Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
File:                     hbc7mIsBRCjrr2ehj30Zmbojxk0.mft (raw, json)
Hash identifier:          FQu14BhWP3r0p/bAeRDtkmE3rcVHJH44Gef7J9SP8nw=
Subject key identifier:   9F:90:FC:06:A7:DB:19:1E:43:79:B6:29:4F:18:7E:A6:B6:CC:C8:FF
Authority key identifier: 85:B7:3B:98:8B:01:44:28:EB:AF:67:A1:8F:7D:19:99:BA:23:C6:4D
Certificate issuer:       /CN=85b73b988b014428ebaf67a18f7d1999ba23c64d
Certificate serial:       0199FBEBB27DBF13560D26CC32785ED6EC3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
Manifest number:          12FF
Signing time:             Sun 19 Oct 2025 10:02:31 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:31 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:31 +0000
Files and hashes:         1: hbc7mIsBRCjrr2ehj30Zmbojxk0.crl (hash: K2zxOAI+kSDdCOzwHJAa/bVLjSEyKAo1Qvmk8PFZGDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:b2:7d:bf:13:56:0d:26:cc:32:78:5e:d6:ec:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85b73b988b014428ebaf67a18f7d1999ba23c64d
        Validity
            Not Before: Oct 19 10:02:31 2025 GMT
            Not After : Oct 20 10:02:31 2025 GMT
        Subject: CN=9f90fc06a7db191e4379b6294f187ea6b6ccc8ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f0:3a:5c:a5:e5:0d:76:5e:52:0d:ad:33:d2:
                    27:9e:00:e9:66:64:25:d2:a1:1a:bc:a8:ab:ae:f5:
                    cd:da:a1:ca:3f:44:b0:38:3f:e1:e2:8c:a3:85:01:
                    a2:97:3d:94:25:da:9d:8d:21:2b:98:b5:0a:68:bb:
                    83:ca:1a:70:80:92:ee:88:18:2b:53:3e:2f:4a:08:
                    0a:f1:1a:75:49:25:2a:bb:2f:e3:12:bd:89:48:08:
                    9a:11:67:70:2a:30:80:cd:13:c1:c8:17:12:01:81:
                    b1:1c:ef:14:aa:d4:c0:0f:d2:b1:d5:97:f2:77:cd:
                    f0:78:c2:79:cb:bf:75:f8:30:dd:ba:ab:84:9f:8c:
                    24:10:63:ce:17:e4:9a:13:10:7c:04:2a:8e:16:b6:
                    4a:0b:cf:99:6c:55:58:55:72:86:b5:61:e5:af:1f:
                    90:fb:92:83:3b:e4:ce:0a:fd:b6:86:5a:86:5e:7d:
                    d1:71:a1:b9:d9:f6:8e:a3:99:c9:7e:d7:f3:64:54:
                    cb:5b:f6:ba:91:f2:fd:42:10:94:3c:b0:a7:c6:6b:
                    06:b8:2f:78:cc:eb:fd:4a:eb:18:11:ff:37:ed:ec:
                    8f:3f:8d:a2:ad:f3:f9:91:09:55:27:22:18:08:fd:
                    77:a7:5f:b8:07:41:12:fc:17:d0:48:da:57:c6:99:
                    f8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:90:FC:06:A7:DB:19:1E:43:79:B6:29:4F:18:7E:A6:B6:CC:C8:FF
            X509v3 Authority Key Identifier:
