Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          Y8ezGFo5eNppvl2jwfh3G2QZSYxOwM7l0A1Zu4zv9cs=
Subject key identifier:   0E:4A:27:8A:0D:8A:0E:D0:35:8D:7A:9B:DF:DF:BF:D5:AC:4A:49:2B
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       019874509A68BA22B1BC5B8EEECCB46F774A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          100F
Signing time:             Mon 04 Aug 2025 09:01:35 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:35 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:35 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: dv4lKgopRKWATLCBLKqoJjHSLmaIXwP38EEDIIa6RH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:9a:68:ba:22:b1:bc:5b:8e:ee:cc:b4:6f:77:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Aug  4 09:01:35 2025 GMT
            Not After : Aug  5 09:01:35 2025 GMT
        Subject: CN=0e4a278a0d8a0ed0358d7a9bdfdfbfd5ac4a492b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c8:51:4a:e9:97:40:f7:9c:8e:18:be:d6:ec:
                    2c:25:64:67:4b:cf:48:4f:dc:53:70:b3:b9:9e:04:
                    a9:ab:45:7a:fe:fe:92:ff:ef:3c:0d:4c:8a:45:c0:
                    87:87:0b:a4:c2:57:ff:a0:ac:66:cd:f8:f0:9a:51:
                    a0:72:c5:cd:97:94:67:a6:36:82:d6:41:83:c5:22:
                    2f:4d:95:ea:df:98:eb:81:46:ef:1a:49:b7:78:79:
                    3e:b0:2e:e6:55:87:00:79:25:6d:e4:b1:e9:59:66:
                    8f:32:bf:9a:2e:25:53:ff:6b:9b:df:48:f7:7f:3f:
                    0b:ac:85:36:dc:28:d4:b0:0b:a2:27:1f:7d:0f:cf:
                    87:b1:b6:ca:2d:75:a7:d5:18:5a:e1:13:5b:01:1b:
                    cc:c1:66:b0:ec:ed:5a:f6:b9:f2:2b:13:ea:f9:22:
                    0c:2c:19:e0:d8:87:38:2e:63:b0:92:cf:88:13:db:
                    31:de:c0:85:80:71:2d:db:06:f3:a1:ec:0d:60:b2:
                    4f:e7:94:bf:3d:72:a5:e1:e4:47:df:4e:94:55:e8:
                    e2:22:4b:be:aa:2f:69:40:2c:1b:d3:2b:3e:21:90:
                    fa:3d:5f:64:c7:13:dd:98:84:3d:d9:4a:5e:47:0c:
                    21:bc:38:7f:c1:97:5d:1d:3a:a6:86:4f:51:7c:9c:
                    35:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4A:27:8A:0D:8A:0E:D0:35:8D:7A:9B:DF:DF:BF:D5:AC:4A:49:2B
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:71:d5:53:db:e8:c5:36:90:06:48:e3:f0:33:ab:66:bc:88:
         0e:ac:83:88:3d:cd:b7:83:75:7e:54:ed:db:e3:33:70:37:c8:
         25:e6:e4:80:4d:56:9a:e8:f3:3b:a7:22:25:e3:69:6f:8f:f7:
         30:ac:c4:1d:29:f3:91:48:c4:33:81:16:69:be:5b:0d:85:5d:
         89:30:bd:69:e5:1b:f9:d2:8e:24:7a:9b:b1:f5:3f:6c:19:7b:
         a8:73:5b:ed:98:98:c5:49:90:74:f7:d8:22:c4:64:07:0b:47:
         8d:e3:70:31:31:66:ff:c9:5c:96:15:cf:30:9c:c3:ed:cb:77:
         24:57:ba:11:d0:84:a7:f8:3f:b2:b2:f5:8d:31:52:9e:9d:af:
         ac:0d:63:ef:6f:c7:8e:8c:5b:de:3b:d8:8e:23:9f:7c:08:1a:
         17:11:ab:79:92:1b:1c:ba:8c:14:a2:6a:7e:c0:27:45:9c:6a:
         21:a4:3b:48:3e:86:9e:2b:cd:a1:13:f6:65:13:35:ad:7d:1f:
         71:37:3b:da:f9:ed:98:27:43:fc:f4:3b:08:8a:28:63:59:59:
         ff:ec:c5:e2:07:97:7a:c6:61:60:9b:f3:3f:54:95:be:fd:18:
         5a:39:2e:b7:bf:f0:b2:f1:ed:cf:5f:71:6e:bb:90:a7:42:49:
         1f:b0:38:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UJpouiKxvFuO7sy0b3dKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwODA0MDkwMTM1WhcNMjUwODA1MDkwMTM1WjAzMTEwLwYDVQQD
EygwZTRhMjc4YTBkOGEwZWQwMzU4ZDdhOWJkZmRmYmZkNWFjNGE0OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuchRSumXQPecjhi+1uwsJWRnS89I
T9xTcLO5ngSpq0V6/v6S/+88DUyKRcCHhwukwlf/oKxmzfjwmlGgcsXNl5RnpjaC
1kGDxSIvTZXq35jrgUbvGkm3eHk+sC7mVYcAeSVt5LHpWWaPMr+aLiVT/2ub30j3
fz8LrIU23CjUsAuiJx99D8+HsbbKLXWn1Rha4RNbARvMwWaw7O1a9rnyKxPq+SIM
LBng2Ic4LmOwks+IE9sx3sCFgHEt2wbzoewNYLJP55S/PXKl4eRH306UVejiIku+
qi9pQCwb0ys+IZD6PV9kxxPdmIQ92UpeRwwhvDh/wZddHTqmhk9RfJw1LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5KJ4oNig7QNY16m9/fv9WsSkkrMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARXHVU9vo
xTaQBkjj8DOrZryIDqyDiD3Nt4N1flTt2+MzcDfIJebkgE1WmujzO6ciJeNpb4/3
MKzEHSnzkUjEM4EWab5bDYVdiTC9aeUb+dKOJHqbsfU/bBl7qHNb7ZiYxUmQdPfY
IsRkBwtHjeNwMTFm/8lclhXPMJzD7ct3JFe6EdCEp/g/srL1jTFSnp2vrA1j72/H
joxb3jvYjiOffAgaFxGreZIbHLqMFKJqfsAnRZxqIaQ7SD6GnivNoRP2ZRM1rX0f
cTc72vntmCdD/PQ7CIooY1lZ/+zF4geXesZhYJvzP1SVvv0YWjkut7/wsvHtz19x
bruQp0JJH7A44g==
-----END CERTIFICATE-----