Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          0oTkqMxvjx5og0J0IAB7tZTxiQGYQZASY34s2WcCzFA=
Subject key identifier:   A6:82:87:8D:B7:A0:A3:17:62:12:87:22:96:91:50:8B:CC:1C:01:23
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       019A011167E15031911621608CB460D3DC0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0BB0
Signing time:             Mon 20 Oct 2025 10:01:49 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:49 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:49 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: XtdyIzWosh4ldppRPvoJNETtF/UTCnhWo7M2DtkYQGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 10:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:67:e1:50:31:91:16:21:60:8c:b4:60:d3:dc:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Oct 20 10:01:49 2025 GMT
            Not After : Oct 21 10:01:49 2025 GMT
        Subject: CN=a682878db7a0a317621287229691508bcc1c0123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:be:da:be:d1:2b:e4:32:ae:80:d3:df:54:65:
                    06:29:ca:0b:88:2a:5f:cb:68:cf:9c:cb:80:36:21:
                    41:2d:33:ff:aa:89:fb:89:01:98:01:6c:7d:50:bb:
                    d6:f5:3a:3e:9d:03:95:e0:6e:cf:ca:2b:98:7d:a9:
                    ea:8f:7f:2d:49:58:3c:e7:70:b2:08:95:f5:62:a0:
                    3b:16:60:23:49:75:3a:01:10:a8:61:43:da:e1:c0:
                    23:a4:06:8b:e8:89:33:13:5c:5e:98:10:0f:87:54:
                    2d:c4:bf:13:e1:38:d9:86:c2:cb:6e:5f:ab:fa:8a:
                    1b:c7:52:99:3e:65:b4:f2:c6:60:cc:bb:0e:87:f4:
                    d5:2c:de:97:5f:16:80:95:ff:3d:d0:6d:35:79:f5:
                    0c:1d:74:0e:7a:ec:8c:04:cd:37:ec:12:29:48:f2:
                    08:92:fb:f9:ce:63:a2:5a:67:f5:7f:3b:8a:3a:44:
                    36:8c:27:d4:9a:4d:b1:32:e6:22:b7:72:3d:59:39:
                    6f:d1:6e:65:ae:ed:57:e3:3d:f8:a3:10:b3:46:5c:
                    93:00:01:ad:ab:b9:b2:64:18:bc:74:e3:84:3b:84:
                    23:cd:a3:25:39:c4:79:f8:58:15:7a:7e:93:b5:d9:
                    18:e0:22:7e:eb:c2:b1:6b:ff:c9:97:37:cf:ed:21:
                    cb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:82:87:8D:B7:A0:A3:17:62:12:87:22:96:91:50:8B:CC:1C:01:23
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:3e:70:ab:0f:87:20:e4:4f:9b:c4:69:41:dd:10:a0:81:f4:
         3e:c1:dd:39:6e:82:5f:91:1e:f8:5d:ec:53:a2:26:fb:6e:58:
         b6:6d:06:6e:d4:3c:d0:29:b5:bf:18:f8:2a:3e:01:2c:61:7b:
         31:8e:ac:16:c7:62:7e:b3:39:f0:6f:ca:e9:5d:18:a5:04:d0:
         c6:2c:bb:cb:a6:0c:47:f7:19:a8:61:af:7f:ef:1c:65:73:c8:
         5d:20:06:f0:1f:d9:53:a8:58:6b:5b:9c:59:f0:f4:c0:9a:e8:
         6e:8f:74:13:db:06:e4:d7:2e:c4:48:75:34:fb:11:9f:db:85:
         39:3e:f7:bc:3c:00:84:8d:a8:f3:07:20:df:8d:04:d0:b0:5c:
         0f:26:9f:e4:f9:12:b9:9b:a6:c3:b5:1e:c6:20:65:c2:72:d2:
         25:13:4c:e8:13:ac:5b:a6:1b:d5:71:2c:df:b5:3c:2c:dd:46:
         0c:e0:e1:c7:c7:bf:7b:81:bc:8a:cb:6c:24:b6:1c:59:f7:2e:
         12:fc:1a:60:25:e1:d7:60:32:cc:c9:62:6d:27:e5:47:88:b3:
         7f:09:9c:e0:5d:ad:d4:27:e6:fd:ee:ab:8f:0f:d5:e2:37:98:
         a9:da:af:ab:4e:d7:b3:a4:8b:3f:c0:b2:d3:0d:bb:cd:47:f2:
         09:35:bf:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEWfhUDGRFiFgjLRg09wOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUxMDIwMTAwMTQ5WhcNMjUxMDIxMTAwMTQ5WjAzMTEwLwYDVQQD
EyhhNjgyODc4ZGI3YTBhMzE3NjIxMjg3MjI5NjkxNTA4YmNjMWMwMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr7avtEr5DKugNPfVGUGKcoLiCpf
y2jPnMuANiFBLTP/qon7iQGYAWx9ULvW9To+nQOV4G7PyiuYfanqj38tSVg853Cy
CJX1YqA7FmAjSXU6ARCoYUPa4cAjpAaL6IkzE1xemBAPh1QtxL8T4TjZhsLLbl+r
+oobx1KZPmW08sZgzLsOh/TVLN6XXxaAlf890G01efUMHXQOeuyMBM037BIpSPII
kvv5zmOiWmf1fzuKOkQ2jCfUmk2xMuYit3I9WTlv0W5lru1X4z34oxCzRlyTAAGt
q7myZBi8dOOEO4QjzaMlOcR5+FgVen6TtdkY4CJ+68Kxa//JlzfP7SHL2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaCh423oKMXYhKHIpaRUIvMHAEjMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJz5wqw+H
IORPm8RpQd0QoIH0PsHdOW6CX5Ee+F3sU6Im+25Ytm0GbtQ80Cm1vxj4Kj4BLGF7
MY6sFsdifrM58G/K6V0YpQTQxiy7y6YMR/cZqGGvf+8cZXPIXSAG8B/ZU6hYa1uc
WfD0wJrobo90E9sG5NcuxEh1NPsRn9uFOT73vDwAhI2o8wcg340E0LBcDyaf5PkS
uZumw7UexiBlwnLSJRNM6BOsW6Yb1XEs37U8LN1GDODhx8e/e4G8istsJLYcWfcu
EvwaYCXh12AyzMlibSflR4izfwmc4F2t1Cfm/e6rjw/V4jeYqdqvq07Xs6SLP8Cy
0w27zUfyCTW/gA==
-----END CERTIFICATE-----