Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
File:                     hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft (raw, json)
Hash identifier:          hXHua9Ym/G5llmiw4Onf+S37EGxSjwWepErhitRsynk=
Subject key identifier:   DA:93:B7:97:FC:65:ED:3F:4E:C6:08:57:46:C4:FD:41:1A:8E:B4:70
Authority key identifier: 86:5A:F1:8A:8D:80:27:4C:0A:C2:F5:01:B1:6D:69:A4:54:E0:8D:5E
Certificate issuer:       /CN=865af18a8d80274c0ac2f501b16d69a454e08d5e
Certificate serial:       0199FBEB9C21925864374D2200F565F0B5F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
Manifest number:          0AD2
Signing time:             Sun 19 Oct 2025 10:02:26 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:26 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:26 +0000
Files and hashes:         1: hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl (hash: r7LaDq1wEmh0iEM8hqkr7NMriNfICv/7tkXPfK9BJ9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:9c:21:92:58:64:37:4d:22:00:f5:65:f0:b5:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=865af18a8d80274c0ac2f501b16d69a454e08d5e
        Validity
            Not Before: Oct 19 10:02:26 2025 GMT
            Not After : Oct 20 10:02:26 2025 GMT
        Subject: CN=da93b797fc65ed3f4ec6085746c4fd411a8eb470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:50:d8:a7:5c:c6:07:95:fa:01:08:dd:ec:f8:
                    81:51:9d:b8:1c:be:1d:65:08:54:67:9f:96:be:06:
                    d7:50:92:92:26:9e:55:87:44:73:96:62:3f:26:d3:
                    6d:1a:57:03:75:25:a6:42:e9:e9:7b:01:27:4d:1e:
                    47:78:45:cd:d8:aa:bc:44:31:0b:b7:aa:3b:93:31:
                    62:97:ee:bd:82:ca:68:f9:2c:e2:90:1f:d2:f0:03:
                    41:4d:09:41:d2:27:50:b6:db:b4:6c:7c:f0:37:45:
                    6f:cb:1d:8c:f7:ba:76:8d:21:2f:3b:63:fc:b8:c2:
                    e8:ed:f6:1a:e4:ba:fe:cc:45:96:74:83:2c:a9:6a:
                    58:83:86:f3:0f:8c:e8:91:ab:8c:1e:a0:16:42:f3:
                    4f:32:80:8f:05:24:35:4e:6a:c9:de:06:a1:de:0d:
                    41:37:90:82:0f:14:bb:c4:c2:8e:8a:fe:59:da:34:
                    01:70:ed:cf:03:fa:00:ad:98:77:8b:a5:19:6d:8b:
                    7e:fa:64:e2:e7:fd:31:6e:4c:9b:91:09:fa:20:ac:
                    b9:51:d9:f4:3b:c7:2f:1d:29:d2:2e:ca:b7:64:8f:
                    df:8b:e8:8f:e3:b7:11:6d:0a:53:ba:9a:56:88:48:
                    b4:3a:ee:04:0e:fc:97:03:34:24:15:af:c7:11:6d:
                    1f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:93:B7:97:FC:65:ED:3F:4E:C6:08:57:46:C4:FD:41:1A:8E:B4:70
            X509v3 Authority Key Identifier:
