Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          taqEGUXEHwpBTMNzJwHgA1pkKQO+0d0jX5QBrO10XiU=
Subject key identifier:   00:AE:0F:63:6E:03:AD:73:6F:9D:83:2D:99:73:E4:80:1B:C9:11:16
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       01974B56ACB9C14E77EC7C465F847E10C68B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          0254
Signing time:             Sat 07 Jun 2025 17:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 17:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 17:01:00 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: hKIQ0enwqgrtveByMu5VR1d9hrj4QaFs9kqb/A6ii6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 17:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:56:ac:b9:c1:4e:77:ec:7c:46:5f:84:7e:10:c6:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Jun  7 17:01:00 2025 GMT
            Not After : Jun  8 17:01:00 2025 GMT
        Subject: CN=00ae0f636e03ad736f9d832d9973e4801bc91116
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d0:24:8e:0f:b2:dd:d3:2c:44:44:33:54:b0:
                    da:6d:98:9d:3e:13:70:76:b2:aa:5d:a6:97:23:7e:
                    59:c3:eb:99:0a:af:30:fd:c8:6e:68:66:bc:dc:66:
                    52:46:af:fd:48:42:92:50:22:e9:c0:ab:d0:c3:30:
                    a6:97:33:99:19:77:b7:22:bf:0a:4d:00:61:9d:ec:
                    16:44:b6:91:25:89:41:0a:a5:08:ab:77:17:49:e5:
                    20:17:4b:e9:dd:e8:14:0e:43:f3:43:53:88:f4:1b:
                    73:47:81:60:f3:a0:a1:ff:92:48:b0:d3:db:63:e8:
                    25:0c:8f:ee:48:5e:97:b8:4d:76:bd:a2:2d:ca:64:
                    89:b2:92:1a:06:93:1a:ad:fd:7f:41:b7:b7:54:21:
                    be:8d:c6:9e:14:1e:1a:ef:4a:60:ba:05:90:0b:b1:
                    6a:fe:46:8d:0d:7b:9b:bb:21:70:a2:82:12:95:03:
                    f1:d8:74:87:16:29:1e:55:37:46:6a:10:27:0e:cd:
                    8b:95:e0:5b:c1:2e:3e:b5:93:ab:8b:4d:19:7a:e5:
                    2f:9b:8b:1b:f5:69:86:ea:7d:fb:30:88:e6:95:a0:
                    9e:f6:04:5a:88:64:3c:17:32:00:43:65:9f:e5:31:
                    42:d8:32:c7:ad:1e:db:5c:f4:8d:b4:9a:03:13:0d:
                    ab:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:AE:0F:63:6E:03:AD:73:6F:9D:83:2D:99:73:E4:80:1B:C9:11:16
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:5c:1f:e5:bd:f8:44:bd:d7:6d:16:f8:58:3e:94:aa:0a:c9:
         62:11:03:fc:a1:14:31:6b:21:a7:cc:0a:e8:39:b3:21:b9:89:
         62:e2:e3:b0:95:ff:15:2e:3c:15:7e:a8:c8:9d:92:c6:5a:60:
         72:62:d2:ed:d5:d4:54:5e:e5:64:33:6d:fb:9e:dc:7b:71:91:
         3d:c2:af:1a:0f:4d:73:c9:55:c4:66:9a:f1:63:ab:2b:1d:f9:
         b4:71:ec:da:ed:46:c9:35:f7:65:65:52:d8:8a:03:f7:df:d0:
         35:08:41:c2:8d:1c:42:8f:08:17:64:2b:5a:a2:3e:a2:57:85:
         d3:42:dd:e6:b1:16:59:f5:77:a1:6b:c2:99:78:a6:47:cf:a8:
         23:4a:9e:84:08:a3:f2:42:09:70:c1:14:42:c6:2c:c1:5f:61:
         b2:1c:e7:6f:53:d6:ad:7b:db:7f:ce:3b:4f:0c:9b:31:72:3a:
         2f:a7:7b:c2:ec:27:fa:54:67:1c:50:80:75:6b:a8:ea:5c:c2:
         26:bd:9b:ce:22:40:f6:81:9e:2f:8a:56:bf:6c:73:81:c3:da:
         4c:0b:fa:b5:b3:9c:eb:f2:36:39:57:46:da:d5:c2:ed:34:2c:
         6d:32:90:f7:d5:e0:c9:13:99:69:f3:a3:be:df:c6:ba:73:41:
         c8:f8:e7:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLVqy5wU537HxGX4R+EMaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUwNjA3MTcwMTAwWhcNMjUwNjA4MTcwMTAwWjAzMTEwLwYDVQQD
EygwMGFlMGY2MzZlMDNhZDczNmY5ZDgzMmQ5OTczZTQ4MDFiYzkxMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNAkjg+y3dMsREQzVLDabZidPhNw
drKqXaaXI35Zw+uZCq8w/chuaGa83GZSRq/9SEKSUCLpwKvQwzCmlzOZGXe3Ir8K
TQBhnewWRLaRJYlBCqUIq3cXSeUgF0vp3egUDkPzQ1OI9BtzR4Fg86Ch/5JIsNPb
Y+glDI/uSF6XuE12vaItymSJspIaBpMarf1/Qbe3VCG+jcaeFB4a70pgugWQC7Fq
/kaNDXubuyFwooISlQPx2HSHFikeVTdGahAnDs2LleBbwS4+tZOri00ZeuUvm4sb
9WmG6n37MIjmlaCe9gRaiGQ8FzIAQ2Wf5TFC2DLHrR7bXPSNtJoDEw2rswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACuD2NuA61zb52DLZlz5IAbyREWMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlwf5b34
RL3XbRb4WD6UqgrJYhED/KEUMWshp8wK6DmzIbmJYuLjsJX/FS48FX6oyJ2Sxlpg
cmLS7dXUVF7lZDNt+57ce3GRPcKvGg9Nc8lVxGaa8WOrKx35tHHs2u1GyTX3ZWVS
2IoD99/QNQhBwo0cQo8IF2QrWqI+oleF00Ld5rEWWfV3oWvCmXimR8+oI0qehAij
8kIJcMEUQsYswV9hshznb1PWrXvbf847TwybMXI6L6d7wuwn+lRnHFCAdWuo6lzC
Jr2bziJA9oGeL4pWv2xzgcPaTAv6tbOc6/I2OVdG2tXC7TQsbTKQ99XgyROZafOj
vt/GunNByPjn6w==
-----END CERTIFICATE-----