Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.mft
File:                     HA73NQ7-NSp2AezkHDGl-DhkVic.mft (raw, json)
Hash identifier:          quDHPMXIuP09F+tJ+iXsyKrHQbbV6/9KyPDk25QEjdM=
Subject key identifier:   1C:34:C8:F6:8C:8D:F8:2A:94:84:47:8E:CB:17:56:23:5F:AE:D5:0A
Authority key identifier: 1C:0E:F7:35:0E:FE:35:2A:76:01:EC:E4:1C:31:A5:F8:38:64:56:27
Certificate issuer:       /CN=1c0ef7350efe352a7601ece41c31a5f838645627
Certificate serial:       019A72934023C2EB3A437F5D7E74178FA572
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HA73NQ7-NSp2AezkHDGl-DhkVic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.mft
Manifest number:          4C
Signing time:             Tue 11 Nov 2025 11:00:44 +0000
Manifest this update:     Tue 11 Nov 2025 11:00:44 +0000
Manifest next update:     Wed 12 Nov 2025 11:00:44 +0000
Files and hashes:         1: HA73NQ7-NSp2AezkHDGl-DhkVic.crl (hash: mkDEMxuN93qFClGgyO2gH61HwcNqbbq6gh4kTlG+5B8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HA73NQ7-NSp2AezkHDGl-DhkVic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:40:23:c2:eb:3a:43:7f:5d:7e:74:17:8f:a5:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0ef7350efe352a7601ece41c31a5f838645627
        Validity
            Not Before: Nov 11 11:00:44 2025 GMT
            Not After : Nov 12 11:00:44 2025 GMT
        Subject: CN=1c34c8f68c8df82a9484478ecb1756235faed50a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:98:40:2e:86:94:99:36:90:78:a4:cf:24:f9:
                    45:c8:22:7d:e8:a8:0e:05:c0:84:65:1b:9d:44:96:
                    c5:b3:41:b2:ef:3f:8a:d1:c4:77:11:7a:1e:b5:19:
                    00:67:bf:3c:a8:22:64:8f:21:c8:c3:a8:dd:1b:df:
                    d0:c1:d0:b1:af:ab:34:97:af:31:9d:7e:e2:82:d7:
                    74:24:80:87:59:a7:81:30:73:8d:b1:a0:e4:5d:aa:
                    10:b0:ee:e4:19:f7:58:5b:97:e3:bb:0c:fa:6e:dc:
                    71:0b:ef:69:4d:70:9e:82:96:32:90:52:2e:27:69:
                    21:69:5e:bc:53:bc:8e:2d:56:df:f0:8e:a0:be:7e:
                    af:f0:e9:0c:fc:60:a9:85:3f:8c:31:86:89:ac:77:
                    0e:06:e8:70:34:d7:db:9d:79:47:39:82:26:2b:63:
                    50:33:9f:59:42:7e:40:47:c8:e4:4e:25:2d:d4:aa:
                    5f:a8:45:3e:e0:60:cb:aa:56:d5:e2:dd:8a:6a:16:
                    2e:d7:b9:f1:33:6f:72:09:d4:3c:63:4c:9c:5c:c8:
                    49:d6:46:81:87:a4:f7:3d:f8:ec:c5:11:04:45:eb:
                    39:cc:7f:15:33:a2:61:3f:ae:75:e7:84:34:94:a7:
                    c6:48:d1:c7:03:15:8e:74:99:46:94:9b:41:50:04:
                    18:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:34:C8:F6:8C:8D:F8:2A:94:84:47:8E:CB:17:56:23:5F:AE:D5:0A
            X509v3 Authority Key Identifier:
