Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
File:                     Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft (raw, json)
Hash identifier:          pJC5V5YKGr7nHctUWhtcfPkM0e8vldw+LiL3VxT2TeI=
Subject key identifier:   0F:71:A4:75:75:92:10:FD:B0:B9:C2:EE:75:17:5F:16:9D:75:EE:EC
Authority key identifier: 1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42
Certificate issuer:       /CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
Certificate serial:       01987AF749F67F5C88569410FD56B9D0590C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
Manifest number:          152D
Signing time:             Tue 05 Aug 2025 16:01:23 +0000
Manifest this update:     Tue 05 Aug 2025 16:01:23 +0000
Manifest next update:     Wed 06 Aug 2025 16:01:23 +0000
Files and hashes:         1: Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl (hash: JhiTt6qHKuvnq5+XPiSRt2hw/1/rZPt7Ap2jlrVnKE8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 16:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:f7:49:f6:7f:5c:88:56:94:10:fd:56:b9:d0:59:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1edc3a97f1ccaef7f1086991cf7b10a410ce1942
        Validity
            Not Before: Aug  5 16:01:23 2025 GMT
            Not After : Aug  6 16:01:23 2025 GMT
        Subject: CN=0f71a475759210fdb0b9c2ee75175f169d75eeec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:3d:dd:88:77:1b:53:84:1a:de:38:98:ed:d5:
                    1d:c4:84:6a:bf:30:fb:30:11:f4:2c:a9:28:9a:89:
                    5f:d1:09:b2:76:5f:05:19:ee:72:37:08:64:be:81:
                    c9:60:f4:a7:ed:5c:1a:b7:99:35:9b:c6:80:a7:fb:
                    03:12:04:a8:22:c2:9b:8e:a7:46:a6:c5:a5:b2:35:
                    f8:11:b0:b8:43:0f:48:0c:f6:c3:8e:e6:a7:82:57:
                    7d:d3:5d:e2:ff:bd:cc:c8:be:3f:7d:10:37:53:80:
                    9a:af:d5:df:7b:1d:aa:92:77:51:a9:51:2c:ae:c0:
                    3c:eb:c2:eb:b7:62:3e:4c:31:3c:0a:69:03:3f:14:
                    4a:15:00:f6:33:8e:13:70:9c:a5:83:b9:b4:45:1d:
                    f7:75:57:fe:66:c8:89:d5:18:67:bf:0d:0e:4c:fc:
                    25:90:8e:df:da:b7:fa:d2:13:65:c8:17:df:b7:f4:
                    d7:05:64:f1:b4:1a:86:ac:30:ff:01:ed:c0:bf:af:
                    9d:a7:41:a2:9b:ca:4a:52:61:76:f2:19:a2:40:a5:
                    18:fc:3d:05:f2:2a:59:99:7e:8d:01:60:89:3a:57:
                    f8:18:57:a5:65:9d:df:23:50:cb:4a:1c:7a:f0:2d:
                    c5:dd:db:16:60:9e:ff:1e:7c:d7:aa:38:cb:7c:73:
                    9c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:71:A4:75:75:92:10:FD:B0:B9:C2:EE:75:17:5F:16:9D:75:EE:EC
            X509v3 Authority Key Identifier:
