Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          q8TmHTc4W2tgqJcHFmwQdhrLGtzUNVvdUDXDMnNGoZI=
Subject key identifier:   79:8C:59:DF:62:24:8E:74:F0:0A:93:1A:F4:13:DE:4D:E3:9F:15:5F
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       0199FCC63A6ED0083BAE3056850EDB80516D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          029F
Signing time:             Sun 19 Oct 2025 14:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:13 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: JU0GnRdH6cnya4YjTGoVVDESI5xT8Ki4kajodeKXA+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:3a:6e:d0:08:3b:ae:30:56:85:0e:db:80:51:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Oct 19 14:01:13 2025 GMT
            Not After : Oct 20 14:01:13 2025 GMT
        Subject: CN=798c59df62248e74f00a931af413de4de39f155f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:eb:0d:f3:fc:0e:02:e4:df:28:12:c3:06:6e:
                    c0:c2:3b:76:be:aa:76:45:e4:71:74:93:df:95:0e:
                    97:71:f4:5d:c6:03:7f:f3:df:54:9c:7b:f7:e2:69:
                    02:38:f9:a3:53:95:14:b5:d9:20:83:26:6c:3c:f6:
                    9d:4a:e9:9d:a5:8a:e8:5b:2d:de:57:c6:e7:fb:fe:
                    b2:65:17:de:16:19:7e:30:e7:8b:49:50:3b:bc:2d:
                    1d:c2:32:be:df:54:9c:22:56:cd:9c:6b:c9:d3:b3:
                    87:0d:63:11:89:42:46:c4:bc:3d:11:62:a8:bd:04:
                    dd:9f:a5:62:26:d5:81:0e:d8:8b:6d:51:16:0e:6c:
                    9d:81:8f:7f:25:c4:51:f2:05:52:d6:6b:29:c0:30:
                    6a:2a:1c:05:42:24:8e:a9:cd:38:83:a7:69:ce:99:
                    6e:43:17:2f:ad:91:27:3d:52:d1:04:f6:05:bd:46:
                    b0:fd:93:a7:49:77:ea:b0:16:31:46:f7:7e:e2:39:
                    4e:30:5f:3a:59:ae:87:36:67:85:95:0f:8a:3d:95:
                    f8:2b:f4:43:6b:eb:b9:62:ac:b7:f4:7a:1d:d8:f9:
                    51:50:3d:ae:43:cc:7e:e6:02:6c:e0:54:4a:47:69:
                    4b:cf:89:49:06:08:df:3a:9b:fe:14:1b:3e:73:e9:
                    49:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:8C:59:DF:62:24:8E:74:F0:0A:93:1A:F4:13:DE:4D:E3:9F:15:5F
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:b8:5a:d0:57:7a:7c:f1:91:cd:41:a9:d3:a0:63:e9:9b:fd:
         6c:3f:28:eb:75:cb:f1:21:be:4d:5b:88:97:31:b3:c2:fd:68:
         2a:7f:16:29:82:11:a7:2e:fa:35:6a:a8:72:7f:73:89:49:fd:
         b4:79:16:de:75:d6:43:16:48:d1:0e:9d:c0:b8:40:a5:cd:0c:
         ac:de:d0:20:b6:21:ea:7e:0a:0f:76:09:d5:6f:22:d9:f8:57:
         00:37:f0:96:2c:f6:f6:55:30:20:12:fd:40:e6:46:e3:4d:bf:
         67:4a:8f:26:61:b8:88:78:0c:6f:ae:19:22:65:db:4c:8b:78:
         47:15:41:f2:4e:f6:c1:3c:a2:9f:75:05:b2:0a:95:eb:a0:92:
         a7:e6:eb:5b:f4:ce:8b:2b:08:08:86:47:a0:cd:17:cf:af:f0:
         9f:2f:dc:c1:2b:76:7c:ce:45:03:fe:64:ef:81:52:60:a1:e7:
         c1:c5:d8:ec:75:cc:7a:b1:26:bf:4d:7e:9d:a8:96:ad:30:3e:
         98:df:ba:1c:68:e3:c2:72:1a:a9:36:3e:ab:29:06:35:bf:a2:
         c9:71:4d:c0:ef:29:2f:5e:1c:cf:55:6c:59:b5:56:e1:d1:b8:
         4c:bf:c3:36:4e:23:4b:81:3f:f3:c2:a6:b3:4a:e4:d5:f6:b2:
         4a:00:a6:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xjpu0Ag7rjBWhQ7bgFFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUxMDE5MTQwMTEzWhcNMjUxMDIwMTQwMTEzWjAzMTEwLwYDVQQD
Eyg3OThjNTlkZjYyMjQ4ZTc0ZjAwYTkzMWFmNDEzZGU0ZGUzOWYxNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOsN8/wOAuTfKBLDBm7Awjt2vqp2
ReRxdJPflQ6XcfRdxgN/899UnHv34mkCOPmjU5UUtdkggyZsPPadSumdpYroWy3e
V8bn+/6yZRfeFhl+MOeLSVA7vC0dwjK+31ScIlbNnGvJ07OHDWMRiUJGxLw9EWKo
vQTdn6ViJtWBDtiLbVEWDmydgY9/JcRR8gVS1mspwDBqKhwFQiSOqc04g6dpzplu
QxcvrZEnPVLRBPYFvUaw/ZOnSXfqsBYxRvd+4jlOMF86Wa6HNmeFlQ+KPZX4K/RD
a+u5Yqy39Hod2PlRUD2uQ8x+5gJs4FRKR2lLz4lJBgjfOpv+FBs+c+lJfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmMWd9iJI508AqTGvQT3k3jnxVfMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAprha0Fd6
fPGRzUGp06Bj6Zv9bD8o63XL8SG+TVuIlzGzwv1oKn8WKYIRpy76NWqocn9ziUn9
tHkW3nXWQxZI0Q6dwLhApc0MrN7QILYh6n4KD3YJ1W8i2fhXADfwliz29lUwIBL9
QOZG402/Z0qPJmG4iHgMb64ZImXbTIt4RxVB8k72wTyin3UFsgqV66CSp+brW/TO
iysICIZHoM0Xz6/wny/cwSt2fM5FA/5k74FSYKHnwcXY7HXMerEmv01+naiWrTA+
mN+6HGjjwnIaqTY+qykGNb+iyXFNwO8pL14cz1VsWbVW4dG4TL/DNk4jS4E/88Km
s0rk1faySgCmKg==
-----END CERTIFICATE-----