Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          oQj1GS5fZ54hfARAeXqgJz38+NNH8pTrzORdQxVm3Ag=
Subject key identifier:   D1:C1:1E:40:8C:44:DB:97:10:4A:4E:91:23:30:36:DF:C6:2A:EA:43
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       0199FBEBD23B2E962A97D347453394D7BEE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0AAE
Signing time:             Sun 19 Oct 2025 10:02:39 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:39 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:39 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: V6H8ChN15LLFkEwyccdGcIdvO0zrBe2yu3Tw9V1OLMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:d2:3b:2e:96:2a:97:d3:47:45:33:94:d7:be:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Oct 19 10:02:39 2025 GMT
            Not After : Oct 20 10:02:39 2025 GMT
        Subject: CN=d1c11e408c44db97104a4e91233036dfc62aea43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:52:20:39:6a:d4:cc:2d:5a:e3:f7:23:b7:58:
                    6a:f5:e1:a7:b8:59:92:5a:8d:ab:08:e9:52:cd:2e:
                    ab:ac:42:c2:90:55:af:9e:e8:c2:31:10:a6:c3:61:
                    9e:d9:86:5d:3f:6a:83:1e:4f:de:88:e2:6a:fe:14:
                    b8:f4:51:05:90:01:41:8a:5e:d6:2a:bd:36:31:a8:
                    2d:6a:0c:a6:a4:07:5b:ae:28:13:7b:9f:65:b4:3e:
                    16:43:37:92:6a:9b:5f:5a:26:6c:77:3a:2f:9e:57:
                    05:9d:2e:d0:11:64:ca:92:76:16:d0:5b:74:62:53:
                    50:68:2b:91:94:db:3a:ff:32:f4:07:10:80:ad:10:
                    4d:f2:dd:14:21:be:30:21:8e:90:37:cb:76:cf:4d:
                    8e:04:dd:a4:9f:b8:09:f6:27:ca:b1:74:dd:f8:d7:
                    a3:e5:b4:89:2c:ab:34:62:7d:e1:03:88:c2:5e:a7:
                    d6:f9:85:29:8b:88:4c:ab:ef:7e:49:cf:36:a5:f6:
                    97:7d:df:a0:b3:3b:33:14:a4:15:21:4b:34:a0:02:
                    a4:76:be:d3:82:06:36:f1:15:8e:c3:e3:c9:9a:ab:
                    9f:b1:a9:0f:f2:ea:0c:d4:83:54:c9:01:88:c9:a4:
                    28:f9:55:21:35:67:ae:a5:47:88:2e:ca:d5:08:3d:
                    e8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C1:1E:40:8C:44:DB:97:10:4A:4E:91:23:30:36:DF:C6:2A:EA:43
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ba:6f:22:45:fc:1b:66:09:06:96:cc:70:e3:9a:f6:64:be:
         49:c1:cb:37:ac:54:39:e1:13:4c:07:ee:93:64:69:fe:d4:15:
         a3:87:e1:06:52:e8:2a:85:44:d2:13:b0:1b:f1:3f:93:ba:75:
         57:89:6c:a0:76:fd:07:d3:ee:76:18:be:89:8d:b7:74:4b:6e:
         21:60:1a:6a:5c:df:be:43:5d:0f:25:de:11:01:5a:43:a9:96:
         69:71:b7:53:f0:45:0d:dd:eb:8e:62:a5:d4:80:d1:f4:c3:cd:
         aa:7a:7c:be:85:6a:5f:f0:a6:b6:54:75:93:87:0b:d5:65:c6:
         ed:d7:a2:25:0f:55:d3:1d:7e:11:84:d6:77:bb:3d:19:db:c7:
         47:ef:3c:d3:ac:a1:2b:d3:65:62:0b:ec:b1:b7:3d:71:1c:c9:
         17:46:9a:c6:76:b5:17:5f:d9:46:71:a0:d9:03:21:43:f5:33:
         e2:b2:c8:2b:42:eb:f3:1b:30:60:db:de:17:af:81:41:96:2f:
         e7:4f:e4:12:bd:ed:01:c5:89:08:4b:d4:e8:a1:6b:ff:14:ac:
         67:de:42:38:a9:39:69:1e:0a:3a:6b:72:c6:17:e8:bb:3b:6b:
         d2:0d:d0:fe:0b:47:3c:7c:e8:70:16:91:b9:9d:bf:78:b8:ed:
         cd:59:8d:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769I7LpYql9NHRTOU177nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUxMDE5MTAwMjM5WhcNMjUxMDIwMTAwMjM5WjAzMTEwLwYDVQQD
EyhkMWMxMWU0MDhjNDRkYjk3MTA0YTRlOTEyMzMwMzZkZmM2MmFlYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlIgOWrUzC1a4/cjt1hq9eGnuFmS
Wo2rCOlSzS6rrELCkFWvnujCMRCmw2Ge2YZdP2qDHk/eiOJq/hS49FEFkAFBil7W
Kr02MagtagympAdbrigTe59ltD4WQzeSaptfWiZsdzovnlcFnS7QEWTKknYW0Ft0
YlNQaCuRlNs6/zL0BxCArRBN8t0UIb4wIY6QN8t2z02OBN2kn7gJ9ifKsXTd+Nej
5bSJLKs0Yn3hA4jCXqfW+YUpi4hMq+9+Sc82pfaXfd+gszszFKQVIUs0oAKkdr7T
ggY28RWOw+PJmqufsakP8uoM1INUyQGIyaQo+VUhNWeupUeILsrVCD3otQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHBHkCMRNuXEEpOkSMwNt/GKupDMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbpvIkX8
G2YJBpbMcOOa9mS+ScHLN6xUOeETTAfuk2Rp/tQVo4fhBlLoKoVE0hOwG/E/k7p1
V4lsoHb9B9Pudhi+iY23dEtuIWAaalzfvkNdDyXeEQFaQ6mWaXG3U/BFDd3rjmKl
1IDR9MPNqnp8voVqX/CmtlR1k4cL1WXG7deiJQ9V0x1+EYTWd7s9GdvHR+8806yh
K9NlYgvssbc9cRzJF0aaxna1F1/ZRnGg2QMhQ/Uz4rLIK0Lr8xswYNveF6+BQZYv
50/kEr3tAcWJCEvU6KFr/xSsZ95COKk5aR4KOmtyxhfouztr0g3Q/gtHPHzocBaR
uZ2/eLjtzVmN4g==
-----END CERTIFICATE-----