Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          s6Kku6eQpgOuLDs7MH8N/YHtYQ823gGAzihHCwn8y+0=
Subject key identifier:   73:5B:96:A6:95:EF:2B:29:F9:67:17:81:9F:9F:CE:52:D4:AB:9A:36
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019A725CDCD0994BF946CC726E33B0E5DBF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          1720
Signing time:             Tue 11 Nov 2025 10:01:19 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:19 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:19 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: 9/AKWPGDWWNkvTJPt8yfLfwJvIMYtJoHmJToaQtOCoo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:dc:d0:99:4b:f9:46:cc:72:6e:33:b0:e5:db:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Nov 11 10:01:19 2025 GMT
            Not After : Nov 12 10:01:19 2025 GMT
        Subject: CN=735b96a695ef2b29f96717819f9fce52d4ab9a36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fe:d1:a5:80:99:d7:9b:d7:f6:70:ea:15:10:
                    02:8c:15:7f:44:ab:48:23:c8:96:cc:96:c0:56:f1:
                    85:bd:bd:de:af:77:eb:85:67:94:aa:09:c5:19:83:
                    c7:74:00:1a:90:36:29:87:1e:12:25:7e:b9:93:8b:
                    3b:a3:b9:98:b5:11:06:51:18:7d:36:b2:45:3d:eb:
                    82:29:2e:6b:23:5f:7d:14:c6:74:fc:5e:08:ad:3d:
                    ec:a5:fc:cb:5a:3d:a3:9c:7a:72:79:59:4b:b3:a4:
                    4e:b5:70:ef:62:c3:74:34:7b:61:04:7c:4e:9a:cd:
                    1d:46:6b:4a:55:98:93:66:14:92:b2:2d:0e:db:7e:
                    b9:e8:bb:b7:c0:0e:d7:16:6d:42:e9:d1:ed:af:be:
                    b2:11:32:12:84:1a:81:97:34:12:0c:2d:6f:a8:ed:
                    61:1c:50:de:87:72:2f:d3:9b:9f:95:f2:7e:9d:f7:
                    6e:59:0e:cc:5b:10:cf:d7:f8:1a:72:ca:b2:b3:52:
                    41:e1:d4:9b:c0:f6:f9:f7:d8:66:79:01:ae:68:d7:
                    ef:2a:62:f7:31:e2:30:92:d0:27:f3:01:44:9c:30:
                    f1:78:15:8b:18:7c:fe:46:df:b7:18:92:69:04:c1:
                    a4:37:ad:6f:67:1b:3a:3d:91:75:98:1d:2b:31:90:
                    2a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:5B:96:A6:95:EF:2B:29:F9:67:17:81:9F:9F:CE:52:D4:AB:9A:36
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:07:04:22:8c:bf:14:1a:0d:cb:42:ce:8a:e7:7b:19:d7:70:
         f2:3f:8e:6f:85:1a:9e:7d:0f:f2:10:5c:7b:29:17:e3:77:7a:
         38:41:81:26:69:c7:b0:6d:d7:b7:d9:19:de:47:45:b8:02:13:
         02:6c:7f:2b:b0:81:76:c3:b6:4a:5e:e4:19:c3:d0:2d:7f:07:
         8c:7d:17:dc:5d:63:64:4a:c1:aa:38:11:82:ec:f7:4a:e7:05:
         e8:f8:39:bb:e8:22:4b:fc:ec:e1:b5:5b:11:98:65:c7:59:47:
         7f:a2:1e:96:49:e3:a7:da:24:46:f2:d6:51:8f:38:7b:91:c4:
         b6:e6:12:78:e1:a2:10:5b:7b:0d:19:60:48:f4:b7:ca:7e:62:
         2f:fb:bb:10:71:4e:6d:28:d3:d8:f4:43:fe:e0:cf:31:86:98:
         71:62:2d:8e:a7:c1:5c:2c:a3:e9:b1:41:5b:46:81:4c:70:0f:
         a4:5b:36:00:95:b8:f5:fd:a9:7f:0b:de:66:66:23:fe:ba:07:
         7b:cd:57:69:de:46:3e:92:4c:a6:a0:5b:1d:9c:50:79:e2:35:
         6b:44:b8:03:1b:9a:49:fa:af:d8:70:ca:94:6a:5f:37:21:f6:
         43:72:14:53:84:88:f4:1b:ac:9b:ed:6f:8c:b8:af:2f:5b:4d:
         c5:ac:58:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNzQmUv5RsxybjOw5dv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
Eyg3MzViOTZhNjk1ZWYyYjI5Zjk2NzE3ODE5ZjlmY2U1MmQ0YWI5YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/7RpYCZ15vX9nDqFRACjBV/RKtI
I8iWzJbAVvGFvb3er3frhWeUqgnFGYPHdAAakDYphx4SJX65k4s7o7mYtREGURh9
NrJFPeuCKS5rI199FMZ0/F4IrT3spfzLWj2jnHpyeVlLs6ROtXDvYsN0NHthBHxO
ms0dRmtKVZiTZhSSsi0O23656Lu3wA7XFm1C6dHtr76yETIShBqBlzQSDC1vqO1h
HFDeh3Iv05uflfJ+nfduWQ7MWxDP1/gacsqys1JB4dSbwPb599hmeQGuaNfvKmL3
MeIwktAn8wFEnDDxeBWLGHz+Rt+3GJJpBMGkN61vZxs6PZF1mB0rMZAqWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNblqaV7ysp+WcXgZ+fzlLUq5o2MB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQcEIoy/
FBoNy0LOiud7Gddw8j+Ob4Uann0P8hBceykX43d6OEGBJmnHsG3Xt9kZ3kdFuAIT
Amx/K7CBdsO2Sl7kGcPQLX8HjH0X3F1jZErBqjgRguz3SucF6Pg5u+giS/zs4bVb
EZhlx1lHf6Ielknjp9okRvLWUY84e5HEtuYSeOGiEFt7DRlgSPS3yn5iL/u7EHFO
bSjT2PRD/uDPMYaYcWItjqfBXCyj6bFBW0aBTHAPpFs2AJW49f2pfwveZmYj/roH
e81Xad5GPpJMpqBbHZxQeeI1a0S4AxuaSfqv2HDKlGpfNyH2Q3IUU4SI9Busm+1v
jLivL1tNxaxY2A==
-----END CERTIFICATE-----