Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          ufinZj4/QnLtGBddr6rS6TDGSurWk9zBmg/GoMlYZeQ=
Subject key identifier:   FE:8A:D0:2C:64:4B:57:78:52:71:10:84:D1:9C:FB:08:FF:66:AD:D5
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       0198A04EB9A58A3218DC218578B8C956F94B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          09FA
Signing time:             Tue 12 Aug 2025 22:02:50 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:50 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:50 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: xo05G+qVC4GS+w/MNZ4QlH7/UCVGRewhN2w9wlaMgmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:b9:a5:8a:32:18:dc:21:85:78:b8:c9:56:f9:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Aug 12 22:02:50 2025 GMT
            Not After : Aug 13 22:02:50 2025 GMT
        Subject: CN=fe8ad02c644b577852711084d19cfb08ff66add5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cd:60:79:92:77:8a:70:f9:10:54:cf:8f:39:
                    f4:4d:d5:e6:51:b0:9b:ef:fd:77:dc:6c:b4:bb:12:
                    e7:6a:d6:b7:05:6b:8c:96:e8:d5:26:81:2a:12:96:
                    41:ba:45:51:bf:2e:6b:95:4e:e7:19:89:03:05:f6:
                    1a:fa:8b:b0:c9:28:a8:e9:4d:91:e9:61:b3:82:34:
                    a3:99:f3:06:c6:43:1c:77:03:06:dd:12:84:2b:6b:
                    75:5c:33:66:98:50:4e:ee:8e:4e:35:d6:d7:2a:ec:
                    58:92:d0:4b:bf:0f:61:cf:68:6d:01:13:54:09:f4:
                    8e:bb:52:19:a4:bd:ca:0d:0f:5d:fe:cf:df:44:21:
                    2d:fc:42:71:0f:a5:23:2a:d1:a6:5a:98:e1:34:ae:
                    85:2c:1c:aa:8b:39:be:7e:6d:5c:f3:df:a8:7e:2d:
                    8c:17:58:06:52:63:0f:79:86:c7:84:70:fd:8a:7c:
                    5b:88:23:cb:b3:23:21:fc:a0:ba:21:e6:43:5e:39:
                    b1:6b:99:d0:49:ee:ac:1e:b4:fd:13:25:a6:6d:22:
                    ae:44:4c:6a:e8:93:27:8a:3b:0a:5a:57:84:f2:85:
                    49:98:52:57:20:f5:41:b1:fd:78:56:1b:72:bb:c0:
                    16:47:cc:3e:b2:b1:f1:f3:6f:0e:1f:ed:d9:14:a2:
                    dd:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:8A:D0:2C:64:4B:57:78:52:71:10:84:D1:9C:FB:08:FF:66:AD:D5
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a0:58:57:f2:77:12:1f:28:d7:53:e2:37:0f:89:8f:bc:6a:
         6a:b9:69:92:4c:7e:6c:ea:f5:aa:50:0c:1f:b7:32:3e:19:ad:
         4a:3f:83:2f:18:7c:20:78:8c:38:3a:ef:bd:32:63:c2:56:7e:
         16:95:a2:79:ab:8d:79:8e:4f:99:ed:64:64:3f:69:fc:5e:19:
         a1:3c:71:84:f2:46:88:e2:38:45:5c:8b:fe:4b:8c:6c:b2:48:
         d8:68:c7:2c:ac:75:ca:f7:3b:29:ec:50:98:ce:61:b3:66:5e:
         99:e5:bf:a5:2e:0d:76:4d:6f:c9:39:76:c9:db:8b:bf:2a:2e:
         87:d9:35:75:81:36:6b:52:75:c3:40:f1:98:82:73:98:55:b9:
         b3:52:01:14:f3:7a:74:be:ec:d5:a8:fe:90:da:0b:ff:2b:b2:
         69:d7:c4:2c:9b:b2:71:3a:50:dc:56:2d:aa:4d:0e:c4:66:f9:
         0a:99:5b:64:2b:ec:50:17:86:17:50:37:43:f9:fe:04:c8:07:
         f0:a1:0e:6a:18:ca:2c:58:d8:0d:56:3b:ac:ed:2b:d0:3c:87:
         f6:ff:30:bd:5c:ce:dd:69:9c:ca:92:db:24:6c:37:b5:18:91:
         82:8b:e4:3e:ea:33:0b:3d:aa:fe:c1:75:aa:5a:1c:bd:b5:51:
         bf:86:9c:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTrmlijIY3CGFeLjJVvlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjUwODEyMjIwMjUwWhcNMjUwODEzMjIwMjUwWjAzMTEwLwYDVQQD
EyhmZThhZDAyYzY0NGI1Nzc4NTI3MTEwODRkMTljZmIwOGZmNjZhZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc1geZJ3inD5EFTPjzn0TdXmUbCb
7/133Gy0uxLnata3BWuMlujVJoEqEpZBukVRvy5rlU7nGYkDBfYa+ouwySio6U2R
6WGzgjSjmfMGxkMcdwMG3RKEK2t1XDNmmFBO7o5ONdbXKuxYktBLvw9hz2htARNU
CfSOu1IZpL3KDQ9d/s/fRCEt/EJxD6UjKtGmWpjhNK6FLByqizm+fm1c89+ofi2M
F1gGUmMPeYbHhHD9inxbiCPLsyMh/KC6IeZDXjmxa5nQSe6sHrT9EyWmbSKuRExq
6JMnijsKWleE8oVJmFJXIPVBsf14Vhtyu8AWR8w+srHx828OH+3ZFKLd5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6K0CxkS1d4UnEQhNGc+wj/Zq3VMB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6BYV/J3
Eh8o11PiNw+Jj7xqarlpkkx+bOr1qlAMH7cyPhmtSj+DLxh8IHiMODrvvTJjwlZ+
FpWieauNeY5Pme1kZD9p/F4ZoTxxhPJGiOI4RVyL/kuMbLJI2GjHLKx1yvc7KexQ
mM5hs2ZemeW/pS4Ndk1vyTl2yduLvyouh9k1dYE2a1J1w0DxmIJzmFW5s1IBFPN6
dL7s1aj+kNoL/yuyadfELJuycTpQ3FYtqk0OxGb5CplbZCvsUBeGF1A3Q/n+BMgH
8KEOahjKLFjYDVY7rO0r0DyH9v8wvVzO3WmcypLbJGw3tRiRgovkPuozCz2q/sF1
qlocvbVRv4ac+w==
-----END CERTIFICATE-----