Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          ZJMwz+YiwEBJ5/1Hr6lOtBkWVhwIPNUbOZs07MKtInA=
Subject key identifier:   EB:F1:C0:B0:7A:D2:F2:78:90:C8:DE:C0:DC:56:9A:CC:0C:A0:10:3A
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       019896A547F518D58254D03448832357D2E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          10B1
Signing time:             Mon 11 Aug 2025 01:01:10 +0000
Manifest this update:     Mon 11 Aug 2025 01:01:10 +0000
Manifest next update:     Tue 12 Aug 2025 01:01:10 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: qqW9TC/whm2SLhY6M5MB+o5yvf4y1xsOdesSYfDVJX0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a5:47:f5:18:d5:82:54:d0:34:48:83:23:57:d2:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Aug 11 01:01:10 2025 GMT
            Not After : Aug 12 01:01:10 2025 GMT
        Subject: CN=ebf1c0b07ad2f27890c8dec0dc569acc0ca0103a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e5:a3:a5:45:2f:83:49:24:cd:28:ed:42:d7:
                    72:05:a4:37:a7:26:ca:8d:4f:bd:ff:25:64:3b:60:
                    10:4c:52:d1:d1:9b:0c:e0:6a:0d:4c:a1:29:0f:9e:
                    78:66:98:ad:76:81:a6:97:8e:1e:b5:7c:dc:02:b3:
                    94:4a:aa:c2:7e:79:85:0b:58:f4:8c:37:10:f1:e3:
                    f7:2b:d1:60:7f:50:64:95:3d:e0:ca:10:7c:ff:4b:
                    77:48:67:2d:50:3b:31:5a:9d:34:39:11:9f:70:25:
                    57:8e:44:6b:19:5d:be:6a:53:dc:2d:43:96:f7:60:
                    8a:89:71:27:70:c2:ae:3d:e7:eb:96:e8:77:d9:59:
                    f6:14:2b:99:0f:fa:df:c5:a3:4f:e2:64:51:63:b8:
                    fd:f4:09:f2:d9:15:62:3d:64:49:15:f4:62:29:55:
                    e4:f6:3a:3e:83:fb:27:29:b4:30:d4:8a:5f:61:07:
                    36:f2:d5:25:cb:e2:af:7a:4b:19:14:db:8c:1b:10:
                    b1:2d:1f:3a:f7:bd:a0:56:68:c6:77:5b:97:df:1d:
                    7e:7e:58:50:56:5d:48:79:89:ee:9a:e9:4a:0f:c7:
                    af:65:a6:5b:c3:17:0b:b9:8d:3c:a6:a9:99:2b:3f:
                    3b:78:74:0a:e6:c0:6f:1a:11:a2:99:33:95:37:42:
                    35:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:F1:C0:B0:7A:D2:F2:78:90:C8:DE:C0:DC:56:9A:CC:0C:A0:10:3A
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ad:20:01:6e:88:b4:14:ac:7f:16:d5:14:7d:aa:72:ce:27:
         e1:ca:d7:cd:87:1b:b0:66:1f:84:b3:12:91:a3:41:a4:eb:62:
         14:bc:55:01:51:da:96:10:37:84:b4:cd:cf:7a:55:4f:01:80:
         f9:71:d0:3f:90:af:a1:00:46:41:ad:07:a2:f2:f4:1a:99:c0:
         b7:cb:cf:4b:cf:82:80:4f:36:b6:da:77:de:c0:ae:af:a8:bb:
         0b:b7:78:b1:3f:38:06:cc:1d:d8:88:4c:26:15:c5:50:e5:4a:
         08:de:b6:b2:31:df:57:aa:66:7b:df:50:13:7b:21:0a:f0:37:
         05:e0:fd:eb:14:b1:6d:b7:f7:44:db:e1:83:9e:98:f4:d2:08:
         02:47:f5:fd:10:b0:68:63:f4:83:3e:00:ca:d7:21:31:12:b5:
         21:06:00:a0:af:42:34:c8:a3:ce:d5:da:96:47:4c:50:c0:bd:
         3d:ad:17:4c:ef:c7:fb:67:34:01:b6:50:46:f0:61:13:69:2e:
         01:62:10:f7:77:57:73:bc:90:d9:dd:0a:8e:25:11:f4:96:34:
         7e:5e:c2:11:b2:e6:20:33:2b:1f:86:ae:ec:e7:62:50:f9:51:
         c1:f5:ef:66:5b:9a:fe:7f:00:e4:a2:49:b0:26:eb:fd:c3:b1:
         f3:8a:56:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpUf1GNWCVNA0SIMjV9LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjUwODExMDEwMTEwWhcNMjUwODEyMDEwMTEwWjAzMTEwLwYDVQQD
EyhlYmYxYzBiMDdhZDJmMjc4OTBjOGRlYzBkYzU2OWFjYzBjYTAxMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuWjpUUvg0kkzSjtQtdyBaQ3pybK
jU+9/yVkO2AQTFLR0ZsM4GoNTKEpD554ZpitdoGml44etXzcArOUSqrCfnmFC1j0
jDcQ8eP3K9Fgf1BklT3gyhB8/0t3SGctUDsxWp00ORGfcCVXjkRrGV2+alPcLUOW
92CKiXEncMKuPefrluh32Vn2FCuZD/rfxaNP4mRRY7j99Any2RViPWRJFfRiKVXk
9jo+g/snKbQw1IpfYQc28tUly+KveksZFNuMGxCxLR86972gVmjGd1uX3x1+flhQ
Vl1IeYnumulKD8evZaZbwxcLuY08pqmZKz87eHQK5sBvGhGimTOVN0I1qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvxwLB60vJ4kMjewNxWmswMoBA6MB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADq0gAW6I
tBSsfxbVFH2qcs4n4crXzYcbsGYfhLMSkaNBpOtiFLxVAVHalhA3hLTNz3pVTwGA
+XHQP5CvoQBGQa0HovL0GpnAt8vPS8+CgE82ttp33sCur6i7C7d4sT84Bswd2IhM
JhXFUOVKCN62sjHfV6pme99QE3shCvA3BeD96xSxbbf3RNvhg56Y9NIIAkf1/RCw
aGP0gz4AytchMRK1IQYAoK9CNMijztXalkdMUMC9Pa0XTO/H+2c0AbZQRvBhE2ku
AWIQ93dXc7yQ2d0KjiUR9JY0fl7CEbLmIDMrH4au7OdiUPlRwfXvZlua/n8A5KJJ
sCbr/cOx84pWwQ==
-----END CERTIFICATE-----