Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          0uBFfN8R26Hc1/tQEYOCNIc/8FQto6QRjYvlDGBnYl4=
Subject key identifier:   80:2B:00:4D:3A:11:37:E6:4E:4F:46:0E:88:C6:8C:A0:A2:EC:4E:6F
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019A70A561227AEC1912A825115B80EC28F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          03F5
Signing time:             Tue 11 Nov 2025 02:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:17 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: OTz6d38bElZ0sD5CoiNaI4ksafzNbOK/bbMDYb+m7io=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:61:22:7a:ec:19:12:a8:25:11:5b:80:ec:28:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Nov 11 02:01:17 2025 GMT
            Not After : Nov 12 02:01:17 2025 GMT
        Subject: CN=802b004d3a1137e64e4f460e88c68ca0a2ec4e6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b6:80:c1:48:1d:8a:e4:d1:c6:e6:8d:98:63:
                    ad:f3:8b:af:89:58:3b:b2:6e:20:e4:9a:e5:7b:0d:
                    0d:80:f2:c1:a8:ce:db:ac:47:29:a1:d8:b4:13:5a:
                    97:71:03:81:04:f1:5f:a0:66:51:5a:26:b4:6b:d9:
                    4a:3f:61:86:50:9c:23:da:46:f2:4c:c6:e3:05:58:
                    b0:30:39:c7:33:22:13:73:0c:d2:05:14:c0:7a:28:
                    7e:f6:26:fc:1a:6c:12:ee:1c:74:34:81:9c:f4:10:
                    b1:95:d3:73:d2:f6:b0:48:b3:99:5d:3d:ee:f3:b4:
                    0d:cd:ac:e7:16:f2:87:4e:cf:73:59:c9:ea:a2:76:
                    8d:66:e3:af:20:bf:b7:fc:24:02:15:bb:53:6b:1f:
                    92:74:f7:e0:38:46:92:f2:36:02:2d:19:0d:9c:cb:
                    1c:f9:2b:46:ae:50:e8:8e:24:00:03:d0:3b:fc:b2:
                    2e:52:1d:4b:e6:93:1d:cf:4c:4f:24:18:7d:81:e1:
                    10:b4:0e:da:3a:38:fd:0e:fd:52:00:d9:23:2d:79:
                    72:e6:df:4e:4d:b9:ad:ea:81:ae:67:2d:41:6a:47:
                    71:0a:ba:b7:78:59:8c:67:f2:31:54:e2:2f:98:86:
                    67:72:b1:38:ed:2f:44:8f:cb:5d:7f:88:4f:17:73:
                    79:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:2B:00:4D:3A:11:37:E6:4E:4F:46:0E:88:C6:8C:A0:A2:EC:4E:6F
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f5:76:32:20:6c:87:8f:95:18:92:6c:ab:b1:44:bb:11:6b:
         55:77:a6:6a:b0:38:32:8b:5f:6b:16:ee:fa:14:22:f3:5f:16:
         1f:78:dd:75:dc:4a:5b:29:0a:95:fb:90:3f:fe:81:6c:9b:b0:
         51:1c:be:fc:5f:f8:df:d8:e4:03:ce:18:d9:57:e7:2d:e6:19:
         c5:e9:b2:79:6d:76:0f:54:71:86:1f:1f:65:49:25:1b:5b:c8:
         8f:0b:71:8e:e6:be:98:eb:0b:44:7c:9d:e4:6d:02:39:73:41:
         b7:e3:4f:9d:7e:58:c2:2c:0d:75:e4:76:61:1f:ad:7b:8a:17:
         a3:d1:44:91:dc:8c:e7:aa:55:14:97:fc:74:86:89:8c:b3:ea:
         0a:76:07:d6:19:e3:35:f2:db:5c:fc:bf:7a:95:53:09:14:6a:
         32:3a:06:ce:d8:b4:a2:00:bb:3c:18:e9:a5:84:bc:85:c0:c5:
         e2:04:32:44:ff:02:09:6e:ea:dd:c2:b0:f2:b3:f1:a9:26:17:
         37:de:4b:3f:25:39:8c:12:cf:22:ac:72:49:14:f7:dc:fb:49:
         a9:96:7f:ab:db:38:23:e5:a7:c7:f1:59:3d:7a:bf:fa:d5:7b:
         43:a0:a8:21:27:41:0d:41:df:31:4d:32:41:0a:04:71:53:55:
         3c:8c:53:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpWEieuwZEqglEVuA7CjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUxMTExMDIwMTE3WhcNMjUxMTEyMDIwMTE3WjAzMTEwLwYDVQQD
Eyg4MDJiMDA0ZDNhMTEzN2U2NGU0ZjQ2MGU4OGM2OGNhMGEyZWM0ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7aAwUgdiuTRxuaNmGOt84uviVg7
sm4g5Jrlew0NgPLBqM7brEcpodi0E1qXcQOBBPFfoGZRWia0a9lKP2GGUJwj2kby
TMbjBViwMDnHMyITcwzSBRTAeih+9ib8GmwS7hx0NIGc9BCxldNz0vawSLOZXT3u
87QNzaznFvKHTs9zWcnqonaNZuOvIL+3/CQCFbtTax+SdPfgOEaS8jYCLRkNnMsc
+StGrlDojiQAA9A7/LIuUh1L5pMdz0xPJBh9geEQtA7aOjj9Dv1SANkjLXly5t9O
Tbmt6oGuZy1BakdxCrq3eFmMZ/IxVOIvmIZncrE47S9Ej8tdf4hPF3N5uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIArAE06ETfmTk9GDojGjKCi7E5vMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvV2MiBs
h4+VGJJsq7FEuxFrVXemarA4Motfaxbu+hQi818WH3jdddxKWykKlfuQP/6BbJuw
URy+/F/439jkA84Y2VfnLeYZxemyeW12D1Rxhh8fZUklG1vIjwtxjua+mOsLRHyd
5G0COXNBt+NPnX5YwiwNdeR2YR+te4oXo9FEkdyM56pVFJf8dIaJjLPqCnYH1hnj
NfLbXPy/epVTCRRqMjoGzti0ogC7PBjppYS8hcDF4gQyRP8CCW7q3cKw8rPxqSYX
N95LPyU5jBLPIqxySRT33PtJqZZ/q9s4I+Wnx/FZPXq/+tV7Q6CoISdBDUHfMU0y
QQoEcVNVPIxTjw==
-----END CERTIFICATE-----