                keyid:86:5A:F1:8A:8D:80:27:4C:0A:C2:F5:01:B1:6D:69:A4:54:E0:8D:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlrxio2AJ0wKwvUBsW1ppFTgjV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/c9c800-aefb-44bc-b712-1eea4ea43a2f/1/hlrxio2AJ0wKwvUBsW1ppFTgjV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:39:3f:97:88:61:16:41:92:52:99:7e:b9:28:0d:8b:21:ea:
         91:46:cb:52:6a:da:2a:24:bb:b1:06:09:9d:44:bb:3a:fe:fd:
         23:5e:0d:dd:50:d7:48:13:8e:d0:59:55:49:21:60:ef:86:a5:
         d6:fc:65:65:cf:8b:43:49:23:21:fc:a3:99:f9:3e:6b:38:b5:
         92:6b:f4:76:6c:c0:65:fb:0e:06:ea:f5:42:ce:4e:e5:28:83:
         dc:8a:ad:55:05:7a:e2:b9:11:30:a0:8f:34:99:b1:45:7f:81:
         1e:d9:b4:ac:f7:82:78:17:aa:f5:6c:62:7d:d9:34:9d:93:33:
         19:2d:f2:56:6e:6d:3f:e3:32:0a:a9:e5:6d:93:83:ec:3c:ed:
         c5:d6:92:9a:c2:ae:b0:92:cc:5e:a3:be:42:ab:5b:92:75:61:
         48:75:ef:31:b4:6d:5a:6c:29:f4:7f:fd:98:80:f8:ff:b6:65:
         9f:67:39:df:95:7e:28:08:25:76:1f:ec:6c:dc:20:68:33:ee:
         a1:77:ef:a0:f0:d5:62:b6:94:8f:ca:29:b2:cc:b0:7c:e3:c2:
         ad:1b:34:86:13:8b:e9:12:c7:0b:4a:43:9e:8f:03:56:67:bf:
         b7:49:f8:09:f0:22:aa:e8:01:b2:b1:b2:b7:25:19:f3:be:00:
         8b:b6:1f:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn765whklhkN00iAPVl8LXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NWFmMThhOGQ4MDI3NGMwYWMyZjUwMWIxNmQ2OWE0NTRl
MDhkNWUwHhcNMjUxMDE5MTAwMjI2WhcNMjUxMDIwMTAwMjI2WjAzMTEwLwYDVQQD
EyhkYTkzYjc5N2ZjNjVlZDNmNGVjNjA4NTc0NmM0ZmQ0MTFhOGViNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lDYp1zGB5X6AQjd7PiBUZ24HL4d
ZQhUZ5+WvgbXUJKSJp5Vh0RzlmI/JtNtGlcDdSWmQunpewEnTR5HeEXN2Kq8RDEL
t6o7kzFil+69gspo+SzikB/S8ANBTQlB0idQttu0bHzwN0Vvyx2M97p2jSEvO2P8
uMLo7fYa5Lr+zEWWdIMsqWpYg4bzD4zokauMHqAWQvNPMoCPBSQ1TmrJ3gah3g1B
N5CCDxS7xMKOiv5Z2jQBcO3PA/oArZh3i6UZbYt++mTi5/0xbkybkQn6IKy5Udn0
O8cvHSnSLsq3ZI/fi+iP47cRbQpTuppWiEi0Ou4EDvyXAzQkFa/HEW0f0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqTt5f8Ze0/TsYIV0bE/UEajrRwMB8GA1UdIwQY
MBaAFIZa8YqNgCdMCsL1AbFtaaRU4I1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jOWM4MDAtYWVmYi00NGJjLWI3MTIt
MWVlYTRlYTQzYTJmLzEvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jOWM4MDAtYWVmYi00NGJjLWI3MTItMWVlYTRlYTQzYTJm
LzEvaGxyeGlvMkFKMHdLd3ZVQnNXMXBwRlRnalY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjk/l4hh
FkGSUpl+uSgNiyHqkUbLUmraKiS7sQYJnUS7Ov79I14N3VDXSBOO0FlVSSFg74al
1vxlZc+LQ0kjIfyjmfk+azi1kmv0dmzAZfsOBur1Qs5O5SiD3IqtVQV64rkRMKCP
NJmxRX+BHtm0rPeCeBeq9Wxifdk0nZMzGS3yVm5tP+MyCqnlbZOD7DztxdaSmsKu
sJLMXqO+QqtbknVhSHXvMbRtWmwp9H/9mID4/7Zln2c535V+KAgldh/sbNwgaDPu
oXfvoPDVYraUj8opssywfOPCrRs0hhOL6RLHC0pDno8DVme/t0n4CfAiqugBsrGy
tyUZ874Ai7Yfrg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:29 2025 by rpki-client