1c:34:d4:
                    70:3e:bd:35:19:be:f4:7e:94:ea:10:10:14:0d:62:
                    0e:48:7d:54:c2:b9:f7:0a:07:01:bb:c5:99:04:a0:
                    2d:e5:8b:fb:dc:87:61:80:e6:5d:35:a3:25:ec:60:
                    1f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:6B:BB:DE:DA:54:8A:BB:8E:1A:3F:1C:9C:63:0C:4B:0D:1B:20:6B
            X509v3 Authority Key Identifier:
                keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:b9:0c:f4:dd:75:91:f3:8c:cd:0e:32:bf:e6:37:40:24:06:
         f9:5b:23:e7:c8:26:23:6b:47:db:47:23:fe:80:d2:6d:8b:7f:
         d8:e7:63:0f:76:a8:c5:f5:9f:ef:79:68:22:05:ac:e8:04:26:
         1c:7e:5d:64:b8:77:d8:85:a7:ac:73:2d:40:2b:de:3e:87:f0:
         dc:49:f6:9a:a3:94:98:2a:d1:02:84:f3:99:cd:fd:1e:26:98:
         d6:fe:0f:89:66:85:02:f1:e8:38:68:81:8a:05:ff:3a:74:7a:
         ad:a7:89:fe:9d:1d:e2:0f:d2:c8:58:62:00:69:ed:fe:7e:27:
         59:43:e6:5e:23:3b:fb:4d:56:d3:92:44:42:da:a4:e2:c8:77:
         41:00:57:86:89:41:94:6e:ca:8b:c1:e4:11:69:86:0c:cc:3c:
         a6:2b:d3:f6:20:f7:ba:be:98:98:7e:9f:5d:2a:a8:b2:95:0e:
         c3:de:2f:79:06:ac:d7:ff:37:1b:74:5a:af:4b:ca:97:c9:8a:
         7d:31:d5:60:f7:7d:46:57:ef:47:16:e0:82:32:8b:42:44:0e:
         7b:0d:18:39:1c:a7:6d:4f:1d:fb:34:ac:6b:ae:9e:f0:95:6e:
         a1:d6:06:2c:80:5d:de:d7:8f:3c:3d:88:87:1c:a8:bf:52:aa:
         08:e8:f6:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdovAKanVLLrcFC/pND17iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk
N2QyMWEwHhcNMjUwNjEzMTAwMDQxWhcNMjUwNjE0MTAwMDQxWjAzMTEwLwYDVQQD
Eyg0YzZiYmJkZWRhNTQ4YWJiOGUxYTNmMWM5YzYzMGM0YjBkMWIyMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBbpmQl2WXSpDka5LIKOwwSF5YCS
OtuE3t+aJSrr8hU2TfwnoI9N1UCZ71i3PzsKohes5aONHIYrp+XdQn6T+48/Qa2i
T1k73NiD3+avworzuKMYr5zpibx9GvC7dRPBScPGKhmkWbxWv89PMiG3e+ymTzM1
5c6/M0AcC2hhNyfZ3UxUi21cPw5B1QcizMNYCh/+6X1lRvrrsk4bcJCUROYNhSlv
TtQqEf6E9iMFm6r36egrbVl3crSK0C80EwsNTAG/qLgFzN6UMHDcbY0cNNRwPr01
Gb70fpTqEBAUDWIOSH1Uwrn3CgcBu8WZBKAt5Yv73IdhgOZdNaMl7GAfXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExru97aVIq7jho/HJxjDEsNGyBrMB8GA1UdIwQY
MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt
MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz
LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAILkM9N11
kfOMzQ4yv+Y3QCQG+Vsj58gmI2tH20cj/oDSbYt/2OdjD3aoxfWf73loIgWs6AQm
HH5dZLh32IWnrHMtQCvePofw3En2mqOUmCrRAoTzmc39HiaY1v4PiWaFAvHoOGiB
igX/OnR6raeJ/p0d4g/SyFhiAGnt/n4nWUPmXiM7+01W05JEQtqk4sh3QQBXholB
lG7Ki8HkEWmGDMw8pivT9iD3ur6YmH6fXSqospUOw94veQas1/83G3Rar0vKl8mK
fTHVYPd9RlfvRxbggjKLQkQOew0YORynbU8d+zSsa66e8JVuodYGLIBd3tePPD2I
hxyov1KqCOj2XQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:15:25 2025 by rpki-client