Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
File:                     hwCTRBAfUQ52oqserOnpp9kuTtU.mft (raw, json)
Hash identifier:          153h+YUPR2uWgM2BV22ewNBDMdzdIndPc9kHEaFOOU4=
Subject key identifier:   48:41:E4:96:C2:58:33:B8:75:1B:21:D3:79:E4:40:58:9E:5E:2E:3E
Authority key identifier: 87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5
Certificate issuer:       /CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
Certificate serial:       019A2A437A69CCE4790B82D35E8CB2535EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
Manifest number:          095C
Signing time:             Tue 28 Oct 2025 10:00:56 +0000
Manifest this update:     Tue 28 Oct 2025 10:00:56 +0000
Manifest next update:     Wed 29 Oct 2025 10:00:56 +0000
Files and hashes:         1: hwCTRBAfUQ52oqserOnpp9kuTtU.crl (hash: tPh7C7ylrswwEgqhjdtWHdGp5GprbXx1ljoW6kPqNrs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 Oct 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:2a:43:7a:69:cc:e4:79:0b:82:d3:5e:8c:b2:53:5e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87009344101f510e76a2ab1eace9e9a7d92e4ed5
        Validity
            Not Before: Oct 28 10:00:56 2025 GMT
            Not After : Oct 29 10:00:56 2025 GMT
        Subject: CN=4841e496c25833b8751b21d379e440589e5e2e3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fd:71:84:bd:c3:91:9a:98:db:4b:a4:c4:50:
                    67:03:0a:7b:9a:1c:c0:b7:3e:08:b8:50:c3:53:9e:
                    dd:52:df:84:87:60:50:11:61:ad:70:e1:d1:47:b4:
                    67:52:ac:5f:f1:35:cc:64:9f:0e:90:38:09:3c:08:
                    08:e0:f5:6f:5d:3f:14:2e:42:d0:77:5f:f9:0c:66:
                    0b:18:70:2d:e0:b9:1b:2f:a3:8d:f3:e5:97:5c:a9:
                    a4:4d:44:a9:ae:2b:88:d5:97:97:82:5e:ef:bb:93:
                    0c:af:b8:fd:00:17:4a:1d:b4:bf:8f:03:5e:e3:41:
                    35:b7:7b:e3:77:4c:a5:57:bc:02:5b:d7:f4:ea:cd:
                    01:92:2f:46:1b:3d:de:cd:3c:6a:40:97:7e:d6:7f:
                    a6:f9:73:0c:df:7a:cb:02:f9:b8:af:19:0c:98:84:
                    e4:0d:d1:f0:46:23:1f:ff:79:b1:34:05:4b:7a:cf:
                    f8:9e:8a:fb:0f:80:4b:eb:32:39:cb:61:77:b7:24:
                    2d:dd:cd:f9:83:c4:50:a9:a9:c3:3d:25:1b:77:99:
                    15:cb:f2:46:8b:f9:32:64:91:4e:14:6b:9a:0d:10:
                    a2:85:e2:b4:41:4f:b9:ef:d7:8d:5f:1f:67:20:6c:
                    a5:e1:0f:f4:3f:07:37:7c:61:29:e7:45:a5:66:f0:
                    6e:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:41:E4:96:C2:58:33:B8:75:1B:21:D3:79:E4:40:58:9E:5E:2E:3E
            X509v3 Authority Key Identifier:
