Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
File:                     HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json)
Hash identifier:          NfRyIBA6uQ2Su6PgQQB2m/6MjMBGdj6QWXbCVx9IODs=
Subject key identifier:   CD:9D:4D:AE:D6:30:DC:E6:8D:2D:08:42:26:9C:85:AC:1A:FC:8A:AC
Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60
Certificate issuer:       /CN=1c1618e04372d9b27f417d229f82614027bc3c60
Certificate serial:       019896A4B26B038E1027E5D6AD3FDFDD71EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
Manifest number:          0985
Signing time:             Mon 11 Aug 2025 01:00:32 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:32 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:32 +0000
Files and hashes:         1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: XAcvnQq+vpCQNZmke0CSURyKKR2SnojCDffeCCEsw+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:b2:6b:03:8e:10:27:e5:d6:ad:3f:df:dd:71:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60
        Validity
            Not Before: Aug 11 01:00:32 2025 GMT
            Not After : Aug 12 01:00:32 2025 GMT
        Subject: CN=cd9d4daed630dce68d2d0842269c85ac1afc8aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f0:a5:16:5a:a9:d7:a6:a5:75:3a:56:7a:a0:
                    45:19:d3:03:ef:20:12:64:23:d9:ea:66:19:33:27:
                    9a:39:87:46:0d:40:27:36:ae:2e:47:28:e1:94:fb:
                    3b:a2:c5:93:34:91:6c:c7:f0:09:e4:1e:15:85:18:
                    a9:f8:77:61:bc:7f:04:6c:da:e9:d1:8e:ab:e0:0c:
                    2d:66:a4:3a:26:b0:e3:ba:f2:41:06:3f:c9:4a:6a:
                    ec:52:ea:6b:79:62:34:1a:73:9c:6b:04:d2:f7:27:
                    db:b5:b3:77:a0:2e:da:e2:68:af:2d:08:b1:c1:de:
                    39:87:06:f2:79:52:52:fb:c9:87:89:6b:f7:af:f2:
                    ee:36:d7:28:c7:0f:c4:e3:53:ac:cc:ef:a0:6e:7a:
                    96:7a:67:73:cf:3e:38:67:17:19:88:7f:5a:48:30:
                    c0:00:46:84:36:84:e6:43:05:15:84:5f:ed:14:39:
                    a4:b2:1c:cc:7f:dd:f6:c5:a4:6e:d8:0d:03:8e:a4:
                    5c:60:35:78:42:d6:c3:a8:b0:5f:4d:4a:30:3e:8a:
                    0b:41:8a:68:5d:f1:3f:27:ec:32:b2:fb:15:76:60:
                    42:ed:26:2d:5f:eb:06:d2:79:2c:dd:33:a5:9b:49:
                    ad:06:d2:ac:8e:37:3c:38:ad:d9:02:56:74:1d:7c:
                    2f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:9D:4D:AE:D6:30:DC:E6:8D:2D:08:42:26:9C:85:AC:1A:FC:8A:AC
            X509v3 Authority Key Identifier:
                keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:37:15:87:9c:ac:44:5e:02:ea:b6:be:2e:62:6d:d2:cf:6e:
         ee:96:39:5d:6a:ea:53:4a:12:18:5a:84:96:61:3e:8b:14:2b:
         e8:52:17:c4:0b:8c:67:20:00:1a:d0:8b:86:36:b1:7f:66:df:
         d6:63:09:5c:6c:bd:5c:1d:b9:ca:e0:4d:70:de:a7:3c:96:66:
         ea:b3:68:21:9a:a2:3f:6e:bc:32:8c:4d:8a:e9:51:df:f6:1b:
         eb:34:f4:0d:aa:4e:f8:16:47:a8:d0:0e:e1:81:5f:b8:2d:9f:
         11:58:0f:2c:8d:b7:fe:30:5a:fd:85:01:50:d3:13:ab:bb:af:
         37:21:0e:47:b3:c9:a2:61:80:ce:cb:2d:eb:bf:77:5e:69:80:
         bb:96:f6:28:28:20:60:5e:92:2c:b9:d4:f5:89:57:e0:99:da:
         8d:7d:45:2e:c5:0a:5f:32:a7:27:2f:f9:dd:4b:a3:73:73:0a:
         3c:53:d7:20:40:42:8c:e2:a0:a1:8f:8d:65:70:de:29:ab:63:
         be:b1:26:42:f9:90:b1:51:45:93:17:22:02:72:32:51:a4:8d:
         b4:32:9f:3f:c1:f6:07:a2:0d:7c:77:20:26:d3:bf:09:70:0a:
         4c:f1:88:b7:1f:89:17:9d:6b:2f:97:11:13:af:a5:c9:a1:74:
         9a:32:7e:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpLJrA44QJ+XWrT/f3XHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi
YzNjNjAwHhcNMjUwODExMDEwMDMyWhcNMjUwODEyMDEwMDMyWjAzMTEwLwYDVQQD
EyhjZDlkNGRhZWQ2MzBkY2U2OGQyZDA4NDIyNjljODVhYzFhZmM4YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfClFlqp16aldTpWeqBFGdMD7yAS
ZCPZ6mYZMyeaOYdGDUAnNq4uRyjhlPs7osWTNJFsx/AJ5B4VhRip+HdhvH8EbNrp
0Y6r4AwtZqQ6JrDjuvJBBj/JSmrsUupreWI0GnOcawTS9yfbtbN3oC7a4mivLQix
wd45hwbyeVJS+8mHiWv3r/LuNtcoxw/E41OszO+gbnqWemdzzz44ZxcZiH9aSDDA
AEaENoTmQwUVhF/tFDmkshzMf932xaRu2A0DjqRcYDV4QtbDqLBfTUowPooLQYpo
XfE/J+wysvsVdmBC7SYtX+sG0nks3TOlm0mtBtKsjjc8OK3ZAlZ0HXwvywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2dTa7WMNzmjS0IQiachawa/IqsMB8GA1UdIwQY
MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt
YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh
LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARzcVh5ys
RF4C6ra+LmJt0s9u7pY5XWrqU0oSGFqElmE+ixQr6FIXxAuMZyAAGtCLhjaxf2bf
1mMJXGy9XB25yuBNcN6nPJZm6rNoIZqiP268MoxNiulR3/Yb6zT0DapO+BZHqNAO
4YFfuC2fEVgPLI23/jBa/YUBUNMTq7uvNyEOR7PJomGAzsst6793XmmAu5b2KCgg
YF6SLLnU9YlX4JnajX1FLsUKXzKnJy/53Uujc3MKPFPXIEBCjOKgoY+NZXDeKatj
vrEmQvmQsVFFkxciAnIyUaSNtDKfP8H2B6INfHcgJtO/CXAKTPGItx+JF51rL5cR
E6+lyaF0mjJ+MA==
-----END CERTIFICATE-----