                keyid:85:B7:3B:98:8B:01:44:28:EB:AF:67:A1:8F:7D:19:99:BA:23:C6:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbc7mIsBRCjrr2ehj30Zmbojxk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/b850de-0c6b-4dc2-ad9e-cfede09007aa/1/hbc7mIsBRCjrr2ehj30Zmbojxk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:46:6e:e8:d1:14:49:f1:69:47:ec:6c:eb:14:fb:6d:a3:a3:
         40:fb:86:fb:e6:11:6a:4d:4c:a9:0d:14:2c:d8:a3:44:2d:d6:
         d1:da:bc:03:a9:ac:04:14:72:b7:76:48:84:39:53:89:b2:04:
         5d:0e:cc:54:aa:bd:70:64:c2:8f:6d:36:c7:53:a9:d1:02:42:
         70:fc:05:02:aa:32:b7:6a:cd:75:df:6e:ce:d7:25:f4:d8:95:
         88:af:fd:8e:a9:97:9a:7e:7f:bc:5c:da:3f:49:9f:e8:00:c6:
         72:11:bc:3f:ea:f2:4e:c7:dd:95:be:c6:e4:19:ae:1a:e1:ad:
         00:22:81:64:cd:5c:3a:7b:2e:a5:bd:74:e9:70:88:2c:23:75:
         23:94:2d:c4:fd:1e:49:f9:94:98:69:b7:27:43:98:41:b9:61:
         63:65:89:64:93:7e:38:91:f6:ce:7b:90:06:e0:7d:2c:93:bf:
         9f:20:ca:de:cf:ec:ac:a3:af:d2:88:b7:f2:1e:5f:3b:81:00:
         60:34:23:a2:b5:70:6d:3d:e2:c3:78:d8:12:40:91:46:ab:69:
         fa:4d:2a:9e:d8:73:fc:e4:8f:0c:47:ec:29:28:13:b4:29:a6:
         12:62:10:84:a9:0c:0d:10:16:03:eb:7b:62:6d:3f:e0:b1:3a:
         98:2f:f4:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn767J9vxNWDSbMMnhe1uw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjczYjk4OGIwMTQ0MjhlYmFmNjdhMThmN2QxOTk5YmEy
M2M2NGQwHhcNMjUxMDE5MTAwMjMxWhcNMjUxMDIwMTAwMjMxWjAzMTEwLwYDVQQD
Eyg5ZjkwZmMwNmE3ZGIxOTFlNDM3OWI2Mjk0ZjE4N2VhNmI2Y2NjOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/A6XKXlDXZeUg2tM9InngDpZmQl
0qEavKirrvXN2qHKP0SwOD/h4oyjhQGilz2UJdqdjSErmLUKaLuDyhpwgJLuiBgr
Uz4vSggK8Rp1SSUquy/jEr2JSAiaEWdwKjCAzRPByBcSAYGxHO8UqtTAD9Kx1Zfy
d83weMJ5y791+DDduquEn4wkEGPOF+SaExB8BCqOFrZKC8+ZbFVYVXKGtWHlrx+Q
+5KDO+TOCv22hlqGXn3RcaG52faOo5nJftfzZFTLW/a6kfL9QhCUPLCnxmsGuC94
zOv9SusYEf837eyPP42irfP5kQlVJyIYCP13p1+4B0ES/BfQSNpXxpn48QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+Q/Aan2xkeQ3m2KU8Yfqa2zMj/MB8GA1UdIwQY
MBaAFIW3O5iLAUQo669noY99GZm6I8ZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iODUwZGUtMGM2Yi00ZGMyLWFkOWUt
Y2ZlZGUwOTAwN2FhLzEvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iODUwZGUtMGM2Yi00ZGMyLWFkOWUtY2ZlZGUwOTAwN2Fh
LzEvaGJjN21Jc0JSQ2pycjJlaGozMFptYm9qeGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABUZu6NEU
SfFpR+xs6xT7baOjQPuG++YRak1MqQ0ULNijRC3W0dq8A6msBBRyt3ZIhDlTibIE
XQ7MVKq9cGTCj202x1Op0QJCcPwFAqoyt2rNdd9uztcl9NiViK/9jqmXmn5/vFza
P0mf6ADGchG8P+ryTsfdlb7G5BmuGuGtACKBZM1cOnsupb106XCILCN1I5QtxP0e
SfmUmGm3J0OYQblhY2WJZJN+OJH2znuQBuB9LJO/nyDK3s/srKOv0oi38h5fO4EA
YDQjorVwbT3iw3jYEkCRRqtp+k0qnthz/OSPDEfsKSgTtCmmEmIQhKkMDRAWA+t7
Ym0/4LE6mC/0jg==
-----END CERTIFICATE-----