                keyid:87:00:93:44:10:1F:51:0E:76:A2:AB:1E:AC:E9:E9:A7:D9:2E:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwCTRBAfUQ52oqserOnpp9kuTtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71492d-8c60-409d-a009-d6ada1281668/1/hwCTRBAfUQ52oqserOnpp9kuTtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:bc:71:d9:4b:7b:7f:68:fe:d6:06:0d:53:9c:4a:f8:d0:be:
         f2:0d:64:c4:90:20:70:46:f2:6f:45:05:c7:a8:85:17:58:e0:
         0a:35:2e:dc:c8:63:16:16:c6:19:e2:19:66:0e:ed:90:8b:bc:
         8b:7b:a5:7d:8e:d8:d8:d8:78:2d:6e:fd:92:38:74:11:c3:64:
         6e:e1:04:92:f5:7d:fe:7a:88:d3:cf:fa:62:33:a4:36:da:97:
         0c:e1:34:58:44:12:3b:12:07:89:b0:d2:f5:8a:18:ea:ed:cb:
         be:13:08:ae:f5:19:15:2a:a1:ef:9a:fd:5e:29:30:5e:e4:b3:
         5d:d7:4f:dd:e9:be:64:83:c4:46:2d:03:84:a0:cf:fe:0b:8b:
         31:4f:b9:4a:9c:fa:ac:4c:78:bd:e8:87:25:36:14:34:5a:1a:
         a2:c3:f0:ca:31:0e:42:03:8b:2a:9c:64:bd:50:b6:09:b1:10:
         7b:dc:54:1b:94:de:9c:2a:3c:25:d3:68:35:95:fd:5b:03:69:
         e1:42:db:ed:87:20:af:be:0b:eb:fa:97:8c:4b:c1:84:84:be:
         88:a3:23:66:4b:2e:64:54:5b:96:56:10:48:5c:15:a3:1f:45:
         54:90:f1:06:57:d0:49:1c:49:92:e5:8d:c8:0b:fb:61:94:a2:
         15:c8:6b:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqQ3ppzOR5C4LTXoyyU17oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MDA5MzQ0MTAxZjUxMGU3NmEyYWIxZWFjZTllOWE3ZDky
ZTRlZDUwHhcNMjUxMDI4MTAwMDU2WhcNMjUxMDI5MTAwMDU2WjAzMTEwLwYDVQQD
Eyg0ODQxZTQ5NmMyNTgzM2I4NzUxYjIxZDM3OWU0NDA1ODllNWUyZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf1xhL3DkZqY20ukxFBnAwp7mhzA
tz4IuFDDU57dUt+Eh2BQEWGtcOHRR7RnUqxf8TXMZJ8OkDgJPAgI4PVvXT8ULkLQ
d1/5DGYLGHAt4LkbL6ON8+WXXKmkTUSpriuI1ZeXgl7vu5MMr7j9ABdKHbS/jwNe
40E1t3vjd0ylV7wCW9f06s0Bki9GGz3ezTxqQJd+1n+m+XMM33rLAvm4rxkMmITk
DdHwRiMf/3mxNAVLes/4nor7D4BL6zI5y2F3tyQt3c35g8RQqanDPSUbd5kVy/JG
i/kyZJFOFGuaDRCiheK0QU+579eNXx9nIGyl4Q/0Pwc3fGEp50WlZvBukQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhB5JbCWDO4dRsh03nkQFieXi4+MB8GA1UdIwQY
MBaAFIcAk0QQH1EOdqKrHqzp6afZLk7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDkt
ZDZhZGExMjgxNjY4LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTQ5MmQtOGM2MC00MDlkLWEwMDktZDZhZGExMjgxNjY4
LzEvaHdDVFJCQWZVUTUyb3FzZXJPbnBwOWt1VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYbxx2Ut7
f2j+1gYNU5xK+NC+8g1kxJAgcEbyb0UFx6iFF1jgCjUu3MhjFhbGGeIZZg7tkIu8
i3ulfY7Y2Nh4LW79kjh0EcNkbuEEkvV9/nqI08/6YjOkNtqXDOE0WEQSOxIHibDS
9YoY6u3LvhMIrvUZFSqh75r9XikwXuSzXddP3em+ZIPERi0DhKDP/guLMU+5Spz6
rEx4veiHJTYUNFoaosPwyjEOQgOLKpxkvVC2CbEQe9xUG5TenCo8JdNoNZX9WwNp
4ULb7Ycgr74L6/qXjEvBhIS+iKMjZksuZFRbllYQSFwVox9FVJDxBlfQSRxJkuWN
yAv7YZSiFchrWw==
-----END CERTIFICATE-----