Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          DzsYCjpoLCzXvP7A+Dmfkpexj7I5EjnRY3hnqUiLZ4U=
Subject key identifier:   BC:E1:03:5D:17:3C:3A:4B:FE:A4:F3:65:4A:C1:85:FC:91:5C:E3:0F
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019923A085EA17BCABFF1D193AE37E8CDA02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0AE8
Signing time:             Sun 07 Sep 2025 10:02:26 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:26 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:26 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: S6MUPNTviLXOsHyG/FLLcjs8R6afq/5NAkqEJkcNeLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:85:ea:17:bc:ab:ff:1d:19:3a:e3:7e:8c:da:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Sep  7 10:02:26 2025 GMT
            Not After : Sep  8 10:02:26 2025 GMT
        Subject: CN=bce1035d173c3a4bfea4f3654ac185fc915ce30f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:96:db:69:46:09:58:ea:2e:b7:6b:9d:08:0d:
                    f4:e8:78:c6:f7:8c:61:55:5b:2f:f6:a9:58:d1:03:
                    fc:07:03:c2:c2:9e:45:10:d5:c8:85:be:7f:7e:a6:
                    75:b0:da:cd:04:95:0a:08:0d:f7:4d:d7:9d:b6:a6:
                    57:6a:b6:c0:6a:a6:95:ad:26:9f:1e:ed:fe:ef:26:
                    f7:c6:17:7c:43:fe:5e:19:5c:ed:dd:85:8e:62:2c:
                    51:e2:76:19:84:61:e4:d7:da:67:43:04:af:29:f4:
                    1f:71:4b:48:a3:a2:23:18:7e:3a:21:0e:76:d8:5e:
                    65:a7:53:2f:cc:9a:cc:7e:5f:bc:33:44:ee:39:d5:
                    75:c9:6b:97:e9:5a:2d:79:4f:23:65:31:a8:fb:33:
                    66:3f:4a:1d:3d:42:2f:41:b0:83:a6:a2:07:84:e8:
                    47:b8:cf:25:94:ac:11:81:98:32:e3:ee:38:42:18:
                    fe:5c:0d:42:5b:ea:d9:f0:0c:37:b1:90:10:c1:c6:
                    a5:ae:e4:79:4d:8e:ed:9f:7b:93:21:d8:b2:ee:de:
                    2f:de:da:72:6f:cd:30:d3:04:32:b1:5e:58:8f:0a:
                    35:f3:5a:4f:0a:31:76:2b:79:21:47:f3:64:c3:27:
                    cb:a9:c0:ce:04:c0:f2:9e:93:fd:86:42:fe:eb:72:
                    09:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:E1:03:5D:17:3C:3A:4B:FE:A4:F3:65:4A:C1:85:FC:91:5C:E3:0F
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:9e:97:12:a9:18:2b:d4:92:2b:2f:b7:bc:97:2f:86:af:3b:
         e1:d6:75:88:72:b8:81:b1:e6:56:67:98:cc:ac:72:6d:e2:e9:
         26:fe:1d:6f:47:eb:1a:84:ad:ef:10:dd:84:88:ee:20:5a:98:
         99:b2:d1:96:e3:12:d5:55:57:8e:12:32:f2:e7:05:cf:e8:a8:
         fd:bb:6c:57:4e:4d:bb:27:d5:62:9f:da:dd:00:30:f1:fc:f3:
         3c:9a:e2:fc:a4:82:54:a7:79:d2:f4:1f:aa:da:45:47:4c:c9:
         af:46:f2:7d:fa:be:7e:66:b1:9f:81:7d:d1:dd:fa:8f:a0:b6:
         89:c1:c3:13:ff:4a:04:b3:21:fb:3e:66:48:57:d0:c3:fa:28:
         46:f8:e0:08:7e:a7:e0:39:3d:31:2f:7a:f3:0f:27:ed:25:71:
         5f:1c:ce:c1:d2:15:98:2a:9e:58:9d:d7:fc:1c:42:14:56:7f:
         78:89:4d:0c:80:4f:4a:66:7e:d7:a1:fe:8e:2d:4c:1c:37:03:
         2e:ec:33:ed:92:77:22:f9:1a:d4:9b:9a:62:7f:ac:33:37:6b:
         ca:c0:9a:90:c2:49:1e:c5:39:64:5c:6f:2e:1b:44:26:ec:67:
         3c:1e:de:eb:b0:94:f0:6d:61:a9:a3:37:ad:81:5f:aa:d8:6d:
         c9:c2:f6:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIXqF7yr/x0ZOuN+jNoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUwOTA3MTAwMjI2WhcNMjUwOTA4MTAwMjI2WjAzMTEwLwYDVQQD
EyhiY2UxMDM1ZDE3M2MzYTRiZmVhNGYzNjU0YWMxODVmYzkxNWNlMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZbbaUYJWOout2udCA306HjG94xh
VVsv9qlY0QP8BwPCwp5FENXIhb5/fqZ1sNrNBJUKCA33TdedtqZXarbAaqaVrSaf
Hu3+7yb3xhd8Q/5eGVzt3YWOYixR4nYZhGHk19pnQwSvKfQfcUtIo6IjGH46IQ52
2F5lp1MvzJrMfl+8M0TuOdV1yWuX6VoteU8jZTGo+zNmP0odPUIvQbCDpqIHhOhH
uM8llKwRgZgy4+44Qhj+XA1CW+rZ8Aw3sZAQwcalruR5TY7tn3uTIdiy7t4v3tpy
b80w0wQysV5Yjwo181pPCjF2K3khR/NkwyfLqcDOBMDynpP9hkL+63IJlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzhA10XPDpL/qTzZUrBhfyRXOMPMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZ6XEqkY
K9SSKy+3vJcvhq874dZ1iHK4gbHmVmeYzKxybeLpJv4db0frGoSt7xDdhIjuIFqY
mbLRluMS1VVXjhIy8ucFz+io/btsV05NuyfVYp/a3QAw8fzzPJri/KSCVKd50vQf
qtpFR0zJr0byffq+fmaxn4F90d36j6C2icHDE/9KBLMh+z5mSFfQw/ooRvjgCH6n
4Dk9MS968w8n7SVxXxzOwdIVmCqeWJ3X/BxCFFZ/eIlNDIBPSmZ+16H+ji1MHDcD
Luwz7ZJ3Ivka1JuaYn+sMzdrysCakMJJHsU5ZFxvLhtEJuxnPB7e67CU8G1hqaM3
rYFfqthtycL2/g==
-----END CERTIFICATE-----