Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          SBjWRRLE5L64jvlUib2FwV4ZSo19vU7WixKLxSGP/cg=
Subject key identifier:   88:DF:1A:ED:2F:C4:D1:33:9C:62:25:04:A0:FC:61:85:71:5B:50:63
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       019896002D084618B8CA2090F235C091E154
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0AF4
Signing time:             Sun 10 Aug 2025 22:00:50 +0000
Manifest this update:     Sun 10 Aug 2025 22:00:50 +0000
Manifest next update:     Mon 11 Aug 2025 22:00:50 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: qLz/FeeCTirRDyZP2vju+G8+pWpWvajzrT8vQHrp2jo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:00:2d:08:46:18:b8:ca:20:90:f2:35:c0:91:e1:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Aug 10 22:00:50 2025 GMT
            Not After : Aug 11 22:00:50 2025 GMT
        Subject: CN=88df1aed2fc4d1339c622504a0fc6185715b5063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:35:04:29:58:8b:5c:27:1f:23:cb:5e:d2:56:
                    92:4b:39:02:85:ad:2c:2d:28:e2:ed:f7:aa:f6:d5:
                    7d:ff:32:b9:d7:68:6c:e3:b2:3d:5c:4b:7a:16:c7:
                    6e:c5:11:43:96:13:c4:ed:d4:b8:c8:cd:81:f9:28:
                    5d:16:92:1e:bd:e4:a8:fc:84:f9:de:0b:73:41:68:
                    54:c2:b9:f1:00:fc:62:8c:67:7e:74:a1:76:13:e9:
                    e0:a2:d8:9f:e9:d4:4a:08:97:e7:0f:fa:13:da:41:
                    89:f1:c0:d2:4f:a2:c4:63:37:4e:55:ec:55:f0:6a:
                    de:2e:53:58:0d:ad:87:d7:d7:a4:3e:26:45:2a:0c:
                    20:57:06:a1:a4:6f:d0:e5:b9:e6:4f:52:d1:37:e6:
                    6d:8a:a3:9a:54:92:7e:12:b8:0b:b7:07:fe:61:7e:
                    6c:b3:36:83:b7:8a:93:7c:c5:21:f2:ae:c5:88:ea:
                    a5:0a:b6:60:3d:e1:1d:36:cc:e9:61:98:42:23:fa:
                    83:8b:18:9b:6a:a9:46:04:f0:b0:ad:79:3a:00:4d:
                    f5:12:e0:63:fd:6f:92:db:96:81:f8:d4:2b:e2:10:
                    92:31:06:9f:b3:74:d5:a4:75:95:90:b1:c2:64:b2:
                    a1:54:9d:25:3f:5e:a0:be:b6:de:c6:52:16:b0:61:
                    26:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:DF:1A:ED:2F:C4:D1:33:9C:62:25:04:A0:FC:61:85:71:5B:50:63
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:bf:e7:be:8b:19:59:c0:b1:ea:49:c7:3c:43:d1:e0:e0:d7:
         91:9b:d6:03:55:5e:f3:6e:57:20:70:65:c4:2f:61:dc:a0:87:
         8f:67:ef:3b:95:b3:ae:2c:6b:9f:a8:0a:06:44:67:b4:01:39:
         80:91:cd:ee:a0:ac:e3:46:38:db:85:89:23:d9:eb:97:a4:fc:
         f4:7d:8f:76:ee:6c:50:41:b8:c2:fa:a5:5a:f9:4b:aa:10:44:
         36:ad:e1:20:14:3a:c2:00:fd:9b:ba:cc:40:be:7b:48:48:05:
         4a:38:7b:5d:d0:e6:60:a5:77:9b:02:d1:de:dd:4e:dc:e3:2a:
         da:22:97:44:bf:ce:db:30:74:24:95:93:c0:4b:8a:60:7c:41:
         b0:13:e6:e9:0a:85:59:e0:86:ad:95:b6:c8:e3:22:6d:bd:fb:
         7e:9c:6d:27:92:46:14:0b:86:df:b0:e0:ed:3a:f0:ef:1e:d0:
         4d:84:6e:43:34:ca:27:00:6f:02:c4:cb:a4:fd:c0:46:9e:6e:
         b8:f9:d5:ca:bf:46:47:55:b3:96:49:24:d6:a6:5c:62:9a:f5:
         2a:3d:5c:8f:af:9d:78:99:90:f1:ab:4d:ae:e0:fd:23:28:4f:
         2e:ae:74:b9:bc:0f:cc:4b:c2:58:60:e6:0b:38:11:46:f7:45:
         3e:65:a2:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWAC0IRhi4yiCQ8jXAkeFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUwODEwMjIwMDUwWhcNMjUwODExMjIwMDUwWjAzMTEwLwYDVQQD
Eyg4OGRmMWFlZDJmYzRkMTMzOWM2MjI1MDRhMGZjNjE4NTcxNWI1MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDUEKViLXCcfI8te0laSSzkCha0s
LSji7feq9tV9/zK512hs47I9XEt6FsduxRFDlhPE7dS4yM2B+ShdFpIeveSo/IT5
3gtzQWhUwrnxAPxijGd+dKF2E+ngotif6dRKCJfnD/oT2kGJ8cDST6LEYzdOVexV
8GreLlNYDa2H19ekPiZFKgwgVwahpG/Q5bnmT1LRN+ZtiqOaVJJ+ErgLtwf+YX5s
szaDt4qTfMUh8q7FiOqlCrZgPeEdNszpYZhCI/qDixibaqlGBPCwrXk6AE31EuBj
/W+S25aB+NQr4hCSMQafs3TVpHWVkLHCZLKhVJ0lP16gvrbexlIWsGEm+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjfGu0vxNEznGIlBKD8YYVxW1BjMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYb/nvosZ
WcCx6knHPEPR4ODXkZvWA1Ve825XIHBlxC9h3KCHj2fvO5Wzrixrn6gKBkRntAE5
gJHN7qCs40Y424WJI9nrl6T89H2Pdu5sUEG4wvqlWvlLqhBENq3hIBQ6wgD9m7rM
QL57SEgFSjh7XdDmYKV3mwLR3t1O3OMq2iKXRL/O2zB0JJWTwEuKYHxBsBPm6QqF
WeCGrZW2yOMibb37fpxtJ5JGFAuG37Dg7Trw7x7QTYRuQzTKJwBvAsTLpP3ARp5u
uPnVyr9GR1Wzlkkk1qZcYpr1Kj1cj6+deJmQ8atNruD9IyhPLq50ubwPzEvCWGDm
CzgRRvdFPmWiJw==
-----END CERTIFICATE-----