Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
File:                     HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json)
Hash identifier:          HwsqTRMUDvO/6BceN+rh+138qBmTX1HUd6T2XGWgIeg=
Subject key identifier:   7D:9E:91:32:D3:27:44:66:11:FA:E7:C1:22:85:7D:F1:16:52:12:89
Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6
Certificate issuer:       /CN=1db690606199a5d486789c43dbffd0c065bddce6
Certificate serial:       019922FA221DB2EFDB8E61C5BFD41DAE7896
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
Manifest number:          04A7
Signing time:             Sun 07 Sep 2025 07:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:41 +0000
Files and hashes:         1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: YlMn8OIgoHGh4eiwyW4fNG1W8VhYiqNYnc0/heZwU4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:22:1d:b2:ef:db:8e:61:c5:bf:d4:1d:ae:78:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6
        Validity
            Not Before: Sep  7 07:00:41 2025 GMT
            Not After : Sep  8 07:00:41 2025 GMT
        Subject: CN=7d9e9132d327446611fae7c122857df116521289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ac:90:e3:0a:3f:c0:b2:14:92:b3:58:4d:75:
                    01:68:74:dd:aa:1d:61:c6:34:c8:f2:d8:e6:77:a6:
                    db:f2:49:90:cf:a8:98:df:4c:cd:62:2a:8f:cd:77:
                    63:cb:62:0e:09:43:57:22:af:a7:b7:a0:d8:ac:f2:
                    54:7e:34:a6:6b:7d:ba:2f:fb:6f:88:63:39:b9:25:
                    f9:48:ac:cb:7d:a7:0a:4c:6e:ba:fd:0c:e1:fd:fd:
                    3b:05:eb:dc:5a:0c:0d:6e:27:87:de:e2:4f:dc:2b:
                    30:6e:3e:9e:e9:83:3a:79:a7:41:8b:72:ca:e6:85:
                    95:26:39:8f:92:9d:e1:02:c3:a7:78:ee:81:82:b8:
                    1a:18:83:0b:68:9a:ae:6a:f2:7d:6e:56:f1:da:4a:
                    0f:d6:46:bb:6d:d0:e4:4a:0e:27:af:3f:f7:eb:be:
                    b1:1b:c8:22:a6:fd:86:44:69:84:ce:9d:1e:96:9f:
                    32:ef:2f:57:5c:ad:b5:0e:11:57:57:aa:d7:01:e1:
                    57:21:4a:19:c7:27:81:e6:c2:ac:0e:d6:60:b9:22:
                    e1:ae:e5:ca:7f:51:cf:e5:b5:18:cc:48:de:31:e8:
                    fb:43:7a:0a:26:71:0e:14:36:1f:12:66:28:cc:d4:
                    4c:c4:b6:5b:25:4f:07:cd:70:fe:d4:e2:16:1b:ce:
                    09:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:9E:91:32:D3:27:44:66:11:FA:E7:C1:22:85:7D:F1:16:52:12:89
            X509v3 Authority Key Identifier:
                keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:54:21:9c:2e:9a:16:31:1a:2a:11:2a:87:52:b3:a2:6d:aa:
         01:fa:4a:91:57:50:3d:54:a6:20:fe:f3:2d:4b:6e:c7:d6:3c:
         54:6f:5d:66:94:0b:48:97:93:a3:c9:ca:f2:bc:f1:5d:5e:b1:
         68:63:a8:98:49:d1:87:0b:54:43:4e:03:1d:f1:34:24:fa:0e:
         3e:4b:40:c6:14:17:85:a0:53:e4:2d:f2:1c:e4:da:9c:ce:a1:
         40:e2:f5:3e:e3:ab:bf:6e:e7:2c:d2:60:c6:86:49:6d:36:2d:
         95:01:2e:d0:36:88:03:ec:47:f7:59:20:c7:23:3a:5d:44:4b:
         f0:a9:2e:9d:9d:a3:7a:87:f0:6f:61:34:fd:c0:36:c1:44:e4:
         86:d9:c8:49:36:f4:3b:5d:26:97:1e:15:d5:55:47:af:19:f5:
         f5:0c:a8:64:17:3f:08:f3:37:1b:e0:81:aa:db:ef:f3:66:1e:
         f3:c6:42:0e:8e:b9:e7:d4:5c:27:4a:3e:e3:ed:c7:54:d3:f9:
         08:ee:a2:15:ad:c1:57:e6:ec:66:9f:53:96:08:31:56:43:e4:
         3c:97:c2:3c:f6:ef:10:e4:5b:66:1d:fc:be:e8:87:23:02:a1:
         ec:92:f3:78:74:fd:29:b8:2c:f7:71:c4:3f:cc:77:ad:8d:46:
         22:39:a0:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+iIdsu/bjmHFv9QdrniWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi
ZGRjZTYwHhcNMjUwOTA3MDcwMDQxWhcNMjUwOTA4MDcwMDQxWjAzMTEwLwYDVQQD
Eyg3ZDllOTEzMmQzMjc0NDY2MTFmYWU3YzEyMjg1N2RmMTE2NTIxMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ayQ4wo/wLIUkrNYTXUBaHTdqh1h
xjTI8tjmd6bb8kmQz6iY30zNYiqPzXdjy2IOCUNXIq+nt6DYrPJUfjSma326L/tv
iGM5uSX5SKzLfacKTG66/Qzh/f07BevcWgwNbieH3uJP3Cswbj6e6YM6eadBi3LK
5oWVJjmPkp3hAsOneO6BgrgaGIMLaJquavJ9blbx2koP1ka7bdDkSg4nrz/3676x
G8gipv2GRGmEzp0elp8y7y9XXK21DhFXV6rXAeFXIUoZxyeB5sKsDtZguSLhruXK
f1HP5bUYzEjeMej7Q3oKJnEOFDYfEmYozNRMxLZbJU8HzXD+1OIWG84JrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2ekTLTJ0RmEfrnwSKFffEWUhKJMB8GA1UdIwQY
MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt
ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1
LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlQhnC6a
FjEaKhEqh1Kzom2qAfpKkVdQPVSmIP7zLUtux9Y8VG9dZpQLSJeTo8nK8rzxXV6x
aGOomEnRhwtUQ04DHfE0JPoOPktAxhQXhaBT5C3yHOTanM6hQOL1PuOrv27nLNJg
xoZJbTYtlQEu0DaIA+xH91kgxyM6XURL8KkunZ2jeofwb2E0/cA2wUTkhtnISTb0
O10mlx4V1VVHrxn19QyoZBc/CPM3G+CBqtvv82Ye88ZCDo6559RcJ0o+4+3HVNP5
CO6iFa3BV+bsZp9TlggxVkPkPJfCPPbvEORbZh38vuiHIwKh7JLzeHT9Kbgs93HE
P8x3rY1GIjmgnQ==
-----END CERTIFICATE-----