Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          8QovE+FGFxDI7LYSWwqX/+utQPPmk42xDea0PZZxMFo=
Subject key identifier:   8B:43:9C:39:6F:92:A0:CA:12:50:5E:F0:FF:D3:DF:9D:3B:D9:68:74
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       019A02C7A748C892D03A30B3F7977E327033
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          0814
Signing time:             Mon 20 Oct 2025 18:00:29 +0000
Manifest this update:     Mon 20 Oct 2025 18:00:29 +0000
Manifest next update:     Tue 21 Oct 2025 18:00:29 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: eioOrHc34yJdX2nAJx8msojf1RBLoBcnG8HHnPkNJgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:c7:a7:48:c8:92:d0:3a:30:b3:f7:97:7e:32:70:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Oct 20 18:00:29 2025 GMT
            Not After : Oct 21 18:00:29 2025 GMT
        Subject: CN=8b439c396f92a0ca12505ef0ffd3df9d3bd96874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b1:e4:80:b9:83:16:f2:5e:2a:47:45:b5:ab:
                    e3:9a:b0:65:05:e7:e0:76:37:38:be:04:aa:f8:7c:
                    31:70:9c:6f:2b:de:10:a9:e1:4a:6c:9b:6b:16:4c:
                    67:6a:c5:19:67:26:90:aa:e7:d4:ad:71:a5:cc:e7:
                    3a:52:02:cb:c4:76:41:33:4e:9d:df:1e:63:03:a5:
                    76:fa:8b:a9:b9:43:4d:e8:7c:82:77:b2:cc:ee:fc:
                    10:04:ef:7e:61:34:7f:e5:dd:36:ff:13:8e:06:42:
                    cb:00:d3:a4:73:fb:b5:41:ba:f4:84:6a:8d:b1:74:
                    04:a8:b6:17:df:dd:4d:c5:ae:ea:a9:57:57:47:1e:
                    83:de:0b:c1:dd:ab:f1:44:de:8b:10:77:cb:78:9a:
                    c7:70:73:aa:5e:e6:95:82:c4:ab:6d:cd:87:4d:11:
                    ba:ff:d4:4f:f5:ab:12:bf:42:b3:6f:6b:8d:c7:53:
                    ef:cd:90:5f:90:ed:7c:23:54:40:ae:5c:4d:88:bf:
                    c7:60:71:54:c4:c0:79:ba:01:56:dd:98:67:20:e5:
                    68:77:df:02:2c:06:1e:32:4b:d9:d6:5d:52:fe:9f:
                    30:f8:b7:2b:31:28:96:41:6c:13:93:c5:41:d3:93:
                    d1:f3:e1:e8:d4:78:b7:dd:fc:93:ee:7b:01:f6:b4:
                    c2:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:43:9C:39:6F:92:A0:CA:12:50:5E:F0:FF:D3:DF:9D:3B:D9:68:74
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:b6:a2:b3:a2:ad:25:df:a8:fc:f8:80:c2:ec:76:27:d2:2b:
         d5:0a:01:87:68:5e:a5:71:19:b5:39:c8:af:7e:35:46:15:c0:
         a0:b9:48:59:46:e9:12:5c:29:ba:71:08:34:6e:2b:77:7e:68:
         6f:97:69:d2:ef:cd:92:c1:8b:ae:14:16:80:55:52:4c:10:20:
         8d:8b:e3:f2:49:78:4c:ea:a9:bb:f2:5f:7f:35:69:63:10:b1:
         d2:8e:98:70:d5:72:f7:f5:74:55:7f:4c:6e:7f:17:a5:34:b3:
         f3:a9:d0:df:2d:70:2f:11:de:13:c0:88:2e:62:24:ff:61:fe:
         73:4f:84:36:8a:ca:cb:cd:3b:96:28:1b:3b:fc:c7:d6:23:78:
         bf:6f:0c:e7:74:95:b4:1d:5f:a0:7b:e7:e7:51:86:e4:43:26:
         aa:d4:df:58:5c:8e:b7:12:f0:89:44:f9:69:05:66:dc:63:64:
         b9:be:2e:00:4e:e2:e4:17:2e:70:7a:3b:ca:07:8d:04:ef:85:
         fe:9b:c6:9f:ab:15:73:58:d7:74:ff:bc:18:b6:77:49:16:dd:
         04:f1:01:49:0a:2a:6d:21:b3:c5:82:23:cb:88:45:c9:1d:e2:
         fb:d3:ab:d3:95:63:77:0a:9c:c1:64:14:d6:03:8e:cd:28:7c:
         0c:72:66:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCx6dIyJLQOjCz95d+MnAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUxMDIwMTgwMDI5WhcNMjUxMDIxMTgwMDI5WjAzMTEwLwYDVQQD
Eyg4YjQzOWMzOTZmOTJhMGNhMTI1MDVlZjBmZmQzZGY5ZDNiZDk2ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprHkgLmDFvJeKkdFtavjmrBlBefg
djc4vgSq+HwxcJxvK94QqeFKbJtrFkxnasUZZyaQqufUrXGlzOc6UgLLxHZBM06d
3x5jA6V2+oupuUNN6HyCd7LM7vwQBO9+YTR/5d02/xOOBkLLANOkc/u1Qbr0hGqN
sXQEqLYX391Nxa7qqVdXRx6D3gvB3avxRN6LEHfLeJrHcHOqXuaVgsSrbc2HTRG6
/9RP9asSv0Kzb2uNx1PvzZBfkO18I1RArlxNiL/HYHFUxMB5ugFW3ZhnIOVod98C
LAYeMkvZ1l1S/p8w+LcrMSiWQWwTk8VB05PR8+Ho1Hi33fyT7nsB9rTCVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItDnDlvkqDKElBe8P/T35072Wh0MB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXbais6Kt
Jd+o/PiAwux2J9Ir1QoBh2hepXEZtTnIr341RhXAoLlIWUbpElwpunEING4rd35o
b5dp0u/NksGLrhQWgFVSTBAgjYvj8kl4TOqpu/JffzVpYxCx0o6YcNVy9/V0VX9M
bn8XpTSz86nQ3y1wLxHeE8CILmIk/2H+c0+ENorKy807ligbO/zH1iN4v28M53SV
tB1foHvn51GG5EMmqtTfWFyOtxLwiUT5aQVm3GNkub4uAE7i5BcucHo7ygeNBO+F
/pvGn6sVc1jXdP+8GLZ3SRbdBPEBSQoqbSGzxYIjy4hFyR3i+9Or05VjdwqcwWQU
1gOOzSh8DHJmeA==
-----END CERTIFICATE-----