Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          mVhObSNxctUt38V3QXPYvtD7efq010uJiWzMrCejVs4=
Subject key identifier:   4B:9B:0C:1E:24:48:48:D7:AF:EF:23:12:66:C7:E4:FB:8D:0A:31:7F
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       0198D4745372AC7B8D10CED3D899B0D97630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0A15
Signing time:             Sat 23 Aug 2025 01:04:09 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:09 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:09 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: sr78BrZ5tEpzWGto8uzw9GRtYNjg+x19qZ4UbgaibfI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:53:72:ac:7b:8d:10:ce:d3:d8:99:b0:d9:76:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Aug 23 01:04:09 2025 GMT
            Not After : Aug 24 01:04:09 2025 GMT
        Subject: CN=4b9b0c1e244848d7afef231266c7e4fb8d0a317f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fd:91:eb:3f:2f:f3:39:7f:0f:98:4b:c7:4a:
                    50:4c:51:f9:cc:ec:32:46:25:8d:93:02:2f:13:a7:
                    ee:0c:0a:eb:53:fc:6f:98:5f:53:52:cb:fc:26:5c:
                    5b:8e:9e:10:f3:0d:28:27:5a:29:f6:6b:96:ea:a4:
                    a0:15:6b:0a:60:6f:95:d5:1a:1a:10:38:1b:c8:a1:
                    9c:6b:44:67:d4:97:e1:da:87:29:9c:5d:47:f6:23:
                    dd:6c:22:4f:ca:df:7a:8d:c8:18:48:21:af:e4:39:
                    9e:a3:d8:9a:3e:7f:6a:22:45:33:0b:ca:55:0a:c9:
                    4d:55:55:24:fd:70:ff:7e:9b:03:5a:4b:f7:30:4e:
                    8a:d2:d2:dc:32:94:66:6f:c1:1f:f4:a4:98:40:39:
                    7c:39:f0:e2:e4:83:45:c3:2c:c8:d7:4c:e1:0c:bd:
                    8e:0e:57:86:3c:9e:18:c3:69:1e:de:57:ba:03:16:
                    a5:9e:47:24:91:ae:9b:0f:63:b1:68:bd:87:28:0d:
                    72:bd:84:5b:44:90:07:b2:b0:c8:85:df:0d:2b:29:
                    42:9d:23:32:98:77:34:ba:96:4a:2e:e3:75:14:46:
                    a9:9a:a8:34:b3:7e:06:2a:42:62:76:1f:63:30:ba:
                    2d:20:a7:e1:d4:62:ae:8e:58:52:20:36:38:4a:3f:
                    88:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9B:0C:1E:24:48:48:D7:AF:EF:23:12:66:C7:E4:FB:8D:0A:31:7F
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:9d:b0:2b:7b:53:69:19:6d:87:8f:f7:59:73:d7:10:bc:d6:
         a6:e7:3f:3a:a8:ec:4f:49:fd:01:53:1c:f9:2e:9e:fa:c5:5e:
         94:36:80:39:0e:00:df:49:c8:09:79:e5:ed:b1:f5:5a:bf:68:
         a2:bf:9a:b3:9d:b0:da:0e:21:7b:54:fb:34:9e:81:c8:ec:10:
         b1:76:f6:34:fd:8c:5e:f2:14:42:6a:03:37:5d:97:8a:75:ff:
         7c:1a:bc:81:dc:86:7d:a6:d0:61:1f:ce:23:a3:54:d8:88:37:
         b6:4b:e5:92:43:33:71:2b:ba:8d:4a:19:10:57:3e:b4:52:76:
         f7:58:71:f2:d4:d8:f9:18:d5:92:bc:1e:3a:17:d0:83:37:64:
         ab:07:6f:ff:10:5d:5c:5e:b3:6f:d1:ca:6b:a4:42:f8:3f:31:
         ae:82:88:62:9a:23:7b:9a:8c:87:41:3e:fe:7a:8b:bf:e0:75:
         a7:f8:e5:4f:eb:2f:90:b9:55:82:84:24:eb:d1:af:bd:cd:10:
         ca:e2:2c:8a:7b:08:bf:fb:65:8a:c8:ff:2c:37:8f:4d:d7:de:
         1f:f3:35:b9:c2:3e:98:7e:52:fc:2a:92:62:cd:c7:c3:45:61:
         4a:18:2e:6d:52:d2:90:4b:7c:ae:0b:d7:08:87:ad:a5:0b:7a:
         6b:ff:46:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdFNyrHuNEM7T2Jmw2XYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUwODIzMDEwNDA5WhcNMjUwODI0MDEwNDA5WjAzMTEwLwYDVQQD
Eyg0YjliMGMxZTI0NDg0OGQ3YWZlZjIzMTI2NmM3ZTRmYjhkMGEzMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP2R6z8v8zl/D5hLx0pQTFH5zOwy
RiWNkwIvE6fuDArrU/xvmF9TUsv8Jlxbjp4Q8w0oJ1op9muW6qSgFWsKYG+V1Roa
EDgbyKGca0Rn1Jfh2ocpnF1H9iPdbCJPyt96jcgYSCGv5Dmeo9iaPn9qIkUzC8pV
CslNVVUk/XD/fpsDWkv3ME6K0tLcMpRmb8Ef9KSYQDl8OfDi5INFwyzI10zhDL2O
DleGPJ4Yw2ke3le6Axalnkckka6bD2OxaL2HKA1yvYRbRJAHsrDIhd8NKylCnSMy
mHc0upZKLuN1FEapmqg0s34GKkJidh9jMLotIKfh1GKujlhSIDY4Sj+IqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEubDB4kSEjXr+8jEmbH5PuNCjF/MB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZ2wK3tT
aRlth4/3WXPXELzWpuc/OqjsT0n9AVMc+S6e+sVelDaAOQ4A30nICXnl7bH1Wr9o
or+as52w2g4he1T7NJ6ByOwQsXb2NP2MXvIUQmoDN12XinX/fBq8gdyGfabQYR/O
I6NU2Ig3tkvlkkMzcSu6jUoZEFc+tFJ291hx8tTY+RjVkrweOhfQgzdkqwdv/xBd
XF6zb9HKa6RC+D8xroKIYpoje5qMh0E+/nqLv+B1p/jlT+svkLlVgoQk69Gvvc0Q
yuIsinsIv/tlisj/LDePTdfeH/M1ucI+mH5S/CqSYs3Hw0VhShgubVLSkEt8rgvX
CIetpQt6a/9GVQ==
-----END CERTIFICATE-----