Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
File:                     HyAOBxBBRee6mHap0-55Kgc2TTY.mft (raw, json)
Hash identifier:          VdQdY2bWHve/0Twnvj3qEhhyHW8Osf/mw9ohPZa5LkQ=
Subject key identifier:   52:56:BA:07:B7:94:46:1A:4C:EF:E6:DE:CD:70:60:B1:AA:F0:D0:6D
Authority key identifier: 1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36
Certificate issuer:       /CN=1f200e07104145e7ba9876a9d3ee792a07364d36
Certificate serial:       0199FDD9EC3CD7D72DAC08371F8642273B96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
Manifest number:          0409
Signing time:             Sun 19 Oct 2025 19:02:20 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:20 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:20 +0000
Files and hashes:         1: HyAOBxBBRee6mHap0-55Kgc2TTY.crl (hash: itBdVWO7BFYtJoZ5reOcBo9yy7AX+8hkSBSn6exWmTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:ec:3c:d7:d7:2d:ac:08:37:1f:86:42:27:3b:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f200e07104145e7ba9876a9d3ee792a07364d36
        Validity
            Not Before: Oct 19 19:02:20 2025 GMT
            Not After : Oct 20 19:02:20 2025 GMT
        Subject: CN=5256ba07b794461a4cefe6decd7060b1aaf0d06d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8b:21:d2:c7:c4:7b:5f:a8:1d:78:ee:3d:ba:
                    46:29:37:ac:3a:75:1f:07:f5:30:67:fa:b1:27:c7:
                    9b:6b:45:ce:81:f9:da:17:0b:9b:af:87:09:85:6d:
                    ee:6c:e8:4d:0b:79:15:5b:09:e1:ff:eb:73:dc:eb:
                    eb:1c:b4:78:60:eb:48:ae:32:93:6d:89:f5:bd:4e:
                    b7:0a:85:5c:12:2b:80:a4:29:64:cc:ec:07:ec:66:
                    fd:55:30:2e:85:57:3b:e1:d9:0e:ae:c6:bc:a4:37:
                    d7:e8:a8:4a:5e:9f:68:f7:11:34:98:f5:a1:b1:34:
                    40:05:a1:cb:49:1d:d5:f6:c9:4b:62:bb:db:12:cc:
                    4d:07:76:7d:9a:2b:d0:a7:87:71:32:47:6c:26:e3:
                    42:d7:18:90:81:14:2d:53:2d:5d:a7:cc:79:59:86:
                    4b:86:1c:13:ae:d0:12:7a:59:b4:97:09:62:10:93:
                    61:9e:e6:ef:4a:39:c3:9d:44:9d:c8:e4:04:98:9a:
                    0c:36:0a:dc:8a:9e:d4:e1:f3:65:6a:c1:6f:85:af:
                    5f:4a:c3:2b:68:da:d6:cc:2b:46:4b:66:8e:93:26:
                    ce:83:fc:c3:af:af:dc:39:57:a3:79:1e:39:f4:40:
                    d8:9e:fc:75:64:ec:8b:94:25:98:34:18:42:9a:74:
                    23:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:56:BA:07:B7:94:46:1A:4C:EF:E6:DE:CD:70:60:B1:AA:F0:D0:6D
            X509v3 Authority Key Identifier:
                keyid:1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:06:58:8e:ae:28:52:59:8f:5a:3b:c9:d2:47:a8:03:02:9b:
         ff:cd:2f:9e:ed:4e:92:56:a9:9e:d9:b9:ba:64:6b:3a:fa:5a:
         46:57:d6:0f:84:e9:7c:3f:61:19:15:ad:3d:77:7d:13:c6:a1:
         44:74:d3:b7:84:39:c7:d6:df:d9:a4:3c:bc:c8:1f:d1:95:9a:
         fd:1a:c7:1e:93:f6:49:76:93:d5:e9:47:fd:8c:af:53:ab:a5:
         d0:b1:f3:19:85:bc:81:4e:c1:6b:1e:10:23:21:9d:ce:1c:da:
         c6:f8:eb:96:09:19:e0:09:17:06:45:55:7a:dc:ab:f8:4d:fa:
         1c:4b:fe:69:60:46:aa:2b:b4:90:b1:b2:db:bc:4e:95:d0:eb:
         65:20:cb:95:dd:be:cd:d3:0e:27:6c:96:eb:7d:94:a6:6a:37:
         91:33:04:89:07:a3:7c:cd:93:51:82:be:4f:8e:36:e7:ba:ef:
         5b:a7:66:cf:17:71:61:7e:9a:07:d8:79:36:1b:28:03:fa:8f:
         90:15:73:54:b0:d1:84:7e:cf:b4:c2:a6:74:ac:81:ae:0b:0a:
         09:37:06:8f:37:af:49:d7:03:f8:83:32:83:40:a5:00:e6:e7:
         e6:0a:e9:82:79:6b:1a:4c:85:7f:34:c1:6a:99:2e:21:5a:0d:
         89:6f:a5:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ew819ctrAg3H4ZCJzuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjAwZTA3MTA0MTQ1ZTdiYTk4NzZhOWQzZWU3OTJhMDcz
NjRkMzYwHhcNMjUxMDE5MTkwMjIwWhcNMjUxMDIwMTkwMjIwWjAzMTEwLwYDVQQD
Eyg1MjU2YmEwN2I3OTQ0NjFhNGNlZmU2ZGVjZDcwNjBiMWFhZjBkMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIsh0sfEe1+oHXjuPbpGKTesOnUf
B/UwZ/qxJ8eba0XOgfnaFwubr4cJhW3ubOhNC3kVWwnh/+tz3OvrHLR4YOtIrjKT
bYn1vU63CoVcEiuApClkzOwH7Gb9VTAuhVc74dkOrsa8pDfX6KhKXp9o9xE0mPWh
sTRABaHLSR3V9slLYrvbEsxNB3Z9mivQp4dxMkdsJuNC1xiQgRQtUy1dp8x5WYZL
hhwTrtASelm0lwliEJNhnubvSjnDnUSdyOQEmJoMNgrcip7U4fNlasFvha9fSsMr
aNrWzCtGS2aOkybOg/zDr6/cOVejeR459EDYnvx1ZOyLlCWYNBhCmnQjlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJWuge3lEYaTO/m3s1wYLGq8NBtMB8GA1UdIwQY
MBaAFB8gDgcQQUXnuph2qdPueSoHNk02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUt
Nzc1YTdlYzFjYTMzLzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUtNzc1YTdlYzFjYTMz
LzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwZYjq4o
UlmPWjvJ0keoAwKb/80vnu1Oklapntm5umRrOvpaRlfWD4TpfD9hGRWtPXd9E8ah
RHTTt4Q5x9bf2aQ8vMgf0ZWa/RrHHpP2SXaT1elH/YyvU6ul0LHzGYW8gU7Bax4Q
IyGdzhzaxvjrlgkZ4AkXBkVVetyr+E36HEv+aWBGqiu0kLGy27xOldDrZSDLld2+
zdMOJ2yW632Upmo3kTMEiQejfM2TUYK+T44257rvW6dmzxdxYX6aB9h5NhsoA/qP
kBVzVLDRhH7PtMKmdKyBrgsKCTcGjzevSdcD+IMyg0ClAObn5grpgnlrGkyFfzTB
apkuIVoNiW+lpw==
-----END CERTIFICATE-----