Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          ynF1RU3W+DLoXo8RxKugKVlEORXc/0sOSoxxSnZyIAc=
Subject key identifier:   DC:8E:3C:43:BF:FE:74:1E:B8:7D:F7:35:5E:F7:D2:B5:44:10:97:E7
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       019A73A656C7B5C20DDABD53E18B05A38EE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          0A7C
Signing time:             Tue 11 Nov 2025 16:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:12 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: J/eHr7CQJSTQE5ilrwOf/IygvDdAz1RU6WQonf9iMaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:56:c7:b5:c2:0d:da:bd:53:e1:8b:05:a3:8e:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Nov 11 16:01:12 2025 GMT
            Not After : Nov 12 16:01:12 2025 GMT
        Subject: CN=dc8e3c43bffe741eb87df7355ef7d2b5441097e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:cb:34:10:9c:59:b1:07:91:88:79:ce:0f:25:
                    c8:ff:9d:e0:1a:d1:4e:13:a6:46:0e:63:2c:be:e0:
                    57:d5:94:83:36:10:21:d5:71:23:b8:27:f9:39:31:
                    28:c4:d3:ef:2f:78:ea:95:89:4a:6f:80:fe:aa:b6:
                    ed:dd:b7:a8:36:98:61:11:2e:e4:0c:73:79:9a:e9:
                    56:a9:34:82:4c:fc:da:b0:c7:58:a6:75:ae:0d:8e:
                    78:d4:73:e8:8e:41:19:28:fe:49:e4:2f:eb:f0:be:
                    69:d0:08:37:13:45:b4:6a:4e:cc:2d:e3:2b:7d:86:
                    d5:5d:b1:9c:eb:52:2f:45:95:ed:9d:44:6b:fc:30:
                    78:26:a9:0a:e3:42:50:38:1d:3c:ed:b4:c0:2a:32:
                    6e:ea:f9:54:2f:33:b1:c3:fb:d3:cf:23:89:3f:df:
                    ef:b9:3a:1b:b1:2f:eb:2a:f6:18:40:4a:e5:af:ba:
                    3c:5a:00:5c:83:72:42:d3:c8:67:a5:f9:4d:0a:61:
                    69:96:06:c0:bf:8a:65:35:2a:04:53:e6:20:a2:b0:
                    1d:ba:da:18:3d:4c:e0:1c:8c:fb:69:64:0d:81:f9:
                    a5:aa:f6:68:f6:b3:3a:01:2a:ab:dc:ec:71:74:a8:
                    b0:18:f4:10:81:10:e3:7c:ad:74:7a:f3:87:83:a8:
                    bc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:8E:3C:43:BF:FE:74:1E:B8:7D:F7:35:5E:F7:D2:B5:44:10:97:E7
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:5a:4e:36:8d:02:28:e9:1d:ed:75:33:58:02:7b:4f:6e:de:
         a7:71:ff:5f:56:08:6e:53:eb:83:ad:d0:92:fe:05:94:1f:12:
         dc:ca:a3:85:02:f9:bf:b6:61:13:47:71:01:d3:b1:23:68:8a:
         f6:4f:96:74:f3:90:4d:f7:9f:db:22:22:27:e6:ab:a7:d1:a3:
         e9:0f:5d:aa:18:42:c2:1f:9f:a1:c0:c3:00:56:a7:e9:4b:ee:
         7c:92:2b:23:66:c9:14:47:eb:84:10:82:3b:d9:d7:5a:f9:9e:
         6b:8a:50:46:f4:62:f4:46:74:24:b2:9a:0b:71:b3:5d:07:93:
         9f:f2:18:a9:6f:b6:dd:d1:af:0a:2f:12:e2:c4:fa:7a:11:34:
         02:a7:90:71:b8:2d:b4:ff:62:14:14:8e:56:22:e7:41:5f:30:
         d0:20:67:4b:9a:3d:ec:3e:4b:95:3d:16:d3:4c:78:83:35:e3:
         a9:c1:f1:fe:9a:b6:fd:ee:71:00:81:af:38:c9:a0:27:29:0e:
         f6:20:91:77:cb:fe:c6:02:1d:dd:08:79:fb:8d:2c:44:dd:3a:
         e1:b9:40:d6:e0:b6:82:5e:2a:a0:e3:fc:80:4c:ff:80:e9:ca:
         6a:bd:7b:6a:7d:d8:28:91:04:2a:ee:ca:ac:ce:e7:de:27:c9:
         4a:52:46:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzplbHtcIN2r1T4YsFo47kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjUxMTExMTYwMTEyWhcNMjUxMTEyMTYwMTEyWjAzMTEwLwYDVQQD
EyhkYzhlM2M0M2JmZmU3NDFlYjg3ZGY3MzU1ZWY3ZDJiNTQ0MTA5N2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ms0EJxZsQeRiHnODyXI/53gGtFO
E6ZGDmMsvuBX1ZSDNhAh1XEjuCf5OTEoxNPvL3jqlYlKb4D+qrbt3beoNphhES7k
DHN5mulWqTSCTPzasMdYpnWuDY541HPojkEZKP5J5C/r8L5p0Ag3E0W0ak7MLeMr
fYbVXbGc61IvRZXtnURr/DB4JqkK40JQOB087bTAKjJu6vlULzOxw/vTzyOJP9/v
uTobsS/rKvYYQErlr7o8WgBcg3JC08hnpflNCmFplgbAv4plNSoEU+YgorAdutoY
PUzgHIz7aWQNgfmlqvZo9rM6ASqr3OxxdKiwGPQQgRDjfK10evOHg6i8RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyOPEO//nQeuH33NV730rVEEJfnMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFpONo0C
KOkd7XUzWAJ7T27ep3H/X1YIblPrg63Qkv4FlB8S3MqjhQL5v7ZhE0dxAdOxI2iK
9k+WdPOQTfef2yIiJ+arp9Gj6Q9dqhhCwh+focDDAFan6UvufJIrI2bJFEfrhBCC
O9nXWvmea4pQRvRi9EZ0JLKaC3GzXQeTn/IYqW+23dGvCi8S4sT6ehE0AqeQcbgt
tP9iFBSOViLnQV8w0CBnS5o97D5LlT0W00x4gzXjqcHx/pq2/e5xAIGvOMmgJykO
9iCRd8v+xgId3Qh5+40sRN064blA1uC2gl4qoOP8gEz/gOnKar17an3YKJEEKu7K
rM7n3ifJSlJGCg==
-----END CERTIFICATE-----