Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          qcddHnQWTlZi7LrDFjZN/CveM03eVJvzicON5Cg0LXM=
Subject key identifier:   03:55:B3:E3:25:8A:0D:42:0A:F1:65:C4:39:6B:D4:71:72:33:B0:2F
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       019A4EF43716689B36EB4C6224C5355779E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0AD9
Signing time:             Tue 04 Nov 2025 13:00:19 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:19 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:19 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: XOlbTWToeEp0Ugu6ZCuUJT2x28bwJi3bZNp1coEPHYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:37:16:68:9b:36:eb:4c:62:24:c5:35:57:79:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Nov  4 13:00:19 2025 GMT
            Not After : Nov  5 13:00:19 2025 GMT
        Subject: CN=0355b3e3258a0d420af165c4396bd4717233b02f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:05:3f:30:0a:9a:9d:c0:1c:ac:5b:d2:53:3d:
                    e6:01:82:59:ee:fe:45:a8:8c:b3:af:6c:c7:01:5d:
                    86:21:45:f4:f9:ca:59:ed:11:82:85:1c:9b:72:66:
                    15:b9:3d:c1:0f:34:a2:f1:38:7d:9b:a8:05:be:02:
                    ef:9a:c4:9d:13:23:51:0a:e5:d3:2c:65:ae:e5:be:
                    14:25:15:fe:2e:c9:b0:21:25:c4:02:e9:75:05:0e:
                    2b:8b:01:fb:56:3d:2c:e5:e2:a1:67:9e:c1:dc:36:
                    09:19:80:52:c4:84:ad:0b:5c:ce:4a:6e:67:1c:94:
                    bc:67:bc:53:e7:4a:1d:60:ed:0b:51:bc:83:3b:49:
                    31:c8:10:8b:28:c7:38:be:dd:c2:3f:43:a8:10:f7:
                    8b:8f:20:db:e7:ca:f6:83:51:a4:d3:cf:2d:c8:1f:
                    82:9c:81:f1:f2:ec:ff:96:c7:9b:43:27:ce:eb:7d:
                    9e:9c:e9:d5:f3:a4:6e:22:a0:67:77:e8:c1:44:7e:
                    d0:9c:44:f1:62:1f:f3:16:74:ed:b0:61:49:42:92:
                    80:78:1e:be:57:db:d9:93:43:b5:bc:d1:a3:53:39:
                    0c:00:49:04:00:28:59:15:14:71:49:f7:6c:6d:82:
                    44:e5:92:b0:0d:49:39:2f:ab:3f:28:9f:33:1d:80:
                    38:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:55:B3:E3:25:8A:0D:42:0A:F1:65:C4:39:6B:D4:71:72:33:B0:2F
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:4d:f3:2b:92:86:ba:34:1b:22:24:4e:09:c4:c8:8c:74:6c:
         45:8b:62:be:40:03:41:c3:74:13:6f:1a:d9:32:de:13:72:57:
         97:53:fe:3c:45:f1:89:84:62:ea:80:60:fb:ee:b8:7d:3a:56:
         d0:0d:15:d8:7a:c9:98:1f:8c:00:c0:28:bd:f9:13:a0:1a:a9:
         82:e0:3f:62:51:9f:3f:7a:d7:0d:72:24:43:14:9f:d0:33:b7:
         8a:b9:7e:f7:40:89:93:99:35:91:cb:3f:40:7f:aa:45:88:76:
         48:e6:5f:47:8e:32:9b:cf:a6:0b:71:cc:a8:84:09:ff:0c:89:
         15:fc:34:95:25:a9:dd:fc:a3:59:6e:48:17:30:eb:ad:aa:b8:
         37:cc:98:9b:b0:1e:5d:ae:3f:4a:54:80:e8:9d:95:80:14:18:
         e5:40:12:19:a1:b7:45:f7:e0:ba:4a:0f:9d:ff:39:92:26:aa:
         38:db:91:ab:17:f8:f0:8e:0a:9f:99:3d:2b:fd:d6:53:59:f6:
         f2:0d:83:d4:23:0f:0d:bb:18:76:69:6c:f1:99:26:0c:9f:94:
         d3:c7:1a:f4:9d:5a:85:d2:d3:fe:bd:15:73:2f:e0:29:9b:bd:
         1b:04:fb:cb:47:bd:30:f8:21:f1:9e:79:26:e7:50:d5:4a:72:
         6f:5a:01:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9DcWaJs260xiJMU1V3nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUxMTA0MTMwMDE5WhcNMjUxMTA1MTMwMDE5WjAzMTEwLwYDVQQD
EygwMzU1YjNlMzI1OGEwZDQyMGFmMTY1YzQzOTZiZDQ3MTcyMzNiMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwU/MAqancAcrFvSUz3mAYJZ7v5F
qIyzr2zHAV2GIUX0+cpZ7RGChRybcmYVuT3BDzSi8Th9m6gFvgLvmsSdEyNRCuXT
LGWu5b4UJRX+LsmwISXEAul1BQ4riwH7Vj0s5eKhZ57B3DYJGYBSxIStC1zOSm5n
HJS8Z7xT50odYO0LUbyDO0kxyBCLKMc4vt3CP0OoEPeLjyDb58r2g1Gk088tyB+C
nIHx8uz/lsebQyfO632enOnV86RuIqBnd+jBRH7QnETxYh/zFnTtsGFJQpKAeB6+
V9vZk0O1vNGjUzkMAEkEAChZFRRxSfdsbYJE5ZKwDUk5L6s/KJ8zHYA4iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANVs+Mlig1CCvFlxDlr1HFyM7AvMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO03zK5KG
ujQbIiROCcTIjHRsRYtivkADQcN0E28a2TLeE3JXl1P+PEXxiYRi6oBg++64fTpW
0A0V2HrJmB+MAMAovfkToBqpguA/YlGfP3rXDXIkQxSf0DO3irl+90CJk5k1kcs/
QH+qRYh2SOZfR44ym8+mC3HMqIQJ/wyJFfw0lSWp3fyjWW5IFzDrraq4N8yYm7Ae
Xa4/SlSA6J2VgBQY5UASGaG3RffgukoPnf85kiaqONuRqxf48I4Kn5k9K/3WU1n2
8g2D1CMPDbsYdmls8ZkmDJ+U08ca9J1ahdLT/r0Vcy/gKZu9GwT7y0e9MPgh8Z55
JudQ1Upyb1oBoQ==
-----END CERTIFICATE-----