Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          lWUC4aN6oLFrJ3CZERKiuErutoC3JICdAC3rS45ZMfs=
Subject key identifier:   9F:B1:DB:5C:9E:12:9B:0A:AA:44:40:0F:DE:41:6B:31:51:61:6B:F5
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019A7112EC15FCC7AF92281A421387FF9213
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          0554
Signing time:             Tue 11 Nov 2025 04:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:56 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: wWTQIXPp5ydoJNswR1D918S5Sxclp5pT1RySD6t2P30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:ec:15:fc:c7:af:92:28:1a:42:13:87:ff:92:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Nov 11 04:00:56 2025 GMT
            Not After : Nov 12 04:00:56 2025 GMT
        Subject: CN=9fb1db5c9e129b0aaa44400fde416b3151616bf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:29:c5:31:9a:9a:52:80:a7:5a:da:bd:01:43:
                    c6:55:4a:b1:0d:71:b2:62:5b:9b:71:05:7f:2a:f8:
                    43:0e:ba:8e:2d:d3:49:6b:f5:e7:e3:34:83:40:2b:
                    de:39:2f:16:57:63:f1:ac:b1:6f:2c:fc:db:fa:83:
                    49:fd:5f:ec:b3:ed:14:65:6b:4c:31:7c:fa:97:4b:
                    74:d0:b2:04:98:b1:66:b4:0e:3f:c5:5a:57:4d:3d:
                    f7:08:60:50:3b:01:8c:1f:e6:cb:e6:f9:2d:9e:24:
                    04:51:53:43:66:a7:5b:cf:ea:29:11:4b:3d:68:26:
                    82:40:68:d2:17:93:b6:2f:8a:5d:5c:cb:51:84:7f:
                    b6:6b:19:ee:36:14:3c:45:c2:b9:61:17:19:f9:04:
                    a8:03:18:d1:80:3f:56:4b:f2:74:47:d8:bc:da:23:
                    09:ca:87:cb:3f:3d:d9:eb:8b:31:29:86:51:b0:af:
                    5c:ec:e1:2a:b2:8c:18:72:88:c3:63:0a:d1:67:39:
                    43:af:f3:7a:5f:a3:c3:b0:99:ef:3d:06:fe:2b:b2:
                    37:b4:89:0b:f4:13:48:e1:f3:f9:22:a0:a2:68:90:
                    23:57:15:9f:6c:58:d0:8f:3a:0b:2a:ee:db:4f:24:
                    a1:a2:b9:45:ce:bf:e0:81:8e:5c:01:f2:e6:cb:64:
                    24:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B1:DB:5C:9E:12:9B:0A:AA:44:40:0F:DE:41:6B:31:51:61:6B:F5
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:61:7e:69:b7:1c:b7:6a:f2:70:36:b3:87:61:2e:e9:fe:be:
         d3:e0:f1:7e:51:c8:b6:ae:9f:ac:39:cd:a8:57:1d:80:29:46:
         e3:7e:50:18:de:fd:d8:ed:e3:d0:8b:5f:f4:1f:60:2b:50:a0:
         3a:62:3c:bd:ad:67:bb:5e:da:4a:f8:5c:3b:be:bb:fb:6a:ba:
         f9:fa:c7:57:4a:22:17:20:20:f5:66:80:2d:23:de:ab:49:1c:
         5b:9d:ee:b2:24:63:3a:dc:47:99:59:6f:6c:c5:57:c2:c2:16:
         53:15:5c:c4:f9:25:f1:31:0e:da:b5:15:2a:32:ad:e4:46:53:
         12:85:02:f9:87:04:09:77:27:26:bd:f7:dc:34:72:62:57:f2:
         64:b0:4e:4b:79:7f:3c:64:85:d3:c5:f9:a6:66:ca:0d:61:0b:
         6a:b7:2b:0d:93:5a:6f:c5:fc:29:2f:6e:8d:70:31:79:d0:d9:
         ac:18:6e:fa:5c:eb:ed:64:e3:95:7f:22:80:0f:c8:40:22:16:
         9a:ec:39:69:99:87:25:34:e8:c6:e8:47:66:e2:58:12:bc:42:
         bd:a4:03:1c:26:00:64:f9:df:83:55:06:80:e5:44:30:6c:be:
         8d:81:d3:9a:40:f0:56:40:7e:36:ba:8b:73:78:57:68:e4:89:
         c3:68:02:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEuwV/MevkigaQhOH/5ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUxMTExMDQwMDU2WhcNMjUxMTEyMDQwMDU2WjAzMTEwLwYDVQQD
Eyg5ZmIxZGI1YzllMTI5YjBhYWE0NDQwMGZkZTQxNmIzMTUxNjE2YmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmynFMZqaUoCnWtq9AUPGVUqxDXGy
YlubcQV/KvhDDrqOLdNJa/Xn4zSDQCveOS8WV2PxrLFvLPzb+oNJ/V/ss+0UZWtM
MXz6l0t00LIEmLFmtA4/xVpXTT33CGBQOwGMH+bL5vktniQEUVNDZqdbz+opEUs9
aCaCQGjSF5O2L4pdXMtRhH+2axnuNhQ8RcK5YRcZ+QSoAxjRgD9WS/J0R9i82iMJ
yofLPz3Z64sxKYZRsK9c7OEqsowYcojDYwrRZzlDr/N6X6PDsJnvPQb+K7I3tIkL
9BNI4fP5IqCiaJAjVxWfbFjQjzoLKu7bTyShorlFzr/ggY5cAfLmy2QkkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+x21yeEpsKqkRAD95BazFRYWv1MB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdWF+abcc
t2rycDazh2Eu6f6+0+DxflHItq6frDnNqFcdgClG435QGN792O3j0Itf9B9gK1Cg
OmI8va1nu17aSvhcO767+2q6+frHV0oiFyAg9WaALSPeq0kcW53usiRjOtxHmVlv
bMVXwsIWUxVcxPkl8TEO2rUVKjKt5EZTEoUC+YcECXcnJr333DRyYlfyZLBOS3l/
PGSF08X5pmbKDWELarcrDZNab8X8KS9ujXAxedDZrBhu+lzr7WTjlX8igA/IQCIW
muw5aZmHJTToxuhHZuJYErxCvaQDHCYAZPnfg1UGgOVEMGy+jYHTmkDwVkB+NrqL
c3hXaOSJw2gCtg==
-----END CERTIFICATE-----