Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
File:                     HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json)
Hash identifier:          GGUcbLuZc+CcE9yk97cZMhEel5lnZQHe75cmp9QyPOc=
Subject key identifier:   65:B6:88:0F:F6:51:5D:D7:84:5B:4C:E6:36:A0:16:31:CE:46:31:D6
Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74
Certificate issuer:       /CN=1c1c754b7a5b541892540d24ab98d31537974574
Certificate serial:       019916BF76CEB6F259A63383D8853B8F1C4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
Manifest number:          166C
Signing time:             Thu 04 Sep 2025 22:01:10 +0000
Manifest this update:     Thu 04 Sep 2025 22:01:10 +0000
Manifest next update:     Fri 05 Sep 2025 22:01:10 +0000
Files and hashes:         1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: dXjP3oa9coPZHX3oSFJXexaoaRZWo2Wh9lFdp9CK0N8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:bf:76:ce:b6:f2:59:a6:33:83:d8:85:3b:8f:1c:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574
        Validity
            Not Before: Sep  4 22:01:10 2025 GMT
            Not After : Sep  5 22:01:10 2025 GMT
        Subject: CN=65b6880ff6515dd7845b4ce636a01631ce4631d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:18:42:21:f3:7d:4f:9a:dd:de:a1:00:cf:
                    d4:89:e2:0a:08:0b:4f:04:44:c7:86:c6:22:c4:94:
                    88:94:34:c5:8b:5d:4a:ab:2c:fe:47:d6:25:62:2a:
                    44:e9:79:d5:e3:04:26:98:92:2f:3f:3a:9e:b0:71:
                    9b:2f:61:87:12:53:23:34:e8:46:cc:d5:fc:75:9d:
                    c5:51:9d:0b:64:da:2c:3e:64:a3:4f:f1:71:27:d2:
                    4d:f4:6b:ee:8d:78:4b:9a:de:9f:11:38:2a:f2:1f:
                    ac:d4:5e:cc:f5:0a:e0:f0:f1:26:f3:7a:23:52:d8:
                    41:a6:2b:b8:82:b1:a9:0e:98:19:c6:c5:08:a5:c7:
                    fb:da:3a:4a:f6:90:2d:7c:86:38:88:0c:b0:dd:4d:
                    04:23:93:88:8d:ba:ef:62:c8:1f:30:b8:95:90:3d:
                    50:ed:91:da:22:81:7d:c1:32:f6:9b:29:94:fc:69:
                    00:e9:4d:bd:30:0a:e7:49:e3:64:3d:98:5d:b6:be:
                    1a:01:6a:8e:a7:35:74:fa:aa:07:55:cd:de:38:03:
                    91:04:02:54:9a:93:94:bf:9a:14:9f:21:37:0f:c8:
                    9e:e9:0e:a8:19:c4:19:75:ed:53:59:73:94:62:32:
                    47:2c:2f:e6:8a:e2:15:db:05:0d:f1:6d:07:b2:9b:
                    df:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:B6:88:0F:F6:51:5D:D7:84:5B:4C:E6:36:A0:16:31:CE:46:31:D6
            X509v3 Authority Key Identifier:
                keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:4a:f4:71:e0:be:83:5d:d4:a8:71:ed:54:80:7b:fd:d9:3f:
         88:c8:34:1b:37:0f:95:64:28:51:da:62:10:e2:2b:fa:58:f2:
         5c:bd:70:bd:4c:2c:41:56:07:a4:55:50:19:c7:0b:01:d7:37:
         6d:7c:61:ba:96:a8:df:7b:ec:c5:a4:96:5a:2a:11:01:9a:82:
         10:40:db:5a:eb:36:61:9a:6d:24:24:45:62:17:bd:bc:0a:81:
         ff:5e:2f:a8:64:51:69:2b:e3:c0:c1:86:38:15:4b:c3:8f:06:
         65:e8:49:5d:2d:41:83:f6:bf:22:ea:b4:ba:4a:73:54:c5:1d:
         53:e8:f4:cd:81:14:52:57:6d:af:1a:de:82:2e:f9:11:97:df:
         9a:12:2e:c1:59:33:85:e1:87:9a:fc:08:88:f9:63:9b:af:a2:
         37:59:3d:23:f8:e8:3a:eb:06:c2:a9:43:ba:20:fc:41:77:aa:
         41:71:fd:2a:d3:e9:bc:e3:36:64:df:7b:d2:54:86:b7:93:ce:
         e5:3b:39:62:79:88:59:6c:75:64:64:03:93:e2:21:ad:29:44:
         be:75:39:d6:3d:45:ce:9d:6c:60:38:18:f7:23:6f:2d:22:d5:
         a0:f2:5d:16:3a:ab:52:49:0c:5b:6d:db:40:08:35:8a:07:16:
         09:0b:6e:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWv3bOtvJZpjOD2IU7jxxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5
NzQ1NzQwHhcNMjUwOTA0MjIwMTEwWhcNMjUwOTA1MjIwMTEwWjAzMTEwLwYDVQQD
Eyg2NWI2ODgwZmY2NTE1ZGQ3ODQ1YjRjZTYzNmEwMTYzMWNlNDYzMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM0YQiHzfU+a3d6hAM/UieIKCAtP
BETHhsYixJSIlDTFi11Kqyz+R9YlYipE6XnV4wQmmJIvPzqesHGbL2GHElMjNOhG
zNX8dZ3FUZ0LZNosPmSjT/FxJ9JN9GvujXhLmt6fETgq8h+s1F7M9Qrg8PEm83oj
UthBpiu4grGpDpgZxsUIpcf72jpK9pAtfIY4iAyw3U0EI5OIjbrvYsgfMLiVkD1Q
7ZHaIoF9wTL2mymU/GkA6U29MArnSeNkPZhdtr4aAWqOpzV0+qoHVc3eOAORBAJU
mpOUv5oUnyE3D8ie6Q6oGcQZde1TWXOUYjJHLC/miuIV2wUN8W0HspvfWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGW2iA/2UV3XhFtM5jagFjHORjHWMB8GA1UdIwQY
MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt
YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3
LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkr0ceC+
g13UqHHtVIB7/dk/iMg0GzcPlWQoUdpiEOIr+ljyXL1wvUwsQVYHpFVQGccLAdc3
bXxhupao33vsxaSWWioRAZqCEEDbWus2YZptJCRFYhe9vAqB/14vqGRRaSvjwMGG
OBVLw48GZehJXS1Bg/a/Iuq0ukpzVMUdU+j0zYEUUldtrxregi75EZffmhIuwVkz
heGHmvwIiPljm6+iN1k9I/joOusGwqlDuiD8QXeqQXH9KtPpvOM2ZN970lSGt5PO
5Ts5YnmIWWx1ZGQDk+IhrSlEvnU51j1Fzp1sYDgY9yNvLSLVoPJdFjqrUkkMW23b
QAg1igcWCQtuMQ==
-----END CERTIFICATE-----