                keyid:1C:0E:F7:35:0E:FE:35:2A:76:01:EC:E4:1C:31:A5:F8:38:64:56:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HA73NQ7-NSp2AezkHDGl-DhkVic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/1f71bd-3c05-4516-9710-7abd07da51e5/1/HA73NQ7-NSp2AezkHDGl-DhkVic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:40:8e:4c:c5:30:ae:60:3e:84:09:5f:8c:06:47:92:e7:7b:
         c2:1d:0f:a4:0b:19:a6:46:66:1a:21:c7:d3:89:14:bc:7b:d1:
         36:59:aa:e6:80:1c:98:a4:e2:99:08:48:ed:e5:cd:a5:c5:a0:
         01:4c:63:97:f9:73:18:25:c1:cc:c2:52:df:c9:b3:15:bd:30:
         61:3f:49:10:c8:49:79:8a:c9:26:10:5a:a1:d6:9a:3d:19:53:
         41:ab:d9:85:ea:a7:94:13:00:c0:b8:ec:a7:34:bb:18:f4:0c:
         4d:e0:bf:36:29:ce:1b:db:33:d9:53:5a:5d:53:1a:02:0f:ea:
         c9:d7:3a:c8:e9:37:ef:b5:0e:21:9d:54:17:91:7f:b3:60:4e:
         34:2c:53:9d:97:1d:a0:5e:5c:ec:c5:4c:5f:9b:68:29:b3:9b:
         56:5b:89:b4:53:8d:93:1e:4f:4a:2c:10:45:6d:e6:65:ee:9f:
         ec:02:de:46:51:cb:e3:04:3b:aa:80:69:6f:3d:a5:73:80:4c:
         2a:ec:27:da:17:05:61:30:42:40:16:0d:5f:7a:c3:75:46:02:
         df:05:fd:55:40:49:5e:67:df:6a:6b:c2:35:50:66:3a:6b:e3:
         6d:91:16:38:98:07:60:69:34:e2:fa:9f:f2:7a:c6:e6:91:c8:
         3d:8d:19:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0Ajwus6Q39dfnQXj6VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGVmNzM1MGVmZTM1MmE3NjAxZWNlNDFjMzFhNWY4Mzg2
NDU2MjcwHhcNMjUxMTExMTEwMDQ0WhcNMjUxMTEyMTEwMDQ0WjAzMTEwLwYDVQQD
EygxYzM0YzhmNjhjOGRmODJhOTQ4NDQ3OGVjYjE3NTYyMzVmYWVkNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmphALoaUmTaQeKTPJPlFyCJ96KgO
BcCEZRudRJbFs0Gy7z+K0cR3EXoetRkAZ788qCJkjyHIw6jdG9/QwdCxr6s0l68x
nX7igtd0JICHWaeBMHONsaDkXaoQsO7kGfdYW5fjuwz6btxxC+9pTXCegpYykFIu
J2khaV68U7yOLVbf8I6gvn6v8OkM/GCphT+MMYaJrHcOBuhwNNfbnXlHOYImK2NQ
M59ZQn5AR8jkTiUt1KpfqEU+4GDLqlbV4t2KahYu17nxM29yCdQ8Y0ycXMhJ1kaB
h6T3PfjsxREERes5zH8VM6JhP65154Q0lKfGSNHHAxWOdJlGlJtBUAQYdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBw0yPaMjfgqlIRHjssXViNfrtUKMB8GA1UdIwQY
MBaAFBwO9zUO/jUqdgHs5Bwxpfg4ZFYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEE3M05RNy1OU3AyQWV6a0hER2wtRGhrVmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8xZjcxYmQtM2MwNS00NTE2LTk3MTAt
N2FiZDA3ZGE1MWU1LzEvSEE3M05RNy1OU3AyQWV6a0hER2wtRGhrVmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8xZjcxYmQtM2MwNS00NTE2LTk3MTAtN2FiZDA3ZGE1MWU1
LzEvSEE3M05RNy1OU3AyQWV6a0hER2wtRGhrVmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUCOTMUw
rmA+hAlfjAZHkud7wh0PpAsZpkZmGiHH04kUvHvRNlmq5oAcmKTimQhI7eXNpcWg
AUxjl/lzGCXBzMJS38mzFb0wYT9JEMhJeYrJJhBaodaaPRlTQavZheqnlBMAwLjs
pzS7GPQMTeC/NinOG9sz2VNaXVMaAg/qydc6yOk377UOIZ1UF5F/s2BONCxTnZcd
oF5c7MVMX5toKbObVluJtFONkx5PSiwQRW3mZe6f7ALeRlHL4wQ7qoBpbz2lc4BM
Kuwn2hcFYTBCQBYNX3rDdUYC3wX9VUBJXmffamvCNVBmOmvjbZEWOJgHYGk04vqf
8nrG5pHIPY0Z4A==
-----END CERTIFICATE-----