Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          E8Tm4Uf2H/C4yC+rhzwm/kvtDntUXEhNaE7k/YJUt1Y=
Subject key identifier:   11:7D:89:76:E5:E5:AD:97:3A:99:43:95:9D:F0:5F:85:60:37:FE:AE
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       019A4E1880E468C9EB2DAB2EB71988034504
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          083B
Signing time:             Tue 04 Nov 2025 09:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:19 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: y3zySGDkyc8TlXqMZA0wehxgEGMum2Xygsn5Pc2CBLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:18:80:e4:68:c9:eb:2d:ab:2e:b7:19:88:03:45:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Nov  4 09:00:19 2025 GMT
            Not After : Nov  5 09:00:19 2025 GMT
        Subject: CN=117d8976e5e5ad973a9943959df05f856037feae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b4:18:9e:07:4b:70:0f:da:0c:ed:56:88:e3:
                    c5:b1:92:eb:69:9e:50:e2:a8:11:a1:4b:d9:6c:81:
                    19:88:42:cf:3a:18:f2:aa:06:25:ad:79:0c:3c:a0:
                    62:39:03:3b:d5:82:cc:d8:45:e6:cc:75:ad:32:94:
                    3c:7b:7e:03:85:6b:29:eb:7e:5d:c5:ce:19:1c:e8:
                    f6:0b:d2:0b:ed:72:a1:1b:a2:68:80:46:9f:7d:d6:
                    e0:df:c4:fc:23:38:97:dc:d6:c7:18:e8:5d:11:ca:
                    48:ee:fa:3f:72:62:9e:86:ef:39:f3:50:25:36:58:
                    46:b5:ee:f9:b6:a3:d8:25:af:15:7e:dd:c4:54:50:
                    3d:b1:4d:ba:9a:77:32:6f:c9:dc:1c:02:ff:68:65:
                    db:5d:36:0a:5a:d5:bd:70:3a:6e:4a:7b:d0:82:18:
                    5f:c2:23:a1:7b:3a:7e:ea:d3:0b:0c:14:0f:f8:69:
                    b2:01:72:29:4b:0c:cb:3e:cf:06:28:eb:7b:f8:70:
                    bf:c6:8a:d2:17:10:bd:f4:2f:97:d3:7a:d8:dd:ab:
                    2e:43:b3:2e:80:fb:0d:f7:70:6e:25:1b:6b:69:51:
                    8a:c9:94:05:32:ad:c0:00:bd:42:11:f8:61:d1:cd:
                    b5:8a:20:c8:39:83:74:b0:70:ed:a3:05:84:8e:b3:
                    22:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:7D:89:76:E5:E5:AD:97:3A:99:43:95:9D:F0:5F:85:60:37:FE:AE
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:46:50:b3:9a:56:fc:10:d0:08:a8:f1:c8:59:56:b9:6b:52:
         5e:5c:73:39:16:1a:8d:7a:8a:95:fa:54:9a:52:76:8b:4d:97:
         4f:08:f9:af:d9:44:37:98:ae:82:cc:75:05:10:6f:d7:a0:19:
         3b:e5:09:9e:ec:51:61:ad:06:47:5b:4a:3c:57:f1:09:40:b3:
         32:94:2a:c3:3b:fe:51:5b:f0:83:78:6e:32:8c:11:37:fe:89:
         61:b5:ad:94:68:04:ed:e6:b6:77:a0:96:c1:1c:97:f0:a7:9a:
         40:fa:bb:2f:4f:64:b8:3a:4a:a5:02:cd:0a:c6:62:f7:fb:a0:
         65:24:8a:c7:fa:64:10:27:d2:5f:00:b5:36:79:18:63:22:dc:
         98:c8:ac:de:14:88:a3:d8:26:e9:f7:e8:f7:dc:92:73:0b:d7:
         67:a1:85:a5:c9:09:ab:47:73:f4:08:9b:57:f9:04:1c:d4:b0:
         33:fe:fe:aa:4e:e5:88:d1:fa:b2:0d:ee:59:cd:ab:78:92:b2:
         42:9b:ba:5f:f8:0f:87:90:e8:8d:b7:ab:c4:80:3b:64:85:3e:
         c3:77:cd:02:1f:5a:5b:2a:44:68:6f:aa:24:47:86:95:a0:a7:
         de:e0:03:ef:b4:b2:97:d2:fd:ab:66:55:22:fd:90:95:18:a6:
         0e:65:4a:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGIDkaMnrLasutxmIA0UEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjUxMTA0MDkwMDE5WhcNMjUxMTA1MDkwMDE5WjAzMTEwLwYDVQQD
EygxMTdkODk3NmU1ZTVhZDk3M2E5OTQzOTU5ZGYwNWY4NTYwMzdmZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07QYngdLcA/aDO1WiOPFsZLraZ5Q
4qgRoUvZbIEZiELPOhjyqgYlrXkMPKBiOQM71YLM2EXmzHWtMpQ8e34DhWsp635d
xc4ZHOj2C9IL7XKhG6JogEaffdbg38T8IziX3NbHGOhdEcpI7vo/cmKehu8581Al
NlhGte75tqPYJa8Vft3EVFA9sU26mncyb8ncHAL/aGXbXTYKWtW9cDpuSnvQghhf
wiOhezp+6tMLDBQP+GmyAXIpSwzLPs8GKOt7+HC/xorSFxC99C+X03rY3asuQ7Mu
gPsN93BuJRtraVGKyZQFMq3AAL1CEfhh0c21iiDIOYN0sHDtowWEjrMipwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBF9iXbl5a2XOplDlZ3wX4VgN/6uMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUZQs5pW
/BDQCKjxyFlWuWtSXlxzORYajXqKlfpUmlJ2i02XTwj5r9lEN5iugsx1BRBv16AZ
O+UJnuxRYa0GR1tKPFfxCUCzMpQqwzv+UVvwg3huMowRN/6JYbWtlGgE7ea2d6CW
wRyX8KeaQPq7L09kuDpKpQLNCsZi9/ugZSSKx/pkECfSXwC1NnkYYyLcmMis3hSI
o9gm6ffo99yScwvXZ6GFpckJq0dz9AibV/kEHNSwM/7+qk7liNH6sg3uWc2reJKy
Qpu6X/gPh5DojberxIA7ZIU+w3fNAh9aWypEaG+qJEeGlaCn3uAD77Syl9L9q2ZV
Iv2QlRimDmVKmw==
-----END CERTIFICATE-----