Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          BlDrWKUTxN0q9T8evF3RfSIC8aXY7LKkPHQDDUKVywk=
Subject key identifier:   C9:EB:06:5E:2D:01:75:90:56:3C:60:A4:32:A2:B9:AD:D8:C6:D5:90
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       0199228C94EC5A0A97E4F53CEE97E1661EA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          0348
Signing time:             Sun 07 Sep 2025 05:01:02 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:02 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:02 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: OjwUYF7a0GtvFrU9RrUPq/izf7dtKZ/UotLjflgyhDw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:94:ec:5a:0a:97:e4:f5:3c:ee:97:e1:66:1e:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Sep  7 05:01:02 2025 GMT
            Not After : Sep  8 05:01:02 2025 GMT
        Subject: CN=c9eb065e2d017590563c60a432a2b9add8c6d590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:be:ca:52:58:0b:e6:05:76:16:c2:7c:e3:eb:
                    ab:f4:f0:1d:a6:e5:3a:41:69:9f:9d:75:8d:2b:75:
                    5a:88:52:41:71:c9:ae:b5:7e:1d:87:42:65:60:ee:
                    10:c6:88:a5:93:6b:46:16:17:8b:66:d5:61:1a:f7:
                    18:01:4a:c3:3d:8e:d0:48:62:ec:d0:fe:bd:b6:e1:
                    d4:53:71:e9:9c:4c:7d:2d:59:2c:28:21:92:ae:74:
                    1f:78:53:fd:e6:1e:96:fa:4c:4a:60:63:bc:92:4a:
                    b4:22:02:1f:1d:1c:2b:25:82:a0:c0:0a:2c:34:15:
                    32:a1:fe:06:c1:f2:6f:bd:c3:54:b2:be:64:b0:85:
                    5f:17:7d:8b:67:2e:45:99:de:01:2a:2a:4b:f3:1b:
                    6b:f7:4d:2d:8c:f3:3f:8d:9d:76:98:14:86:61:87:
                    36:a3:2f:8f:84:73:11:63:1d:ce:20:39:06:64:ad:
                    20:69:72:5e:f1:37:bc:bd:4e:fd:32:7c:90:5f:83:
                    a0:b6:f9:40:21:91:9a:f6:70:6a:33:91:b7:19:cb:
                    8c:7e:cf:3e:05:9b:70:ca:e2:29:03:b7:b2:aa:d7:
                    8c:be:e9:84:2b:29:4e:8b:d8:b8:1a:f8:b3:ad:26:
                    9e:33:9b:eb:7f:3e:cc:07:da:1e:71:0c:cc:9e:a5:
                    d7:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:EB:06:5E:2D:01:75:90:56:3C:60:A4:32:A2:B9:AD:D8:C6:D5:90
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:12:8e:e4:41:b4:86:91:89:10:93:72:75:89:52:53:58:ef:
         bc:8f:c6:8b:ca:13:06:dd:1a:3a:95:b1:f5:f9:ce:2e:29:9b:
         27:48:12:a0:ac:13:cb:a0:8c:d4:17:59:ab:36:a5:48:a0:44:
         4f:0a:46:f4:8f:3e:b7:b1:83:83:9b:00:04:cc:d6:46:3b:a4:
         47:ff:9d:cf:6c:d1:5e:43:83:ac:56:a8:08:6b:3a:68:29:08:
         dc:1a:ce:9d:ca:e8:e0:13:3d:cf:97:2a:f5:2c:55:7d:15:9f:
         0a:18:80:64:c6:25:ac:c4:b5:f3:86:2c:1a:f0:33:2a:83:84:
         37:2d:b1:23:1b:2d:39:bf:c1:91:7e:6c:40:d1:e6:8e:69:21:
         10:32:f4:05:f7:41:6e:c6:fb:00:b3:1c:bf:b2:1a:fb:cf:e9:
         eb:23:ca:b7:cc:69:e5:1c:c7:75:61:06:3e:38:d8:cf:05:c2:
         ac:30:cc:ae:55:51:9c:ce:51:b5:fa:fc:48:70:d8:c4:77:2d:
         87:94:9e:22:6b:64:1c:b5:3b:63:55:7e:62:4d:08:ca:96:4c:
         30:60:91:2a:c5:bd:c1:89:b9:1a:cf:61:3d:3a:0f:ab:a4:4b:
         4a:db:fb:28:fe:59:b0:d3:21:26:57:65:f9:f6:1a:8f:76:92:
         5a:1c:a8:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijJTsWgqX5PU87pfhZh6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwOTA3MDUwMTAyWhcNMjUwOTA4MDUwMTAyWjAzMTEwLwYDVQQD
EyhjOWViMDY1ZTJkMDE3NTkwNTYzYzYwYTQzMmEyYjlhZGQ4YzZkNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy77KUlgL5gV2FsJ84+ur9PAdpuU6
QWmfnXWNK3VaiFJBccmutX4dh0JlYO4Qxoilk2tGFheLZtVhGvcYAUrDPY7QSGLs
0P69tuHUU3HpnEx9LVksKCGSrnQfeFP95h6W+kxKYGO8kkq0IgIfHRwrJYKgwAos
NBUyof4GwfJvvcNUsr5ksIVfF32LZy5Fmd4BKipL8xtr900tjPM/jZ12mBSGYYc2
oy+PhHMRYx3OIDkGZK0gaXJe8Te8vU79MnyQX4OgtvlAIZGa9nBqM5G3GcuMfs8+
BZtwyuIpA7eyqteMvumEKylOi9i4GvizrSaeM5vrfz7MB9oecQzMnqXX1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnrBl4tAXWQVjxgpDKiua3YxtWQMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxKO5EG0
hpGJEJNydYlSU1jvvI/Gi8oTBt0aOpWx9fnOLimbJ0gSoKwTy6CM1BdZqzalSKBE
TwpG9I8+t7GDg5sABMzWRjukR/+dz2zRXkODrFaoCGs6aCkI3BrOncro4BM9z5cq
9SxVfRWfChiAZMYlrMS184YsGvAzKoOENy2xIxstOb/BkX5sQNHmjmkhEDL0BfdB
bsb7ALMcv7Ia+8/p6yPKt8xp5RzHdWEGPjjYzwXCrDDMrlVRnM5Rtfr8SHDYxHct
h5SeImtkHLU7Y1V+Yk0IypZMMGCRKsW9wYm5Gs9hPToPq6RLStv7KP5ZsNMhJldl
+fYaj3aSWhyoAQ==
-----END CERTIFICATE-----