Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          90qwiG3UWr4ae/jmxwEI8SO/JZEHP7UkJ4gDmblSC80=
Subject key identifier:   D7:24:BE:47:56:E8:25:14:98:EA:42:D4:DA:47:90:CF:0B:1E:5B:EE
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       0199FE473DF934A21BCB58EE7C20F9664F97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0BCA
Signing time:             Sun 19 Oct 2025 21:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:45 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: h3rrPDtdAFuf/fvb7FEZ6vqmYpRpZtav41WfA+oPYtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:3d:f9:34:a2:1b:cb:58:ee:7c:20:f9:66:4f:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Oct 19 21:01:45 2025 GMT
            Not After : Oct 20 21:01:45 2025 GMT
        Subject: CN=d724be4756e8251498ea42d4da4790cf0b1e5bee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:bc:5a:be:a9:4e:60:79:9b:92:d9:32:4b:fa:
                    9a:6c:85:29:48:82:88:e1:d3:9f:42:98:65:b0:7d:
                    84:b4:45:a7:c7:85:93:2a:c0:87:d4:5c:08:eb:66:
                    cf:e6:8f:16:f7:45:fe:21:6a:ec:cb:25:9b:52:8b:
                    16:87:03:70:d4:90:01:f0:c3:4c:02:15:fd:e5:4b:
                    b0:30:ca:bf:3c:33:99:0e:98:97:b1:77:c8:bf:c2:
                    2c:63:4e:fa:04:22:ac:5b:4e:fa:90:f2:ad:cc:3f:
                    9a:27:30:14:c4:8c:2b:5c:6a:ec:d7:92:32:66:3b:
                    a9:56:94:26:9e:7a:8d:29:2a:79:dd:2a:87:27:91:
                    78:b8:8b:f0:58:dc:4a:27:3f:04:94:89:cb:4d:06:
                    51:05:a4:47:0c:7a:80:32:19:34:1f:cd:c2:f1:f4:
                    a4:89:5f:e3:a7:85:c6:34:31:54:5f:0f:97:d8:05:
                    d3:4d:bb:e2:7b:a6:8e:38:85:6e:1a:24:38:7f:d5:
                    a0:29:55:3b:4e:a1:fb:81:63:00:02:ef:f1:5d:c1:
                    a4:3c:38:76:a7:cd:43:35:0e:2d:8e:d0:c8:19:8f:
                    f3:3a:32:cf:b0:43:2e:59:a7:f8:a6:56:e6:51:1c:
                    df:b4:4f:30:7c:f2:7f:55:01:0a:26:46:63:42:38:
                    ac:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:24:BE:47:56:E8:25:14:98:EA:42:D4:DA:47:90:CF:0B:1E:5B:EE
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:5a:35:13:6e:47:80:4c:cb:52:16:32:26:d2:e2:c0:47:35:
         c6:1a:08:6e:be:ce:0a:a9:e7:7a:31:e7:6a:ba:9a:28:0c:5e:
         b1:fd:93:88:63:c9:30:a0:90:61:27:2d:78:9c:62:eb:7f:e6:
         6b:60:30:9d:36:27:8a:38:26:c1:2e:7a:33:f9:c8:d8:76:a3:
         62:dd:5c:b1:0c:05:3a:58:76:58:16:45:87:53:19:eb:61:44:
         49:7d:15:0e:c2:93:94:91:c3:1c:54:a5:94:c2:a2:01:cf:96:
         72:11:ed:b2:5f:cd:36:2a:b6:9c:2d:cc:ad:c0:1b:fb:87:0f:
         98:03:d4:bf:95:6d:9e:19:e6:1e:17:d6:f1:36:d7:c6:86:63:
         2b:3d:bf:7f:43:ec:5a:09:07:79:26:8f:70:06:f3:5b:c4:e8:
         19:d0:36:da:dd:da:1e:a3:a0:6e:3e:e5:91:b8:69:ca:95:81:
         5e:8e:d9:68:42:d8:f4:17:17:dc:7c:d7:17:69:02:35:fd:01:
         90:db:1d:03:19:30:12:f9:2d:01:79:8c:fa:27:0c:cd:2a:b9:
         c9:1b:db:54:71:61:5c:07:f5:e2:16:2a:2b:bf:47:d5:89:59:
         e5:f4:30:4c:a0:91:d0:8c:9c:55:0b:00:9c:d1:4d:67:5c:1e:
         04:ad:59:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+Rz35NKIby1jufCD5Zk+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjUxMDE5MjEwMTQ1WhcNMjUxMDIwMjEwMTQ1WjAzMTEwLwYDVQQD
EyhkNzI0YmU0NzU2ZTgyNTE0OThlYTQyZDRkYTQ3OTBjZjBiMWU1YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7xavqlOYHmbktkyS/qabIUpSIKI
4dOfQphlsH2EtEWnx4WTKsCH1FwI62bP5o8W90X+IWrsyyWbUosWhwNw1JAB8MNM
AhX95UuwMMq/PDOZDpiXsXfIv8IsY076BCKsW076kPKtzD+aJzAUxIwrXGrs15Iy
ZjupVpQmnnqNKSp53SqHJ5F4uIvwWNxKJz8ElInLTQZRBaRHDHqAMhk0H83C8fSk
iV/jp4XGNDFUXw+X2AXTTbvie6aOOIVuGiQ4f9WgKVU7TqH7gWMAAu/xXcGkPDh2
p81DNQ4tjtDIGY/zOjLPsEMuWaf4plbmURzftE8wfPJ/VQEKJkZjQjisGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNckvkdW6CUUmOpC1NpHkM8LHlvuMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjFo1E25H
gEzLUhYyJtLiwEc1xhoIbr7OCqnnejHnarqaKAxesf2TiGPJMKCQYScteJxi63/m
a2AwnTYnijgmwS56M/nI2HajYt1csQwFOlh2WBZFh1MZ62FESX0VDsKTlJHDHFSl
lMKiAc+WchHtsl/NNiq2nC3MrcAb+4cPmAPUv5VtnhnmHhfW8TbXxoZjKz2/f0Ps
WgkHeSaPcAbzW8ToGdA22t3aHqOgbj7lkbhpypWBXo7ZaELY9BcX3HzXF2kCNf0B
kNsdAxkwEvktAXmM+icMzSq5yRvbVHFhXAf14hYqK79H1YlZ5fQwTKCR0IycVQsA
nNFNZ1weBK1Zhg==
-----END CERTIFICATE-----