Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          TIHwHl5K9ZR1544uUM4xrslx8V0z8dtUPjqoZqYTrfw=
Subject key identifier:   8A:FF:98:0C:82:B7:25:FF:CB:27:B2:AE:60:8C:10:0C:A9:2E:4C:B2
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       0199FFC73BAA7767F5CC890956EF20B03F56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          0518
Signing time:             Mon 20 Oct 2025 04:01:10 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:10 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:10 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: Z0jRy4yL9OJQu50MWLLnyA0IRMTWFPaKHgmsI7cluYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:3b:aa:77:67:f5:cc:89:09:56:ef:20:b0:3f:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Oct 20 04:01:10 2025 GMT
            Not After : Oct 21 04:01:10 2025 GMT
        Subject: CN=8aff980c82b725ffcb27b2ae608c100ca92e4cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7e:f8:41:c6:8f:c5:0f:c2:55:4d:ba:96:cd:
                    d9:97:64:45:97:4b:7d:a9:f3:2a:78:cd:ec:6e:e5:
                    e4:6f:09:8f:8c:e3:30:4b:c5:d3:59:8c:8f:54:ee:
                    02:81:d7:32:32:30:6c:7a:09:06:7b:a2:34:8e:f2:
                    7b:84:93:75:e3:7d:38:5b:4e:52:21:b1:50:5f:1e:
                    c8:2b:46:e2:1f:d9:05:5d:ba:7f:db:fb:c1:08:60:
                    fd:a6:14:db:48:e2:cb:af:50:37:40:f8:ae:6a:a5:
                    fd:ee:76:f2:13:bb:f2:e1:3d:b0:9a:34:8e:eb:1c:
                    4c:fb:0d:38:e7:c7:26:78:ad:38:97:23:90:d5:85:
                    bb:0b:82:eb:e0:71:cc:b3:71:7d:a2:c8:fc:11:18:
                    1b:15:c0:3d:4a:cb:ff:78:b4:15:f0:be:85:c8:a6:
                    70:01:61:d5:4c:1c:ba:10:74:80:c1:ab:bd:f3:74:
                    a7:66:20:7e:38:13:a6:d4:92:ec:8a:c4:70:d1:f8:
                    60:c0:03:d5:04:fe:d1:82:99:57:75:1a:fc:59:1c:
                    1e:7a:06:0f:6e:1e:f1:5a:b9:fa:a5:f3:68:24:a8:
                    bc:47:3a:0c:06:ec:af:c3:d1:e4:f8:c1:b6:34:37:
                    52:0d:8f:fc:f2:8c:90:f9:c9:70:2c:a1:df:5a:00:
                    3a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:FF:98:0C:82:B7:25:FF:CB:27:B2:AE:60:8C:10:0C:A9:2E:4C:B2
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:25:83:db:ab:8e:98:8f:ab:5c:72:0d:bb:19:7a:27:8f:b1:
         40:c6:04:4a:13:5e:2f:85:ff:cd:db:7c:85:4f:60:f8:3c:7c:
         87:59:b6:b7:61:bb:4e:b7:2a:62:a9:08:4c:db:63:b2:39:d9:
         85:16:08:f2:9c:a7:59:38:70:b9:8c:a3:f1:36:80:8f:33:90:
         f4:08:6c:6f:0c:ee:2b:27:a1:40:96:8f:76:1c:17:98:22:c6:
         a0:ec:08:24:29:0c:9f:42:a3:52:14:07:52:0c:97:de:f6:ca:
         65:2b:04:dd:f9:9b:b8:d2:e3:8b:f1:3a:7a:ff:69:a8:c8:6a:
         df:a4:84:89:6a:0c:89:0c:c9:c4:2a:23:ca:34:53:a7:7b:7c:
         d4:d4:95:ae:16:e9:aa:2a:77:d4:e4:62:0d:70:e2:a5:e8:7b:
         8e:67:b2:0e:88:66:65:2c:fe:09:0c:c4:4d:d2:05:df:27:92:
         de:26:92:ac:c4:13:86:9e:7c:a3:de:e3:78:c4:a9:f5:92:fa:
         52:71:65:c1:e6:9f:9a:a6:bd:99:20:ff:e4:5a:80:13:18:10:
         85:d8:1b:0c:05:ff:75:31:94:4a:72:fe:ce:e8:66:ee:00:9f:
         72:35:48:88:7b:83:33:ab:92:a2:8d:4d:20:c3:8f:c8:e4:ce:
         bb:8f:91:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xzuqd2f1zIkJVu8gsD9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjUxMDIwMDQwMTEwWhcNMjUxMDIxMDQwMTEwWjAzMTEwLwYDVQQD
Eyg4YWZmOTgwYzgyYjcyNWZmY2IyN2IyYWU2MDhjMTAwY2E5MmU0Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn74QcaPxQ/CVU26ls3Zl2RFl0t9
qfMqeM3sbuXkbwmPjOMwS8XTWYyPVO4CgdcyMjBsegkGe6I0jvJ7hJN14304W05S
IbFQXx7IK0biH9kFXbp/2/vBCGD9phTbSOLLr1A3QPiuaqX97nbyE7vy4T2wmjSO
6xxM+w0458cmeK04lyOQ1YW7C4Lr4HHMs3F9osj8ERgbFcA9Ssv/eLQV8L6FyKZw
AWHVTBy6EHSAwau983SnZiB+OBOm1JLsisRw0fhgwAPVBP7RgplXdRr8WRweegYP
bh7xWrn6pfNoJKi8RzoMBuyvw9Hk+MG2NDdSDY/88oyQ+clwLKHfWgA66QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIr/mAyCtyX/yyeyrmCMEAypLkyyMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyWD26uO
mI+rXHINuxl6J4+xQMYEShNeL4X/zdt8hU9g+Dx8h1m2t2G7TrcqYqkITNtjsjnZ
hRYI8pynWThwuYyj8TaAjzOQ9AhsbwzuKyehQJaPdhwXmCLGoOwIJCkMn0KjUhQH
UgyX3vbKZSsE3fmbuNLji/E6ev9pqMhq36SEiWoMiQzJxCojyjRTp3t81NSVrhbp
qip31ORiDXDipeh7jmeyDohmZSz+CQzETdIF3yeS3iaSrMQThp58o97jeMSp9ZL6
UnFlweafmqa9mSD/5FqAExgQhdgbDAX/dTGUSnL+zuhm7gCfcjVIiHuDM6uSoo1N
IMOPyOTOu4+RcA==
-----END CERTIFICATE-----