Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
File:                     HHOn_DBLwC2AdEdtB121zc0tq94.mft (raw, json)
Hash identifier:          mIORhaiRQlZM3sAHknO/7/4J+sMz184kEfdvDaq6XVw=
Subject key identifier:   57:01:C5:31:E6:4E:2D:9A:32:8E:3E:8E:3D:7E:B9:00:4F:90:C9:33
Authority key identifier: 1C:73:A7:FC:30:4B:C0:2D:80:74:47:6D:07:5D:B5:CD:CD:2D:AB:DE
Certificate issuer:       /CN=1c73a7fc304bc02d8074476d075db5cdcd2dabde
Certificate serial:       0199239FFE162CDECE49B39602AE865EE7B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 10:01:51 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:51 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:51 +0000
Files and hashes:         1: HHOn_DBLwC2AdEdtB121zc0tq94.crl (hash: k/k7orU+79FOlIidVwcbs8pgx10h0SN/RkCReEsoADs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:fe:16:2c:de:ce:49:b3:96:02:ae:86:5e:e7:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c73a7fc304bc02d8074476d075db5cdcd2dabde
        Validity
            Not Before: Sep  7 10:01:51 2025 GMT
            Not After : Sep  8 10:01:51 2025 GMT
        Subject: CN=5701c531e64e2d9a328e3e8e3d7eb9004f90c933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:12:d9:76:b5:ee:af:52:c2:6a:04:13:d0:0c:
                    e9:a7:16:98:eb:c7:af:eb:ed:8e:bf:b3:1f:7f:79:
                    35:4f:df:97:b6:44:0e:d8:b0:88:ae:11:17:c7:38:
                    43:3c:b3:19:1f:d1:fc:e0:17:e1:de:8f:58:10:fe:
                    ce:e1:8a:7d:7c:f7:30:d7:dc:82:84:2e:b0:3c:85:
                    4f:36:1f:01:9f:ac:37:ea:a3:b1:6c:32:b1:2d:c7:
                    75:3e:f4:fc:35:0c:95:ad:61:e8:11:39:44:d4:37:
                    2d:99:70:96:4b:bb:0d:ea:3a:8a:e4:f2:03:fd:e8:
                    1d:33:c2:c0:a7:4d:51:07:2a:29:e6:5a:16:62:5f:
                    61:15:34:46:47:9d:c5:8a:7d:4c:2d:f6:7c:8f:55:
                    5c:94:b3:fb:d8:e5:6d:8f:be:18:94:74:cc:39:97:
                    08:f3:cd:e0:3c:f5:9f:f4:27:f5:aa:2d:06:f7:8c:
                    5b:20:33:41:4b:31:81:23:9c:1e:44:ff:ed:5f:11:
                    75:03:fa:b8:18:a2:88:92:9d:0f:24:b2:7f:e8:ba:
                    e2:f0:0e:8a:7e:14:d9:92:fd:a5:d1:3c:4f:0a:3d:
                    5e:e7:53:41:bb:c4:16:9a:ac:b4:4c:b3:3a:e6:31:
                    56:07:a0:61:e0:6f:d2:4d:82:6e:e5:b2:02:52:be:
                    0b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:01:C5:31:E6:4E:2D:9A:32:8E:3E:8E:3D:7E:B9:00:4F:90:C9:33
            X509v3 Authority Key Identifier:
