Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          s3gDkhTuRxzsKR9UiA9yWyNKOH2wdPB8u8NMDUk5qlU=
Subject key identifier:   9B:B0:12:82:12:2C:9A:28:D8:1D:81:33:20:AF:A0:B2:18:21:8B:6F
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       0198D7735DBF4AB365A54D79312FF25411A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          0779
Signing time:             Sat 23 Aug 2025 15:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 15:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 15:01:58 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: MaRH7KUSKAU0WuQKbSV6a/3UAXn5E3FnkQ7Val38ock=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:73:5d:bf:4a:b3:65:a5:4d:79:31:2f:f2:54:11:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Aug 23 15:01:58 2025 GMT
            Not After : Aug 24 15:01:58 2025 GMT
        Subject: CN=9bb01282122c9a28d81d813320afa0b218218b6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:99:e7:60:57:52:f1:76:28:41:0f:a3:f6:0b:
                    06:56:55:76:89:0f:09:19:6e:cc:90:1d:bf:a5:dd:
                    2d:f4:5c:ff:92:74:fd:e3:26:9b:14:37:08:bd:c1:
                    2b:f1:82:c5:3d:47:53:bf:ce:ea:13:da:be:46:3e:
                    eb:82:01:e6:46:4a:42:b0:b3:7e:c7:09:04:cf:53:
                    7a:5d:e9:53:2f:04:d0:19:a3:04:ea:74:73:c3:f8:
                    53:bf:ee:5a:67:b5:70:1c:ea:a9:a6:92:11:09:04:
                    f8:50:62:3e:3a:31:9b:c0:c1:35:04:12:eb:b8:e3:
                    ee:e0:82:db:6d:f2:9d:ed:79:fc:72:43:f0:f2:29:
                    f3:46:52:a9:c8:31:9a:38:f1:eb:ce:80:56:2b:4c:
                    30:26:27:d5:5f:87:cc:70:1b:77:ed:5f:b2:25:9a:
                    02:1a:ef:ef:2a:d4:11:2c:5f:1e:b6:13:d4:bf:03:
                    61:9c:6c:b2:ac:93:34:ae:d3:59:58:6a:a9:94:66:
                    93:85:7b:df:0a:66:01:9d:d4:a9:1e:fe:99:5f:8f:
                    7f:6a:92:06:cb:e2:c5:14:23:86:c8:1b:1c:7d:52:
                    87:c2:fd:9d:56:30:a3:58:2a:99:f6:d2:42:2f:48:
                    99:12:ac:d6:28:d1:99:36:91:95:8d:f8:e3:50:95:
                    62:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B0:12:82:12:2C:9A:28:D8:1D:81:33:20:AF:A0:B2:18:21:8B:6F
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:bd:7b:66:0c:17:3d:18:a2:6b:69:3e:9c:36:9e:fb:85:2b:
         04:74:92:e2:9a:e0:ee:e1:d4:fc:e3:c1:bd:25:5a:55:a9:92:
         c5:6f:d1:8f:32:02:4e:f5:de:26:7a:44:c7:96:1f:98:16:43:
         a9:4d:91:f7:0e:6b:3b:97:cf:d9:4e:3e:8f:18:5f:cb:cf:51:
         f0:29:6a:8d:a5:35:b1:b2:46:82:40:01:fb:9b:ea:12:4e:d6:
         d8:c4:1b:44:3d:fa:db:e1:8e:9a:c7:9e:ce:e9:f9:77:94:b0:
         5f:d6:75:ed:2c:f1:1a:99:5c:1e:ac:c0:f6:1f:b2:8a:4e:95:
         a4:7f:db:21:7b:a9:f2:ca:2e:9b:4a:fb:87:9c:69:91:d3:dc:
         81:15:62:7a:b6:fe:ac:46:16:3e:fc:10:56:2d:e3:4a:ce:ba:
         5c:c3:dc:b5:67:ef:9d:b5:bd:a3:81:ab:69:ad:89:e9:b7:47:
         e9:a2:b4:3c:81:d4:37:e4:74:40:5f:91:74:f5:63:de:50:c7:
         77:20:0d:ad:88:59:3f:d1:53:c5:3f:bb:57:a0:97:ce:ad:00:
         d9:3c:6d:07:1a:c7:0e:bf:ed:e7:38:43:3c:65:7f:36:dc:0c:
         64:53:3f:c1:dc:ad:51:c3:e9:31:0f:0d:43:1a:b2:97:31:ca:
         d9:b9:66:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXc12/SrNlpU15MS/yVBGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUwODIzMTUwMTU4WhcNMjUwODI0MTUwMTU4WjAzMTEwLwYDVQQD
Eyg5YmIwMTI4MjEyMmM5YTI4ZDgxZDgxMzMyMGFmYTBiMjE4MjE4YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZnnYFdS8XYoQQ+j9gsGVlV2iQ8J
GW7MkB2/pd0t9Fz/knT94yabFDcIvcEr8YLFPUdTv87qE9q+Rj7rggHmRkpCsLN+
xwkEz1N6XelTLwTQGaME6nRzw/hTv+5aZ7VwHOqpppIRCQT4UGI+OjGbwME1BBLr
uOPu4ILbbfKd7Xn8ckPw8inzRlKpyDGaOPHrzoBWK0wwJifVX4fMcBt37V+yJZoC
Gu/vKtQRLF8ethPUvwNhnGyyrJM0rtNZWGqplGaThXvfCmYBndSpHv6ZX49/apIG
y+LFFCOGyBscfVKHwv2dVjCjWCqZ9tJCL0iZEqzWKNGZNpGVjfjjUJViAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuwEoISLJoo2B2BMyCvoLIYIYtvMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK717ZgwX
PRiia2k+nDae+4UrBHSS4prg7uHU/OPBvSVaVamSxW/RjzICTvXeJnpEx5YfmBZD
qU2R9w5rO5fP2U4+jxhfy89R8ClqjaU1sbJGgkAB+5vqEk7W2MQbRD362+GOmsee
zun5d5SwX9Z17SzxGplcHqzA9h+yik6VpH/bIXup8soum0r7h5xpkdPcgRVierb+
rEYWPvwQVi3jSs66XMPctWfvnbW9o4Graa2J6bdH6aK0PIHUN+R0QF+RdPVj3lDH
dyANrYhZP9FTxT+7V6CXzq0A2TxtBxrHDr/t5zhDPGV/NtwMZFM/wdytUcPpMQ8N
QxqylzHK2blmGg==
-----END CERTIFICATE-----