Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          powa7qBuJcwU6csGykkJQuwHugNpKCTUHaRC+bxZRtI=
Subject key identifier:   AF:A2:9F:F7:56:CA:BA:EB:26:9F:BA:7B:FF:D7:5A:F2:47:96:C4:BB
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       0199FFC838F47E6B2D6C8550C97094728AE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0B5A
Signing time:             Mon 20 Oct 2025 04:02:15 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:15 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:15 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: BySD25arem3m+FlBDB1vWYqaUWsqBY9/tGYwU612RKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:38:f4:7e:6b:2d:6c:85:50:c9:70:94:72:8a:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Oct 20 04:02:15 2025 GMT
            Not After : Oct 21 04:02:15 2025 GMT
        Subject: CN=afa29ff756cabaeb269fba7bffd75af24796c4bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ca:dd:1b:36:a8:6e:30:dc:6d:0c:09:b5:58:
                    5b:52:11:2b:bb:02:d3:0f:5a:06:98:f3:c4:03:21:
                    7c:3e:3d:57:be:58:b7:f6:07:dc:0e:82:45:97:dc:
                    3f:e2:b3:04:fa:27:71:64:b4:dc:c1:4e:ed:54:23:
                    41:84:5f:2a:6b:4e:cf:68:d0:0e:c2:74:06:92:8a:
                    8e:02:40:14:fc:04:cc:4e:74:34:3f:58:3c:0d:f2:
                    55:34:cd:a2:ac:af:70:86:fb:f9:e9:cc:dd:2a:eb:
                    47:27:45:cf:60:29:78:7e:f2:a0:c7:ce:be:6b:44:
                    85:95:23:42:74:17:c1:bf:ee:fc:06:b0:cd:32:38:
                    d7:6e:af:81:f2:3c:31:b5:f9:a8:8f:61:b7:fc:4a:
                    23:23:10:ab:b7:a3:5d:d5:14:77:3d:a3:ba:84:e9:
                    e0:5b:02:bc:98:b6:24:2a:c8:2f:65:cb:21:3e:8b:
                    01:45:ef:fe:70:12:63:d6:1f:64:e3:75:54:6b:95:
                    07:6a:c1:3f:eb:14:4c:b7:24:f6:7b:59:b3:d1:5f:
                    ef:43:7b:42:ae:81:c0:ee:8d:33:ad:66:ec:ef:09:
                    0f:a8:3f:0a:c6:60:b3:7b:d3:30:34:fa:f3:cd:04:
                    93:8c:2e:45:aa:7d:32:43:a0:10:c8:25:e0:8e:ea:
                    f9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:A2:9F:F7:56:CA:BA:EB:26:9F:BA:7B:FF:D7:5A:F2:47:96:C4:BB
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:9e:7f:c1:6b:17:70:1a:cf:e3:38:ae:f1:88:ed:f3:90:e8:
         48:d5:9b:21:ff:c1:0c:b4:39:62:62:b8:e9:76:bf:a3:67:da:
         d4:95:79:45:28:f9:14:bf:7d:2b:a0:9f:38:1f:ba:d1:46:d6:
         4f:62:8e:0e:0b:28:87:e8:49:e4:e5:83:b6:84:f8:ab:50:6e:
         8e:7f:4c:70:2c:f9:d7:a2:d4:ef:71:73:fb:a8:22:e8:7e:91:
         5d:b9:1c:a6:4e:7e:d0:76:fd:b5:20:f6:4c:a5:d1:21:d0:8d:
         e0:aa:c4:84:67:39:e2:d9:e6:66:18:eb:df:8c:e6:23:28:ac:
         22:e3:ec:37:e6:88:dc:f2:79:00:e7:f0:3f:4c:7c:9f:a3:63:
         9b:b2:e8:69:f0:8a:b2:91:22:31:7a:8b:19:3e:40:3b:68:3c:
         73:f1:dd:af:8a:55:f3:be:09:81:1f:1b:2e:9b:7e:e5:cb:ea:
         48:41:78:87:95:c0:70:b2:e3:bc:12:c2:a9:0a:06:fe:0e:e8:
         9a:8d:b0:03:12:7e:de:f3:30:2a:43:a3:05:11:a8:27:11:b8:
         22:f6:da:e3:b6:d8:37:2e:a6:af:3c:84:9f:21:d0:7e:07:74:
         14:8a:2c:90:33:50:74:3f:ef:31:85:85:a1:f2:c1:30:46:83:
         13:c6:4a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yDj0fmstbIVQyXCUcoriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUxMDIwMDQwMjE1WhcNMjUxMDIxMDQwMjE1WjAzMTEwLwYDVQQD
EyhhZmEyOWZmNzU2Y2FiYWViMjY5ZmJhN2JmZmQ3NWFmMjQ3OTZjNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8rdGzaobjDcbQwJtVhbUhEruwLT
D1oGmPPEAyF8Pj1Xvli39gfcDoJFl9w/4rME+idxZLTcwU7tVCNBhF8qa07PaNAO
wnQGkoqOAkAU/ATMTnQ0P1g8DfJVNM2irK9whvv56czdKutHJ0XPYCl4fvKgx86+
a0SFlSNCdBfBv+78BrDNMjjXbq+B8jwxtfmoj2G3/EojIxCrt6Nd1RR3PaO6hOng
WwK8mLYkKsgvZcshPosBRe/+cBJj1h9k43VUa5UHasE/6xRMtyT2e1mz0V/vQ3tC
roHA7o0zrWbs7wkPqD8KxmCze9MwNPrzzQSTjC5Fqn0yQ6AQyCXgjur5kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+in/dWyrrrJp+6e//XWvJHlsS7MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwJ5/wWsX
cBrP4ziu8Yjt85DoSNWbIf/BDLQ5YmK46Xa/o2fa1JV5RSj5FL99K6CfOB+60UbW
T2KODgsoh+hJ5OWDtoT4q1Bujn9McCz516LU73Fz+6gi6H6RXbkcpk5+0Hb9tSD2
TKXRIdCN4KrEhGc54tnmZhjr34zmIyisIuPsN+aI3PJ5AOfwP0x8n6Njm7LoafCK
spEiMXqLGT5AO2g8c/Hdr4pV874JgR8bLpt+5cvqSEF4h5XAcLLjvBLCqQoG/g7o
mo2wAxJ+3vMwKkOjBRGoJxG4Ivba47bYNy6mrzyEnyHQfgd0FIoskDNQdD/vMYWF
ofLBMEaDE8ZK8g==
-----END CERTIFICATE-----