Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          RW2SEEMDNCLo20QLVHMpf861yTimYAvG+P9KAiwv4eY=
Subject key identifier:   B9:74:47:74:EB:89:0C:D1:4C:08:DC:A6:BC:D8:32:E2:D2:C1:84:38
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       0198D4E072FD9E08BF716E0AF1BFBF4E408A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          02A0
Signing time:             Sat 23 Aug 2025 03:02:15 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:15 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:15 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: QliM8FZfN+q/32GKQkq7mcf5GtWvQ6OmyEeplf6MMJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:72:fd:9e:08:bf:71:6e:0a:f1:bf:bf:4e:40:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Aug 23 03:02:15 2025 GMT
            Not After : Aug 24 03:02:15 2025 GMT
        Subject: CN=b9744774eb890cd14c08dca6bcd832e2d2c18438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d3:c3:5b:58:2d:fc:ef:6e:a1:13:c4:fa:7a:
                    0e:4e:e0:ae:ca:0a:b2:89:46:56:3c:ea:33:99:5b:
                    71:ae:63:42:91:55:c7:ef:57:14:22:7f:19:48:77:
                    08:bc:8e:d1:43:e8:dc:79:dc:16:ff:4a:8f:e0:2c:
                    4f:75:bb:66:63:a7:5f:2f:49:69:1a:d3:6a:04:30:
                    ec:12:59:32:10:a2:80:f7:86:b0:7a:4a:ac:25:30:
                    d9:e7:29:f2:59:6c:95:a7:d7:0a:01:33:47:ca:2f:
                    df:36:4e:4c:cc:48:35:3d:f1:ca:57:5c:ea:00:78:
                    f0:a3:81:21:09:48:c2:47:db:c6:b2:d7:65:8d:8b:
                    d8:10:58:8b:d8:99:9e:65:b2:00:33:38:47:33:96:
                    6f:9c:2c:eb:ce:47:2d:90:e8:0e:eb:3b:5e:da:06:
                    aa:70:8c:ef:e3:87:e3:cc:4b:f5:a4:66:b6:d0:9c:
                    9f:25:15:f8:8f:68:44:70:59:24:6f:42:e9:ff:50:
                    85:91:14:6c:a0:7c:d0:f9:24:a5:6f:a9:ee:48:88:
                    d9:e5:49:0d:a1:e1:2b:1b:a7:af:8d:b6:4c:e4:4c:
                    7e:d6:01:1a:16:95:e3:02:23:27:89:1a:ee:63:2c:
                    2e:e0:69:40:be:b3:89:96:d8:7f:9e:12:c2:2b:b5:
                    73:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:74:47:74:EB:89:0C:D1:4C:08:DC:A6:BC:D8:32:E2:D2:C1:84:38
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:4b:65:a3:cc:26:c5:6a:c8:b6:29:94:ea:38:dc:1a:02:eb:
         c3:c8:f8:3f:be:1f:ef:7d:fb:72:11:a9:34:e0:9b:37:2a:1c:
         68:83:f7:19:f0:85:ea:e5:74:2e:83:19:f0:83:dc:a6:71:13:
         f6:f3:df:81:a7:4e:44:f0:37:f6:0d:6d:6b:5b:e9:6d:a6:8b:
         38:da:8f:b0:d5:ae:6f:45:33:29:24:db:3b:1b:9b:75:c2:20:
         53:58:de:2f:69:c2:c9:6c:ff:a3:23:cc:45:49:d5:65:f6:50:
         42:06:5f:19:e4:92:c7:1c:58:66:5b:da:be:56:37:ec:76:e6:
         48:c3:83:58:64:e3:ea:bb:d9:03:5a:2e:86:3e:f9:dd:f3:bd:
         88:43:97:a1:48:3c:52:00:c6:5c:c7:74:58:64:c4:0d:3c:cf:
         58:4e:ea:4d:a4:aa:40:ae:e4:3f:5b:23:7a:f3:15:06:06:7c:
         63:7b:32:f9:76:ff:ce:b9:e4:64:63:ea:2a:9a:b7:46:fc:33:
         d2:d9:09:88:28:cb:a7:2b:51:c1:7d:04:d3:a9:06:c4:05:0d:
         5e:3b:e9:28:ec:30:36:cb:58:1d:f0:44:e6:f8:e2:3f:f2:fb:
         c0:35:e2:8f:75:68:4d:00:af:fa:f3:ff:ef:04:a0:d7:90:6a:
         5b:13:ea:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4HL9ngi/cW4K8b+/TkCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUwODIzMDMwMjE1WhcNMjUwODI0MDMwMjE1WjAzMTEwLwYDVQQD
EyhiOTc0NDc3NGViODkwY2QxNGMwOGRjYTZiY2Q4MzJlMmQyYzE4NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutPDW1gt/O9uoRPE+noOTuCuygqy
iUZWPOozmVtxrmNCkVXH71cUIn8ZSHcIvI7RQ+jcedwW/0qP4CxPdbtmY6dfL0lp
GtNqBDDsElkyEKKA94awekqsJTDZ5ynyWWyVp9cKATNHyi/fNk5MzEg1PfHKV1zq
AHjwo4EhCUjCR9vGstdljYvYEFiL2JmeZbIAMzhHM5ZvnCzrzkctkOgO6zte2gaq
cIzv44fjzEv1pGa20JyfJRX4j2hEcFkkb0Lp/1CFkRRsoHzQ+SSlb6nuSIjZ5UkN
oeErG6evjbZM5Ex+1gEaFpXjAiMniRruYywu4GlAvrOJlth/nhLCK7VzmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLl0R3TriQzRTAjcprzYMuLSwYQ4MB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEtlo8wm
xWrItimU6jjcGgLrw8j4P74f7337chGpNOCbNyocaIP3GfCF6uV0LoMZ8IPcpnET
9vPfgadORPA39g1ta1vpbaaLONqPsNWub0UzKSTbOxubdcIgU1jeL2nCyWz/oyPM
RUnVZfZQQgZfGeSSxxxYZlvavlY37HbmSMODWGTj6rvZA1ouhj753fO9iEOXoUg8
UgDGXMd0WGTEDTzPWE7qTaSqQK7kP1sjevMVBgZ8Y3sy+Xb/zrnkZGPqKpq3Rvwz
0tkJiCjLpytRwX0E06kGxAUNXjvpKOwwNstYHfBE5vjiP/L7wDXij3VoTQCv+vP/
7wSg15BqWxPqHg==
-----END CERTIFICATE-----