Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          QYkfrUj5Jjcs5nRvITslV88x3A2bIa2g1y+EqFBSw2U=
Subject key identifier:   C0:80:B6:B7:7E:FF:2E:A1:AC:C4:E1:BE:CA:9D:01:AA:F8:45:B7:B1
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       0198D4E038FA8C88D29A4A67AACDB135BB17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0B30
Signing time:             Sat 23 Aug 2025 03:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:01 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: sl6lybQrRuclveZCBHyATRiEmIPgvw4ecyXPfAGd7RY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:38:fa:8c:88:d2:9a:4a:67:aa:cd:b1:35:bb:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Aug 23 03:02:01 2025 GMT
            Not After : Aug 24 03:02:01 2025 GMT
        Subject: CN=c080b6b77eff2ea1acc4e1beca9d01aaf845b7b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:3a:41:54:40:99:03:4e:88:e1:e8:d7:e0:21:
                    9a:d5:7d:fa:96:af:40:d1:71:e0:fa:8a:2b:6f:16:
                    60:dc:51:c1:b5:24:f4:65:56:98:44:47:6e:01:bd:
                    97:36:7c:9f:6d:80:db:73:12:d9:a9:1a:41:a7:6f:
                    4a:3d:1c:96:7c:1e:7b:91:8e:cf:9e:56:ce:1a:23:
                    29:61:c2:bd:78:52:82:0c:3d:ff:1e:4d:93:45:85:
                    44:75:0a:44:8a:71:be:a7:46:40:cd:1f:91:c0:55:
                    20:7d:b2:06:6c:35:a5:4a:aa:d5:93:58:81:c1:0c:
                    f2:b8:03:26:22:69:7c:44:55:6a:e3:86:ec:05:1d:
                    bf:3e:0f:b5:fc:79:15:d8:90:0b:78:16:44:11:b2:
                    78:ba:dc:5c:4f:8a:47:b4:d9:2d:67:5e:dc:cd:0e:
                    e0:30:1c:e5:ad:bb:39:78:6b:f0:35:e1:82:26:8c:
                    1c:73:7c:70:a0:28:e0:a4:34:19:f5:59:4c:64:a1:
                    38:e6:86:5a:08:4b:36:0c:82:de:42:81:a8:40:0b:
                    34:77:28:e4:44:98:ec:9d:79:a1:72:29:3e:35:82:
                    9c:e9:c8:62:ea:71:a6:f1:6d:31:b5:00:64:30:51:
                    46:4d:5d:de:a1:00:04:df:e6:69:0b:52:fe:7c:36:
                    d7:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:80:B6:B7:7E:FF:2E:A1:AC:C4:E1:BE:CA:9D:01:AA:F8:45:B7:B1
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:cf:bd:0f:f0:9e:31:7f:4e:25:c8:1d:42:e6:d4:6e:72:4d:
         8f:c1:66:51:43:d6:11:51:22:ff:a4:da:46:e5:bb:7a:6f:37:
         e3:78:e9:54:05:c8:40:29:73:b7:9f:2b:5c:6f:c3:0e:07:67:
         9c:90:bb:49:fd:d4:f9:b6:4a:85:c4:1a:29:c7:6b:01:ac:20:
         10:c4:91:4b:93:28:c4:3e:7e:46:24:ee:38:99:c5:ff:75:ca:
         f5:7b:6b:e9:30:e1:40:ca:2a:48:a6:ac:20:ea:43:2f:ca:4f:
         01:c1:7b:a5:3f:a4:93:3e:39:1c:62:02:97:d0:e3:49:43:9f:
         78:c1:0d:50:21:5f:95:17:2b:c2:48:59:96:c8:47:13:43:0e:
         b9:32:b9:5a:52:6e:d8:de:86:d5:13:d1:7c:e2:c0:6d:f9:8f:
         dc:40:c0:f9:6c:eb:f8:0c:cc:7e:ad:60:bc:86:34:24:61:74:
         28:d4:78:9f:33:f8:56:1e:28:d9:39:21:39:42:4f:e9:1c:f0:
         d5:92:da:10:46:af:08:53:77:fb:e0:43:f0:f0:61:f0:cd:df:
         99:f8:26:15:97:02:c1:3c:8c:90:1d:ee:7d:db:6b:a3:48:d1:
         34:00:a2:35:6b:50:bd:aa:af:f7:a5:d6:4d:da:a1:12:17:7d:
         99:f0:c2:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4Dj6jIjSmkpnqs2xNbsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjUwODIzMDMwMjAxWhcNMjUwODI0MDMwMjAxWjAzMTEwLwYDVQQD
EyhjMDgwYjZiNzdlZmYyZWExYWNjNGUxYmVjYTlkMDFhYWY4NDViN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DpBVECZA06I4ejX4CGa1X36lq9A
0XHg+oorbxZg3FHBtST0ZVaYREduAb2XNnyfbYDbcxLZqRpBp29KPRyWfB57kY7P
nlbOGiMpYcK9eFKCDD3/Hk2TRYVEdQpEinG+p0ZAzR+RwFUgfbIGbDWlSqrVk1iB
wQzyuAMmIml8RFVq44bsBR2/Pg+1/HkV2JALeBZEEbJ4utxcT4pHtNktZ17czQ7g
MBzlrbs5eGvwNeGCJowcc3xwoCjgpDQZ9VlMZKE45oZaCEs2DILeQoGoQAs0dyjk
RJjsnXmhcik+NYKc6chi6nGm8W0xtQBkMFFGTV3eoQAE3+ZpC1L+fDbXzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCAtrd+/y6hrMThvsqdAar4RbexMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcc+9D/Ce
MX9OJcgdQubUbnJNj8FmUUPWEVEi/6TaRuW7em8343jpVAXIQClzt58rXG/DDgdn
nJC7Sf3U+bZKhcQaKcdrAawgEMSRS5MoxD5+RiTuOJnF/3XK9Xtr6TDhQMoqSKas
IOpDL8pPAcF7pT+kkz45HGICl9DjSUOfeMENUCFflRcrwkhZlshHE0MOuTK5WlJu
2N6G1RPRfOLAbfmP3EDA+Wzr+AzMfq1gvIY0JGF0KNR4nzP4Vh4o2TkhOUJP6Rzw
1ZLaEEavCFN3++BD8PBh8M3fmfgmFZcCwTyMkB3ufdtro0jRNACiNWtQvaqv96XW
TdqhEhd9mfDC6A==
-----END CERTIFICATE-----