Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          IGwqMMtqnbinsLcxdlqa5DckqFlQa10C1zORAusDV3M=
Subject key identifier:   76:53:70:A3:9E:36:CD:59:F1:3B:E6:52:19:A3:5F:93:75:B3:C8:D9
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       0199228C617C744611E1151F341808F5E994
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          022E
Signing time:             Sun 07 Sep 2025 05:00:49 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:49 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:49 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: CM/0zVhk/uVBSj7zZ82Pc/JWZ3fiEzg6AtsCWcYpNZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:61:7c:74:46:11:e1:15:1f:34:18:08:f5:e9:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Sep  7 05:00:49 2025 GMT
            Not After : Sep  8 05:00:49 2025 GMT
        Subject: CN=765370a39e36cd59f13be65219a35f9375b3c8d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ee:3d:30:53:19:fc:af:7b:4d:41:6e:bc:20:
                    cd:67:ad:87:7a:f2:bb:17:1b:8f:f1:67:3c:82:22:
                    22:d9:03:b6:9b:e0:1c:2e:f1:8e:04:83:48:fc:bf:
                    1a:de:77:66:d0:b6:10:ff:94:4e:d4:81:31:12:52:
                    ff:8f:20:5f:7b:1a:cf:88:c3:e5:22:71:c7:be:1b:
                    7a:47:3c:03:fa:28:84:8c:48:af:d4:5d:5a:74:46:
                    5f:b2:51:b2:f4:68:78:95:d1:29:6a:c2:14:1f:69:
                    b6:02:9b:1e:e6:c1:8f:56:a1:89:c8:79:cb:56:2c:
                    2f:90:fc:d9:68:1a:69:cd:9d:d8:1a:d5:e0:44:08:
                    e9:cd:04:cd:48:98:36:15:3c:6a:de:eb:8f:be:de:
                    d4:9e:24:ed:0f:89:02:06:c7:88:59:a1:7a:06:f0:
                    c7:dc:a4:e6:12:8e:31:d0:c7:ee:1d:45:6e:47:f2:
                    1f:15:dc:7e:12:60:e7:e2:b6:f9:fc:c9:0f:92:e2:
                    8d:4a:9a:e6:46:f4:d7:5e:3c:b1:c3:29:59:7a:3d:
                    19:0c:f2:55:59:e5:c1:a1:ff:5c:7c:24:e6:ae:a7:
                    f2:83:e3:5d:0d:2b:cf:8e:4b:e4:e3:87:6c:f8:26:
                    be:bd:70:c4:3b:22:78:c2:9e:4c:53:c3:5f:5a:70:
                    f6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:53:70:A3:9E:36:CD:59:F1:3B:E6:52:19:A3:5F:93:75:B3:C8:D9
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:5e:c1:48:2c:10:a3:51:7d:c3:0a:cc:34:b3:31:37:f0:0f:
         06:86:cb:33:83:e0:aa:8f:9a:5a:cd:15:8c:6f:5b:3a:f8:e7:
         b1:27:7f:6b:3a:eb:38:f8:bd:a7:74:7f:32:0d:e1:65:6f:e7:
         ad:ed:c8:bb:5e:52:74:33:9b:8c:7a:b6:5d:89:0b:16:fc:16:
         0a:9a:4b:25:ba:1d:e7:48:cf:44:4b:da:cd:59:29:15:26:27:
         9f:b2:aa:53:f3:db:ce:74:f1:24:20:8f:9a:98:0d:80:60:50:
         5d:b6:dd:1e:1d:1d:3b:a5:10:4b:c3:92:9e:c5:02:bf:3d:16:
         1c:1b:ca:66:cc:a4:5a:4d:0e:30:53:50:78:71:82:14:c3:4f:
         21:62:2b:7d:60:18:8d:c4:37:dc:bc:71:6e:af:d3:dc:94:ea:
         54:57:58:9b:73:7a:cd:93:29:d0:21:45:d5:d0:ee:06:56:2d:
         8d:8e:8b:24:e6:45:68:e1:ab:dd:04:84:8d:c9:fc:7a:be:be:
         dc:0c:4e:b4:cc:7b:0b:41:41:a7:b9:03:21:d1:e0:f6:00:06:
         13:4b:ff:90:41:65:5d:e7:48:5d:c1:3a:f8:4f:ba:78:42:e1:
         e2:0e:cf:eb:dd:ab:f1:fd:a9:44:37:93:bf:06:0f:1e:cb:71:
         a1:26:d6:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGF8dEYR4RUfNBgI9emUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUwOTA3MDUwMDQ5WhcNMjUwOTA4MDUwMDQ5WjAzMTEwLwYDVQQD
Eyg3NjUzNzBhMzllMzZjZDU5ZjEzYmU2NTIxOWEzNWY5Mzc1YjNjOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu49MFMZ/K97TUFuvCDNZ62HevK7
FxuP8Wc8giIi2QO2m+AcLvGOBINI/L8a3ndm0LYQ/5RO1IExElL/jyBfexrPiMPl
InHHvht6RzwD+iiEjEiv1F1adEZfslGy9Gh4ldEpasIUH2m2Apse5sGPVqGJyHnL
ViwvkPzZaBppzZ3YGtXgRAjpzQTNSJg2FTxq3uuPvt7UniTtD4kCBseIWaF6BvDH
3KTmEo4x0MfuHUVuR/IfFdx+EmDn4rb5/MkPkuKNSprmRvTXXjyxwylZej0ZDPJV
WeXBof9cfCTmrqfyg+NdDSvPjkvk44ds+Ca+vXDEOyJ4wp5MU8NfWnD2OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZTcKOeNs1Z8TvmUhmjX5N1s8jZMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFl7BSCwQ
o1F9wwrMNLMxN/APBobLM4Pgqo+aWs0VjG9bOvjnsSd/azrrOPi9p3R/Mg3hZW/n
re3Iu15SdDObjHq2XYkLFvwWCppLJbod50jPREvazVkpFSYnn7KqU/PbznTxJCCP
mpgNgGBQXbbdHh0dO6UQS8OSnsUCvz0WHBvKZsykWk0OMFNQeHGCFMNPIWIrfWAY
jcQ33Lxxbq/T3JTqVFdYm3N6zZMp0CFF1dDuBlYtjY6LJOZFaOGr3QSEjcn8er6+
3AxOtMx7C0FBp7kDIdHg9gAGE0v/kEFlXedIXcE6+E+6eELh4g7P692r8f2pRDeT
vwYPHstxoSbWow==
-----END CERTIFICATE-----