Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
File:                     HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json)
Hash identifier:          7/ZaraOSDRmBvDLuBV31AYH6+VKRSsouuIxRx76Omvg=
Subject key identifier:   EA:B8:6C:E3:79:34:52:00:EB:23:66:A7:31:99:75:98:C0:A7:30:C5
Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17
Certificate issuer:       /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
Certificate serial:       019749680CB23D2D26762D422D403EA338BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
Manifest number:          05BC
Signing time:             Sat 07 Jun 2025 08:00:45 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:45 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:45 +0000
Files and hashes:         1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: ltKXbVAADj/fHO9s7p5tVBt6CZCQgU2do4WU5gz+o6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:0c:b2:3d:2d:26:76:2d:42:2d:40:3e:a3:38:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317
        Validity
            Not Before: Jun  7 08:00:45 2025 GMT
            Not After : Jun  8 08:00:45 2025 GMT
        Subject: CN=eab86ce379345200eb2366a731997598c0a730c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:96:67:6c:50:a3:7b:45:f0:40:70:82:1d:4d:
                    a2:f2:20:84:7a:08:d5:82:86:af:83:a7:cb:49:35:
                    b0:de:ba:87:04:4d:80:4f:96:bd:27:50:e3:3f:04:
                    5e:d9:6e:17:bd:e4:85:3c:c0:13:b2:68:e8:3f:55:
                    55:4e:cb:d6:f9:4f:46:8d:f9:96:a4:f5:69:5a:14:
                    9e:2b:db:e1:32:c0:23:56:89:be:ea:16:9a:7d:b2:
                    01:30:97:9c:36:6e:c1:5d:3c:ce:75:b7:9f:8b:98:
                    bd:00:75:05:32:3c:cd:64:26:42:0a:3b:6c:9d:d5:
                    d6:9c:2b:5b:f2:29:2a:3a:b9:3a:c0:be:93:df:c4:
                    21:31:d6:2d:b6:bc:18:67:30:3b:99:80:fd:26:57:
                    42:c1:2d:59:18:ba:10:58:17:35:3c:ec:81:72:75:
                    77:ca:ca:f1:63:45:6d:f1:f3:33:22:02:d3:e3:aa:
                    8d:e1:9b:92:39:ca:3d:fd:f5:86:e1:1a:64:23:9f:
                    35:1c:5e:98:c6:e1:4b:73:cc:ef:f5:56:e9:a9:59:
                    a2:1b:b9:10:ed:3c:67:08:db:49:d1:34:0b:f7:d9:
                    7e:4b:89:30:30:e4:87:d6:9b:24:96:eb:72:bd:2b:
                    13:56:d8:14:9f:fb:69:3d:02:2b:83:38:73:64:3e:
                    50:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B8:6C:E3:79:34:52:00:EB:23:66:A7:31:99:75:98:C0:A7:30:C5
            X509v3 Authority Key Identifier:
                keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:1e:48:79:76:bb:60:bf:4e:07:07:3e:67:eb:ae:2e:02:62:
         bf:fc:7a:d6:a5:34:6f:16:d9:8c:e4:df:67:0e:57:90:1a:b1:
         f1:a1:33:25:a3:85:04:6f:b5:87:f2:bc:47:85:40:55:1a:e1:
         87:11:8b:72:2a:0a:1f:8d:37:10:94:6f:a3:4d:0c:1d:f3:20:
         04:a0:6f:c0:06:6f:53:54:f1:12:a3:e3:6b:01:46:bc:39:31:
         2a:c7:79:ac:5a:3c:63:df:1d:d4:a4:14:05:43:e3:22:3a:59:
         55:4a:04:cb:10:34:3a:fa:b2:44:f9:ae:27:26:c4:bb:54:f3:
         85:e0:d7:4b:48:08:6b:71:96:ab:98:71:ad:04:b2:d5:b4:c5:
         d2:6e:8a:42:3c:ad:33:60:d6:91:c6:68:2f:02:3b:b0:60:71:
         d3:1a:00:5c:d0:a1:16:0d:51:a1:1f:2c:35:36:84:9c:bd:99:
         ad:27:34:8b:fd:45:63:05:28:b2:be:70:b3:cc:f8:21:10:ed:
         88:f0:cc:11:42:74:2e:cd:9b:dc:77:4d:10:2f:8d:93:3a:d7:
         01:31:23:9e:a4:18:e2:fe:ee:86:4f:e6:73:05:33:78:ac:5b:
         da:ff:70:24:84:70:e2:7e:9b:83:19:77:af:8b:e8:bd:ca:9c:
         29:be:b0:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaAyyPS0mdi1CLUA+ozi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy
YzYzMTcwHhcNMjUwNjA3MDgwMDQ1WhcNMjUwNjA4MDgwMDQ1WjAzMTEwLwYDVQQD
EyhlYWI4NmNlMzc5MzQ1MjAwZWIyMzY2YTczMTk5NzU5OGMwYTczMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JZnbFCje0XwQHCCHU2i8iCEegjV
goavg6fLSTWw3rqHBE2AT5a9J1DjPwRe2W4XveSFPMATsmjoP1VVTsvW+U9GjfmW
pPVpWhSeK9vhMsAjVom+6haafbIBMJecNm7BXTzOdbefi5i9AHUFMjzNZCZCCjts
ndXWnCtb8ikqOrk6wL6T38QhMdYttrwYZzA7mYD9JldCwS1ZGLoQWBc1POyBcnV3
ysrxY0Vt8fMzIgLT46qN4ZuSOco9/fWG4RpkI581HF6YxuFLc8zv9VbpqVmiG7kQ
7TxnCNtJ0TQL99l+S4kwMOSH1psklutyvSsTVtgUn/tpPQIrgzhzZD5QXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOq4bON5NFIA6yNmpzGZdZjApzDFMB8GA1UdIwQY
MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt
MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj
LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlh5IeXa7
YL9OBwc+Z+uuLgJiv/x61qU0bxbZjOTfZw5XkBqx8aEzJaOFBG+1h/K8R4VAVRrh
hxGLcioKH403EJRvo00MHfMgBKBvwAZvU1TxEqPjawFGvDkxKsd5rFo8Y98d1KQU
BUPjIjpZVUoEyxA0OvqyRPmuJybEu1TzheDXS0gIa3GWq5hxrQSy1bTF0m6KQjyt
M2DWkcZoLwI7sGBx0xoAXNChFg1RoR8sNTaEnL2ZrSc0i/1FYwUosr5ws8z4IRDt
iPDMEUJ0Ls2b3HdNEC+NkzrXATEjnqQY4v7uhk/mcwUzeKxb2v9wJIRw4n6bgxl3
r4vovcqcKb6wBg==
-----END CERTIFICATE-----