                keyid:1C:73:A7:FC:30:4B:C0:2D:80:74:47:6D:07:5D:B5:CD:CD:2D:AB:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHOn_DBLwC2AdEdtB121zc0tq94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/810c72-d416-4a14-8aca-a8faeeb7ee52/1/HHOn_DBLwC2AdEdtB121zc0tq94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:86:1b:7a:08:07:a5:10:cb:37:ca:db:cd:5f:9d:cd:37:4c:
         87:fb:2e:dd:79:2a:da:0b:30:6e:20:6e:24:53:1c:cd:e5:ff:
         2f:e8:15:8f:8c:ca:ae:7a:31:0b:ff:89:a7:a7:c1:55:b2:82:
         50:ad:07:56:a4:da:59:1c:c0:31:70:1f:b0:4e:87:44:00:48:
         16:77:bd:ec:6b:5b:24:3f:37:66:ec:f6:55:7a:22:fb:50:6b:
         4f:31:46:10:e0:c6:a8:29:83:68:e7:88:13:18:a9:80:a5:5b:
         5f:e7:f2:9d:5f:77:0f:b7:42:10:df:ca:ad:3b:f9:92:fe:67:
         76:47:99:3e:94:ad:44:e5:47:5b:e7:7b:df:53:88:48:7e:31:
         b7:e4:fc:2c:62:75:99:13:27:ec:53:9d:94:54:72:12:f8:01:
         77:9a:ce:75:9e:4e:13:1c:58:e6:48:a9:9d:32:2f:91:0f:78:
         4b:8b:f5:38:49:6e:70:d9:e8:68:ae:58:de:ed:be:cc:2a:48:
         e8:b6:b8:fa:4c:e5:08:2e:0a:ac:ab:f6:2c:53:39:3c:35:cb:
         c2:c7:32:b0:8a:3d:a2:46:1d:9f:df:82:67:dc:13:38:98:be:
         a3:9d:e8:d6:b5:29:1f:dd:3a:7f:e2:35:3d:58:77:ec:b5:e8:
         56:9d:c7:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn/4WLN7OSbOWAq6GXue5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzNhN2ZjMzA0YmMwMmQ4MDc0NDc2ZDA3NWRiNWNkY2Qy
ZGFiZGUwHhcNMjUwOTA3MTAwMTUxWhcNMjUwOTA4MTAwMTUxWjAzMTEwLwYDVQQD
Eyg1NzAxYzUzMWU2NGUyZDlhMzI4ZTNlOGUzZDdlYjkwMDRmOTBjOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hLZdrXur1LCagQT0AzppxaY68ev
6+2Ov7Mff3k1T9+XtkQO2LCIrhEXxzhDPLMZH9H84Bfh3o9YEP7O4Yp9fPcw19yC
hC6wPIVPNh8Bn6w36qOxbDKxLcd1PvT8NQyVrWHoETlE1DctmXCWS7sN6jqK5PID
/egdM8LAp01RByop5loWYl9hFTRGR53Fin1MLfZ8j1VclLP72OVtj74YlHTMOZcI
883gPPWf9Cf1qi0G94xbIDNBSzGBI5weRP/tXxF1A/q4GKKIkp0PJLJ/6Lri8A6K
fhTZkv2l0TxPCj1e51NBu8QWmqy0TLM65jFWB6Bh4G/STYJu5bICUr4LDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcBxTHmTi2aMo4+jj1+uQBPkMkzMB8GA1UdIwQY
MBaAFBxzp/wwS8AtgHRHbQddtc3NLaveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84MTBjNzItZDQxNi00YTE0LThhY2Et
YThmYWVlYjdlZTUyLzEvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84MTBjNzItZDQxNi00YTE0LThhY2EtYThmYWVlYjdlZTUy
LzEvSEhPbl9EQkx3QzJBZEVkdEIxMjF6YzB0cTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALIYbeggH
pRDLN8rbzV+dzTdMh/su3Xkq2gswbiBuJFMczeX/L+gVj4zKrnoxC/+Jp6fBVbKC
UK0HVqTaWRzAMXAfsE6HRABIFne97GtbJD83Zuz2VXoi+1BrTzFGEODGqCmDaOeI
ExipgKVbX+fynV93D7dCEN/KrTv5kv5ndkeZPpStROVHW+d731OISH4xt+T8LGJ1
mRMn7FOdlFRyEvgBd5rOdZ5OExxY5kipnTIvkQ94S4v1OElucNnoaK5Y3u2+zCpI
6La4+kzlCC4KrKv2LFM5PDXLwscysIo9okYdn9+CZ9wTOJi+o53o1rUpH906f+I1
PVh37LXoVp3Hnw==
-----END CERTIFICATE-----