Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          imWi3cbFCDcmiA/kgWnY6gyY6+nghxvetbHe2zTByRU=
Subject key identifier:   D9:64:25:F9:EC:A5:0B:0F:0D:49:DC:C0:C9:0B:2F:B1:F0:8B:EA:EC
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       0198A0BAB4A1150F1A819E499EAAE7FD8083
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          162A
Signing time:             Wed 13 Aug 2025 00:00:47 +0000
Manifest this update:     Wed 13 Aug 2025 00:00:47 +0000
Manifest next update:     Thu 14 Aug 2025 00:00:47 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: KSGylV1VZshX6NJ+lr1Hc64G208L8xcG6mRAzJg1Zhg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:ba:b4:a1:15:0f:1a:81:9e:49:9e:aa:e7:fd:80:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Aug 13 00:00:47 2025 GMT
            Not After : Aug 14 00:00:47 2025 GMT
        Subject: CN=d96425f9eca50b0f0d49dcc0c90b2fb1f08beaec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:71:16:ba:77:94:ff:13:18:c2:14:ea:d9:c7:
                    70:58:b0:ed:e5:ab:ce:5f:d5:b0:a5:5d:fd:a7:d6:
                    19:2f:62:57:3a:80:84:9d:58:27:3f:1b:f1:b3:85:
                    dc:42:8e:e1:1c:28:26:c0:72:4f:1f:b6:18:2a:f8:
                    53:56:00:76:12:d3:4c:c9:03:bd:82:09:dc:76:a4:
                    5f:72:c1:40:d5:10:d6:28:7c:54:31:9d:ed:ba:e0:
                    bd:7a:a8:3a:8b:b0:df:69:43:31:40:d1:30:37:fa:
                    44:39:96:3f:12:85:b3:c2:48:3c:50:64:7d:58:97:
                    d2:5f:67:91:e8:06:f2:b1:ee:a2:cc:24:85:6a:27:
                    d0:0d:4f:3a:34:fc:91:07:8b:c3:fc:7a:65:db:a0:
                    cb:24:19:c7:03:a0:4c:fa:16:30:ba:e4:40:63:92:
                    c6:68:19:fa:0d:79:e6:9f:9c:06:24:4e:89:a5:96:
                    10:10:11:5b:64:f9:c0:c0:83:42:53:30:08:06:89:
                    bf:9b:cf:be:a8:81:73:64:2c:da:76:10:04:93:2e:
                    c8:f2:eb:e9:ca:7d:c2:5a:da:a9:69:25:f4:1d:cc:
                    1b:74:9c:6e:38:ef:34:79:79:f0:d0:b4:b8:9a:36:
                    3d:de:84:6e:5a:74:77:70:49:51:84:40:15:49:4b:
                    52:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:64:25:F9:EC:A5:0B:0F:0D:49:DC:C0:C9:0B:2F:B1:F0:8B:EA:EC
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:7d:3d:1c:2d:18:af:1c:d6:05:09:66:a7:09:ed:1e:b9:46:
         af:bf:22:a5:02:71:62:ae:80:c8:56:8f:05:ec:ec:2b:1b:71:
         8f:e6:c3:54:1a:92:7c:cd:5c:aa:9d:66:58:38:c8:0a:00:38:
         21:82:50:b1:00:4f:38:0e:15:ff:af:a9:88:6d:bf:07:e1:fc:
         5a:37:0a:ea:ac:30:a9:7d:4c:7d:a4:42:59:33:09:52:c3:94:
         79:f5:6d:23:3a:93:0b:27:66:d5:49:7c:2f:ea:0f:43:40:b7:
         b1:b7:c1:c0:8c:c3:18:08:7d:a4:95:ef:6b:dc:b4:46:c9:3d:
         3b:2e:51:60:0d:36:a6:c5:b2:01:ae:f4:0a:82:74:bb:98:cc:
         2d:e7:80:48:8e:a8:f2:6e:d5:ea:f2:96:57:d6:e2:74:5b:b6:
         a8:70:87:53:3a:dc:59:db:30:0c:1c:51:11:b7:79:0c:b6:33:
         15:2f:19:ae:22:70:38:91:a4:46:5b:e8:09:91:5f:71:aa:24:
         99:7f:24:2f:a2:15:26:10:64:88:97:75:c0:a0:ba:6f:e6:91:
         93:64:a4:58:bb:4c:b0:ec:7c:ea:cf:4d:e6:c4:50:2f:97:91:
         13:07:10:9c:a0:d1:b3:af:ac:14:76:bd:fe:06:fe:ec:6d:d9:
         b8:0c:50:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigurShFQ8agZ5Jnqrn/YCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUwODEzMDAwMDQ3WhcNMjUwODE0MDAwMDQ3WjAzMTEwLwYDVQQD
EyhkOTY0MjVmOWVjYTUwYjBmMGQ0OWRjYzBjOTBiMmZiMWYwOGJlYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonEWuneU/xMYwhTq2cdwWLDt5avO
X9WwpV39p9YZL2JXOoCEnVgnPxvxs4XcQo7hHCgmwHJPH7YYKvhTVgB2EtNMyQO9
ggncdqRfcsFA1RDWKHxUMZ3tuuC9eqg6i7DfaUMxQNEwN/pEOZY/EoWzwkg8UGR9
WJfSX2eR6Abyse6izCSFaifQDU86NPyRB4vD/Hpl26DLJBnHA6BM+hYwuuRAY5LG
aBn6DXnmn5wGJE6JpZYQEBFbZPnAwINCUzAIBom/m8++qIFzZCzadhAEky7I8uvp
yn3CWtqpaSX0HcwbdJxuOO80eXnw0LS4mjY93oRuWnR3cElRhEAVSUtS0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlkJfnspQsPDUncwMkLL7Hwi+rsMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYH09HC0Y
rxzWBQlmpwntHrlGr78ipQJxYq6AyFaPBezsKxtxj+bDVBqSfM1cqp1mWDjICgA4
IYJQsQBPOA4V/6+piG2/B+H8WjcK6qwwqX1MfaRCWTMJUsOUefVtIzqTCydm1Ul8
L+oPQ0C3sbfBwIzDGAh9pJXva9y0Rsk9Oy5RYA02psWyAa70CoJ0u5jMLeeASI6o
8m7V6vKWV9bidFu2qHCHUzrcWdswDBxREbd5DLYzFS8ZriJwOJGkRlvoCZFfcaok
mX8kL6IVJhBkiJd1wKC6b+aRk2SkWLtMsOx86s9N5sRQL5eREwcQnKDRs6+sFHa9
/gb+7G3ZuAxQkA==
-----END CERTIFICATE-----