Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
File:                     HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json)
Hash identifier:          DwYzNhFYkOfbqM4XaXJ9N4inx8o8rDVjhs8WzuIa4O8=
Subject key identifier:   FC:57:2F:D8:95:D9:11:42:74:54:8F:18:1D:7C:F5:4F:2A:4A:3F:4D
Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58
Certificate issuer:       /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
Certificate serial:       019A4DE18ABB129193F26C3A8B0414EDF2F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
Manifest number:          03E3
Signing time:             Tue 04 Nov 2025 08:00:17 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:17 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:17 +0000
Files and hashes:         1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: 7xtJRVg6vmrlkN344Woxgz1IvraeaZ1AsCtUaORzetc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:8a:bb:12:91:93:f2:6c:3a:8b:04:14:ed:f2:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358
        Validity
            Not Before: Nov  4 08:00:17 2025 GMT
            Not After : Nov  5 08:00:17 2025 GMT
        Subject: CN=fc572fd895d9114274548f181d7cf54f2a4a3f4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e4:cc:58:19:9b:da:4e:2b:b8:76:07:b0:82:
                    b4:2f:1c:5f:dc:c7:d6:a9:a0:3c:9f:d5:90:6c:8f:
                    9a:7b:d1:16:d3:11:be:b0:c2:a3:41:a4:df:17:5f:
                    f7:43:b9:f9:06:2d:58:6a:90:4f:eb:c8:ed:f6:5e:
                    c9:31:70:a4:7e:1f:92:c2:fd:e2:67:7e:76:c7:14:
                    e2:f3:c7:31:01:ed:ab:d4:7f:c2:be:4d:c0:3e:a3:
                    0c:14:e4:7d:b6:42:6d:88:c5:73:8a:12:66:60:fc:
                    62:24:67:52:78:97:3e:67:cc:b6:be:93:fa:13:ad:
                    cc:22:3b:b0:4d:12:6d:e9:d5:c9:e9:c2:de:5f:43:
                    e5:17:ff:76:3c:9c:fa:97:ca:d8:fd:3d:4a:7e:f1:
                    f7:f1:dd:bd:ea:3b:21:01:9c:a2:cd:3e:f3:c2:76:
                    a2:d4:43:61:bd:ed:d4:6e:0a:6b:4f:7f:62:ed:88:
                    38:34:08:d5:9a:93:b9:8f:a4:61:6d:c9:ab:2a:44:
                    78:40:87:a9:b9:69:9d:1e:cb:e3:98:da:00:75:78:
                    be:9b:30:cb:1a:7c:2f:14:ed:74:12:1e:04:a0:23:
                    6a:4d:36:6c:80:99:5c:d8:e2:6b:33:d5:18:c4:2f:
                    50:0e:61:4e:13:29:86:6d:e6:91:96:8f:94:61:cb:
                    fc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:57:2F:D8:95:D9:11:42:74:54:8F:18:1D:7C:F5:4F:2A:4A:3F:4D
            X509v3 Authority Key Identifier:
                keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:8d:c3:14:a0:9e:11:2d:93:a1:3a:84:84:3a:0c:f9:61:ff:
         1d:7c:5b:fe:af:6f:6d:d3:37:56:55:bd:e3:f1:a2:fc:50:de:
         f6:b3:93:86:85:e9:89:f9:a9:c9:8d:0b:9c:1e:df:3a:da:01:
         3c:d6:d2:bb:e9:a2:c7:8a:10:f2:99:7f:e6:03:0b:ae:3e:df:
         d6:60:c4:7b:f7:d5:05:07:27:91:7a:3c:97:c7:1a:14:e2:e8:
         de:bb:aa:60:10:8b:fd:91:23:12:a3:bc:06:b0:7b:35:c0:08:
         0e:45:f6:ee:f3:eb:cd:f6:c9:64:eb:1d:6f:98:e9:d2:ef:32:
         01:d9:ba:1f:28:bf:19:b9:d9:25:3e:ef:10:3e:bf:29:6f:c2:
         31:ce:bc:16:49:5f:5e:5f:20:5c:d7:f9:6b:f8:b3:ac:c1:13:
         3a:b6:04:de:88:3e:cd:a8:a9:a8:da:71:f7:7f:8d:a0:57:4c:
         11:c2:c2:ec:c2:71:d1:b1:70:db:93:9c:3a:68:1e:81:43:29:
         67:dc:54:c2:8f:94:a1:72:32:e1:a2:a5:14:6e:54:6d:ca:ad:
         a5:08:15:02:5a:ff:97:d5:26:e8:84:fe:08:5b:99:e6:65:f1:
         29:18:79:07:a8:28:2e:10:9f:c6:b3:3c:69:c2:45:11:39:62:
         8e:12:55:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4Yq7EpGT8mw6iwQU7fL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl
ODczNTgwHhcNMjUxMTA0MDgwMDE3WhcNMjUxMTA1MDgwMDE3WjAzMTEwLwYDVQQD
EyhmYzU3MmZkODk1ZDkxMTQyNzQ1NDhmMTgxZDdjZjU0ZjJhNGEzZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+TMWBmb2k4ruHYHsIK0Lxxf3MfW
qaA8n9WQbI+ae9EW0xG+sMKjQaTfF1/3Q7n5Bi1YapBP68jt9l7JMXCkfh+Swv3i
Z352xxTi88cxAe2r1H/Cvk3APqMMFOR9tkJtiMVzihJmYPxiJGdSeJc+Z8y2vpP6
E63MIjuwTRJt6dXJ6cLeX0PlF/92PJz6l8rY/T1KfvH38d296jshAZyizT7zwnai
1ENhve3UbgprT39i7Yg4NAjVmpO5j6RhbcmrKkR4QIepuWmdHsvjmNoAdXi+mzDL
GnwvFO10Eh4EoCNqTTZsgJlc2OJrM9UYxC9QDmFOEymGbeaRlo+UYcv8RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxXL9iV2RFCdFSPGB189U8qSj9NMB8GA1UdIwQY
MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt
OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0
LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfI3DFKCe
ES2ToTqEhDoM+WH/HXxb/q9vbdM3VlW94/Gi/FDe9rOThoXpifmpyY0LnB7fOtoB
PNbSu+mix4oQ8pl/5gMLrj7f1mDEe/fVBQcnkXo8l8caFOLo3ruqYBCL/ZEjEqO8
BrB7NcAIDkX27vPrzfbJZOsdb5jp0u8yAdm6Hyi/GbnZJT7vED6/KW/CMc68Fklf
Xl8gXNf5a/izrMETOrYE3og+zaipqNpx93+NoFdMEcLC7MJx0bFw25OcOmgegUMp
Z9xUwo+UoXIy4aKlFG5UbcqtpQgVAlr/l9Um6IT+CFuZ5mXxKRh5B6goLhCfxrM8
acJFETlijhJVoA==
-----END CERTIFICATE-----