                keyid:1E:DC:3A:97:F1:CC:AE:F7:F1:08:69:91:CF:7B:10:A4:10:CE:19:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Htw6l_HMrvfxCGmRz3sQpBDOGUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/0d0724-55f5-4755-99c2-612651ae3eb3/1/Htw6l_HMrvfxCGmRz3sQpBDOGUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:84:5b:e3:d8:a9:0b:82:b8:20:06:cd:74:d8:08:cd:5c:de:
         c3:cf:4d:d2:dd:0a:5e:e1:cf:9b:c8:de:45:d3:8e:fd:9a:a0:
         a7:9b:10:4a:4d:e4:33:4f:87:10:2b:82:d0:38:45:e0:d0:a5:
         d6:e6:4f:32:e0:e2:3e:c6:8b:9f:32:61:f6:78:ed:1b:56:9a:
         8d:4d:fa:82:f9:2b:2f:da:7c:3f:c4:07:06:7b:0d:d1:ca:a8:
         41:81:77:1b:ef:a9:44:01:23:54:d6:d0:9c:16:81:98:52:b5:
         3b:e9:13:35:10:fc:57:37:6c:cb:af:f6:d1:f3:64:32:54:7f:
         dc:b9:8d:e2:00:32:0a:da:a7:d4:01:b3:76:1c:95:77:ae:2f:
         f2:a8:5d:53:f0:d6:50:81:10:ef:6a:06:f9:9a:3a:73:d7:0b:
         f0:da:09:9e:89:c1:d8:02:1f:c3:2e:a5:38:9f:a3:95:f6:ec:
         79:2b:5a:c5:1a:c9:8f:3f:81:55:6b:57:77:9b:d5:4b:79:2b:
         c1:a3:dc:f1:ce:2f:d5:93:8a:35:a9:95:7f:9c:33:7e:fd:5d:
         90:c5:4d:69:60:0d:3e:25:e9:d0:fc:84:fa:2c:1d:c9:26:89:
         5a:1e:f8:2b:0a:9b:3d:b3:1e:9f:b4:b9:a8:5c:04:50:a6:d7:
         22:dd:5d:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh690n2f1yIVpQQ/Va50FkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZGMzYTk3ZjFjY2FlZjdmMTA4Njk5MWNmN2IxMGE0MTBj
ZTE5NDIwHhcNMjUwODA1MTYwMTIzWhcNMjUwODA2MTYwMTIzWjAzMTEwLwYDVQQD
EygwZjcxYTQ3NTc1OTIxMGZkYjBiOWMyZWU3NTE3NWYxNjlkNzVlZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD3diHcbU4Qa3jiY7dUdxIRqvzD7
MBH0LKkomolf0Qmydl8FGe5yNwhkvoHJYPSn7Vwat5k1m8aAp/sDEgSoIsKbjqdG
psWlsjX4EbC4Qw9IDPbDjuangld9013i/73MyL4/fRA3U4Car9Xfex2qkndRqVEs
rsA868Lrt2I+TDE8CmkDPxRKFQD2M44TcJylg7m0RR33dVf+ZsiJ1Rhnvw0OTPwl
kI7f2rf60hNlyBfft/TXBWTxtBqGrDD/Ae3Av6+dp0Gim8pKUmF28hmiQKUY/D0F
8ipZmX6NAWCJOlf4GFelZZ3fI1DLShx68C3F3dsWYJ7/HnzXqjjLfHOcnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9xpHV1khD9sLnC7nUXXxadde7sMB8GA1UdIwQY
MBaAFB7cOpfxzK738Qhpkc97EKQQzhlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzIt
NjEyNjUxYWUzZWIzLzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8wZDA3MjQtNTVmNS00NzU1LTk5YzItNjEyNjUxYWUzZWIz
LzEvSHR3NmxfSE1ydmZ4Q0dtUnozc1FwQkRPR1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhYRb49ip
C4K4IAbNdNgIzVzew89N0t0KXuHPm8jeRdOO/Zqgp5sQSk3kM0+HECuC0DhF4NCl
1uZPMuDiPsaLnzJh9njtG1aajU36gvkrL9p8P8QHBnsN0cqoQYF3G++pRAEjVNbQ
nBaBmFK1O+kTNRD8Vzdsy6/20fNkMlR/3LmN4gAyCtqn1AGzdhyVd64v8qhdU/DW
UIEQ72oG+Zo6c9cL8NoJnonB2AIfwy6lOJ+jlfbseStaxRrJjz+BVWtXd5vVS3kr
waPc8c4v1ZOKNamVf5wzfv1dkMVNaWANPiXp0PyE+iwdySaJWh74KwqbPbMen7S5
qFwEUKbXIt1dYA==
-----END CERTIFICATE-----