Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          6LvS25VUwxGwfH+E9UZJ1SoLkJDH9pjb7u1pJ3AOPJg=
Subject key identifier:   72:7C:EC:CF:26:C9:F0:07:F7:C4:69:BE:38:A2:84:2F:1D:14:1F:47
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       01974A7A91C989773A98C327FC2043E792FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          08D9
Signing time:             Sat 07 Jun 2025 13:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:36 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: 4Jg0mcBNNCQ10OQPzPTWfM2sHVt7tuJbdo7QUOosnls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:91:c9:89:77:3a:98:c3:27:fc:20:43:e7:92:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Jun  7 13:00:36 2025 GMT
            Not After : Jun  8 13:00:36 2025 GMT
        Subject: CN=727ceccf26c9f007f7c469be38a2842f1d141f47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:e2:f8:d8:45:5c:96:ad:47:71:0a:76:e6:86:
                    6b:25:40:fa:7f:09:e4:dc:76:95:28:f0:c3:41:13:
                    89:a5:68:87:b4:2c:ec:d9:6b:9d:08:1f:ec:b7:78:
                    75:d7:48:5e:00:19:75:2c:4d:f5:cd:91:98:c1:94:
                    27:d4:ce:67:38:00:f7:2a:68:50:5c:29:da:1c:3d:
                    e7:a7:36:2e:d0:b3:21:42:96:ee:03:e9:84:6f:e8:
                    32:9e:bd:dd:ae:8d:b0:be:45:39:ea:67:39:b5:d3:
                    cf:09:02:63:4f:2b:f0:71:e2:60:36:82:ff:30:06:
                    b0:0e:12:56:12:b1:a9:8b:09:0a:2d:ca:f9:d9:d1:
                    aa:ab:a2:05:23:af:d0:b2:b6:82:4e:01:86:2f:d6:
                    d8:b9:f4:9d:96:5f:75:d0:9e:09:2b:e8:00:76:58:
                    3f:ce:5d:98:c6:33:01:56:72:f8:a0:18:21:41:de:
                    81:1b:c4:cf:49:4c:fc:cc:48:82:51:e6:8f:b0:8e:
                    d0:28:dd:cc:7c:d6:35:41:ff:53:8d:15:a7:51:ef:
                    8d:1c:fa:cc:90:a4:75:be:95:57:60:07:56:1a:b5:
                    a2:4d:cf:3d:89:4b:59:e7:f9:63:fc:dc:bb:b5:9b:
                    f2:0d:51:f0:ec:de:a4:72:14:6d:ad:e0:39:97:f9:
                    24:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7C:EC:CF:26:C9:F0:07:F7:C4:69:BE:38:A2:84:2F:1D:14:1F:47
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:48:1c:8b:e6:d6:91:b0:56:04:28:d0:8a:ce:43:ef:38:91:
         fe:7d:c9:68:4b:47:ae:dd:20:93:a4:29:2f:af:03:1d:67:29:
         ef:81:c1:8f:3e:56:e9:1d:41:74:f4:74:50:67:27:51:e1:7b:
         e6:43:45:c1:4c:f6:43:08:28:e3:1d:dc:32:d3:59:18:ad:59:
         e1:db:58:58:68:fe:56:05:35:15:ff:28:20:7a:6a:48:0a:90:
         e8:cd:9a:d0:ab:65:50:1d:c0:2a:1f:ae:90:a0:71:c6:22:76:
         41:e4:ba:ad:ef:cb:6e:5a:a5:a4:2f:92:ee:3c:45:95:1d:e7:
         8a:c9:50:51:f8:3c:5b:bb:70:69:cb:9d:67:a1:8b:8b:d0:3c:
         76:08:0a:fd:12:2a:bb:4a:cf:64:05:3f:e1:9b:64:32:7d:d2:
         aa:dc:4e:09:8f:b1:de:7f:fc:6b:11:46:a8:1e:25:bf:ff:69:
         b6:fd:17:6d:46:c6:8d:00:02:3a:91:53:93:1b:59:e5:f1:7b:
         98:45:65:6d:69:e3:a3:39:27:54:ab:16:ae:89:8e:a3:4c:41:
         af:99:38:2f:28:2a:b5:bc:1d:74:45:94:85:c5:88:6e:c8:dc:
         6f:0c:f6:4d:c0:de:3c:3f:70:67:ce:83:bc:20:5a:0d:99:61:
         a5:1e:66:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKepHJiXc6mMMn/CBD55L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjUwNjA3MTMwMDM2WhcNMjUwNjA4MTMwMDM2WjAzMTEwLwYDVQQD
Eyg3MjdjZWNjZjI2YzlmMDA3ZjdjNDY5YmUzOGEyODQyZjFkMTQxZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eL42EVclq1HcQp25oZrJUD6fwnk
3HaVKPDDQROJpWiHtCzs2WudCB/st3h110heABl1LE31zZGYwZQn1M5nOAD3KmhQ
XCnaHD3npzYu0LMhQpbuA+mEb+gynr3dro2wvkU56mc5tdPPCQJjTyvwceJgNoL/
MAawDhJWErGpiwkKLcr52dGqq6IFI6/QsraCTgGGL9bYufSdll910J4JK+gAdlg/
zl2YxjMBVnL4oBghQd6BG8TPSUz8zEiCUeaPsI7QKN3MfNY1Qf9TjRWnUe+NHPrM
kKR1vpVXYAdWGrWiTc89iUtZ5/lj/Ny7tZvyDVHw7N6kchRtreA5l/kkWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJ87M8myfAH98RpvjiihC8dFB9HMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEgci+bW
kbBWBCjQis5D7ziR/n3JaEtHrt0gk6QpL68DHWcp74HBjz5W6R1BdPR0UGcnUeF7
5kNFwUz2Qwgo4x3cMtNZGK1Z4dtYWGj+VgU1Ff8oIHpqSAqQ6M2a0KtlUB3AKh+u
kKBxxiJ2QeS6re/LblqlpC+S7jxFlR3nislQUfg8W7twacudZ6GLi9A8dggK/RIq
u0rPZAU/4ZtkMn3SqtxOCY+x3n/8axFGqB4lv/9ptv0XbUbGjQACOpFTkxtZ5fF7
mEVlbWnjozknVKsWromOo0xBr5k4LygqtbwddEWUhcWIbsjcbwz2TcDePD9wZ86D
vCBaDZlhpR5mmw==
-----END CERTIFICATE-----