Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
File:                     HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json)
Hash identifier:          Qbjd3VKM2K9dtSs1z8fK4OpWTgJSRmq0bj75UpC3v/0=
Subject key identifier:   53:D9:B9:3D:E8:71:10:28:09:34:1C:61:6B:80:3D:4F:F5:0D:68:0F
Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B
Certificate issuer:       /CN=1c06866313d668afe87986fae5ff7941f928069b
Certificate serial:       019769CF23F196468F80015EB7FF6AD17C39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
Manifest number:          0F85
Signing time:             Fri 13 Jun 2025 15:01:11 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:11 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:11 +0000
Files and hashes:         1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: U+DDC1KU/vTJBFxDNBUVaB2OpXATuzfs6ULncE4MJ80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:23:f1:96:46:8f:80:01:5e:b7:ff:6a:d1:7c:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b
        Validity
            Not Before: Jun 13 15:01:11 2025 GMT
            Not After : Jun 14 15:01:11 2025 GMT
        Subject: CN=53d9b93de871102809341c616b803d4ff50d680f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:c8:18:75:38:3e:4a:62:ae:5e:6b:73:b5:79:
                    1b:75:98:9b:c8:71:bf:c9:3e:c6:48:4d:6e:d8:68:
                    88:33:29:79:d5:29:81:59:93:ec:09:46:59:20:62:
                    84:8f:e8:98:17:16:87:bc:76:d0:1b:2d:bc:63:53:
                    b6:94:7c:fd:05:40:2f:12:15:e1:24:39:71:94:2d:
                    bb:d3:bb:db:09:0b:7b:e6:a3:33:3e:b0:b8:5c:70:
                    4c:e7:36:a7:12:c3:b6:03:68:eb:80:f9:9e:38:16:
                    8a:f7:84:eb:a7:33:96:a1:79:2f:da:5b:d0:cf:bb:
                    67:91:09:84:ca:b4:f1:5e:e6:ec:ad:db:45:9e:78:
                    24:3c:a7:c4:d3:e3:b7:b4:06:66:5c:c6:f2:a9:2f:
                    d0:7c:32:d1:b6:b0:99:98:61:9f:b2:c0:6a:98:d3:
                    96:c8:44:c9:5a:53:95:8c:04:4e:ec:34:bf:6f:8c:
                    7a:5b:a5:a1:f3:38:9a:5f:07:32:40:15:07:88:36:
                    42:ef:7a:f7:0d:8b:de:51:f5:bb:1e:e1:c6:ee:2e:
                    c5:a0:62:67:28:0f:ed:95:fd:b2:f0:ee:84:6b:ab:
                    de:40:a8:38:32:f9:02:42:e3:1f:66:be:f1:4e:aa:
                    01:1e:cf:d9:fa:31:03:81:20:60:45:95:f2:09:68:
                    c3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D9:B9:3D:E8:71:10:28:09:34:1C:61:6B:80:3D:4F:F5:0D:68:0F
            X509v3 Authority Key Identifier:
                keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:33:b6:f8:7e:e0:c3:be:7b:6d:70:91:b7:f8:2b:40:c8:00:
         d3:3f:74:37:b8:0b:06:99:60:03:2f:6e:96:8b:9d:d0:eb:29:
         6c:cd:c8:64:fc:5b:f8:cb:30:ee:61:52:9c:1e:d9:41:81:47:
         84:6f:dc:44:1a:39:11:63:39:84:f9:55:50:b8:fc:4e:d7:e0:
         e1:ba:3a:4c:41:7f:d7:83:83:56:21:04:2d:31:71:07:78:bc:
         66:9d:c8:28:9d:38:e6:9c:1e:2a:ee:ca:77:36:12:27:d6:cd:
         bf:1f:ae:63:f7:49:f2:fa:c9:51:aa:7f:52:b0:30:db:b9:51:
         60:a3:1f:6d:f0:f3:cf:b5:09:78:c7:ce:69:bf:8d:6c:0f:dc:
         26:50:05:2b:b2:2c:00:85:0d:ff:53:e8:ff:52:00:9b:11:c8:
         f6:39:7b:28:45:93:32:5d:ca:91:66:8c:42:64:fa:a6:3b:00:
         c4:31:61:0b:45:9b:4a:ab:e5:df:86:3b:e4:57:b9:7c:4f:08:
         86:c7:5e:a5:8e:89:c2:25:7d:9b:43:18:bc:0e:92:44:90:12:
         77:2b:c5:39:d5:05:e6:3e:1f:63:b4:92:b8:30:3b:2c:a3:e7:
         3b:ab:59:bb:71:d1:21:a2:d8:0c:7b:b7:40:dd:a0:f8:16:3d:
         4b:71:94:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzyPxlkaPgAFet/9q0Xw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky
ODA2OWIwHhcNMjUwNjEzMTUwMTExWhcNMjUwNjE0MTUwMTExWjAzMTEwLwYDVQQD
Eyg1M2Q5YjkzZGU4NzExMDI4MDkzNDFjNjE2YjgwM2Q0ZmY1MGQ2ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMgYdTg+SmKuXmtztXkbdZibyHG/
yT7GSE1u2GiIMyl51SmBWZPsCUZZIGKEj+iYFxaHvHbQGy28Y1O2lHz9BUAvEhXh
JDlxlC2707vbCQt75qMzPrC4XHBM5zanEsO2A2jrgPmeOBaK94TrpzOWoXkv2lvQ
z7tnkQmEyrTxXubsrdtFnngkPKfE0+O3tAZmXMbyqS/QfDLRtrCZmGGfssBqmNOW
yETJWlOVjARO7DS/b4x6W6Wh8ziaXwcyQBUHiDZC73r3DYveUfW7HuHG7i7FoGJn
KA/tlf2y8O6Ea6veQKg4MvkCQuMfZr7xTqoBHs/Z+jEDgSBgRZXyCWjDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPZuT3ocRAoCTQcYWuAPU/1DWgPMB8GA1UdIwQY
MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt
NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2
LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDO2+H7g
w757bXCRt/grQMgA0z90N7gLBplgAy9uloud0OspbM3IZPxb+Msw7mFSnB7ZQYFH
hG/cRBo5EWM5hPlVULj8Ttfg4bo6TEF/14ODViEELTFxB3i8Zp3IKJ045pweKu7K
dzYSJ9bNvx+uY/dJ8vrJUap/UrAw27lRYKMfbfDzz7UJeMfOab+NbA/cJlAFK7Is
AIUN/1Po/1IAmxHI9jl7KEWTMl3KkWaMQmT6pjsAxDFhC0WbSqvl34Y75Fe5fE8I
hsdepY6JwiV9m0MYvA6SRJASdyvFOdUF5j4fY7SSuDA7LKPnO6tZu3HRIaLYDHu3
QN2g+BY9S3GUNg==
-----END CERTIFICATE-----