Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          NsrdhE1LdQ+Zi1IE2mfZDtHppUp8Ce3LFrCCBmo/Rdc=
Subject key identifier:   E1:22:05:B7:85:EF:9C:47:55:39:2F:92:1D:79:7A:17:AA:50:F8:A1
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       019A70A53EB8051DD078DFC06990938EA173
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          02BD
Signing time:             Tue 11 Nov 2025 02:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:08 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: OzCMSFGnkZYLPtrzqxhbSyI3Ob57cUAZ5fK6UGs/Bdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:3e:b8:05:1d:d0:78:df:c0:69:90:93:8e:a1:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Nov 11 02:01:08 2025 GMT
            Not After : Nov 12 02:01:08 2025 GMT
        Subject: CN=e12205b785ef9c4755392f921d797a17aa50f8a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c8:61:ae:ea:f3:8a:3d:e4:2b:69:69:22:13:
                    5c:ab:04:a0:b6:a6:ca:df:09:2e:7b:a6:64:9e:87:
                    5e:65:7b:01:27:a8:e7:ac:3c:8b:5d:3c:81:ba:6d:
                    46:00:ed:1e:29:16:c6:4c:f7:75:35:6b:0c:9c:50:
                    78:72:71:34:31:47:83:93:5e:06:f6:7c:56:3f:6f:
                    f4:c7:d6:bb:c5:76:e7:ed:3a:fb:6c:0b:95:96:c3:
                    e5:a3:ae:f7:14:61:d6:2a:cd:50:a9:39:69:5d:6c:
                    07:51:cc:2e:af:a7:0f:a0:9b:f8:f2:11:cf:04:39:
                    52:5b:09:fb:29:8b:db:72:51:63:a2:d6:5c:34:01:
                    79:24:6b:0e:e3:2e:91:64:27:43:62:25:ae:86:9e:
                    4a:3b:4a:7e:95:fd:c6:07:47:1a:84:e1:c6:ee:52:
                    07:59:d9:eb:50:3a:22:89:0b:95:d1:de:b5:9b:fe:
                    dc:84:ff:25:ef:7a:a1:75:71:6d:91:cb:4a:87:b9:
                    e2:d8:9a:73:ec:e4:b6:b3:9d:5e:6c:12:4b:26:75:
                    9d:7c:50:37:b9:01:7d:5a:33:bb:bd:59:7e:c2:a0:
                    44:61:1c:ba:6e:64:9c:0b:0c:ce:82:8e:42:76:e8:
                    42:f9:24:6c:36:f1:19:a1:a3:5d:ec:99:6c:0b:08:
                    ed:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:22:05:B7:85:EF:9C:47:55:39:2F:92:1D:79:7A:17:AA:50:F8:A1
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:50:40:77:1d:74:f6:4f:e7:0a:90:f2:f0:ce:a7:fd:21:fb:
         b8:bc:22:f8:71:ed:54:8e:86:7f:6e:f5:0a:37:ed:bd:80:94:
         e5:b1:b8:3b:be:1c:d9:7b:b8:d1:33:80:5b:85:6e:9f:fb:b1:
         c8:46:34:bc:38:f8:a9:17:f3:c0:ad:b2:cf:12:64:ed:09:f5:
         ae:75:57:39:be:1b:e8:2d:50:30:18:24:4a:15:07:fc:e7:db:
         43:e0:a0:e3:70:99:ee:53:1e:36:46:4f:7c:4c:cf:90:2c:97:
         6a:2c:34:a2:96:0d:1d:80:3b:54:af:a7:cd:e1:a9:20:bc:65:
         2b:33:c3:23:39:cd:d8:4d:19:da:2e:bb:24:fd:f1:0d:85:8a:
         27:eb:ac:00:38:3f:f7:7c:56:e4:04:12:30:bb:e0:bb:aa:e6:
         57:eb:10:43:08:f8:0c:fb:92:a4:a9:0a:b5:3d:48:99:a1:52:
         b3:64:64:02:50:56:a0:d0:11:a3:7b:ce:43:3b:ae:f7:a2:a4:
         65:7e:43:ed:17:71:f2:b5:c4:1f:50:f6:53:56:2b:d1:dd:ee:
         94:fd:ab:5d:3b:90:22:ae:6e:49:4e:ec:15:a9:02:2a:4e:d6:
         05:a2:b5:57:19:0c:94:ad:11:d3:0e:f4:fb:fc:52:b6:eb:08:
         39:0c:70:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpT64BR3QeN/AaZCTjqFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjUxMTExMDIwMTA4WhcNMjUxMTEyMDIwMTA4WjAzMTEwLwYDVQQD
EyhlMTIyMDViNzg1ZWY5YzQ3NTUzOTJmOTIxZDc5N2ExN2FhNTBmOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArchhrurzij3kK2lpIhNcqwSgtqbK
3wkue6ZknodeZXsBJ6jnrDyLXTyBum1GAO0eKRbGTPd1NWsMnFB4cnE0MUeDk14G
9nxWP2/0x9a7xXbn7Tr7bAuVlsPlo673FGHWKs1QqTlpXWwHUcwur6cPoJv48hHP
BDlSWwn7KYvbclFjotZcNAF5JGsO4y6RZCdDYiWuhp5KO0p+lf3GB0cahOHG7lIH
WdnrUDoiiQuV0d61m/7chP8l73qhdXFtkctKh7ni2Jpz7OS2s51ebBJLJnWdfFA3
uQF9WjO7vVl+wqBEYRy6bmScCwzOgo5CduhC+SRsNvEZoaNd7JlsCwjtQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEiBbeF75xHVTkvkh15eheqUPihMB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe1BAdx10
9k/nCpDy8M6n/SH7uLwi+HHtVI6Gf271CjftvYCU5bG4O74c2Xu40TOAW4Vun/ux
yEY0vDj4qRfzwK2yzxJk7Qn1rnVXOb4b6C1QMBgkShUH/OfbQ+Cg43CZ7lMeNkZP
fEzPkCyXaiw0opYNHYA7VK+nzeGpILxlKzPDIznN2E0Z2i67JP3xDYWKJ+usADg/
93xW5AQSMLvgu6rmV+sQQwj4DPuSpKkKtT1ImaFSs2RkAlBWoNARo3vOQzuu96Kk
ZX5D7Rdx8rXEH1D2U1Yr0d3ulP2rXTuQIq5uSU7sFakCKk7WBaK1VxkMlK0R0w70
+/xStusIOQxwUg==
-----END CERTIFICATE-----