Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          Ax+xU20IPVQZaGcU3rxD4zKC8YCXg2vKFXSy8kulUyU=
Subject key identifier:   68:53:A5:72:D6:73:64:7E:95:6F:68:A4:9D:C8:95:89:9B:98:B0:DB
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       019897131DCE91A1C9CC5A7BC9AC88F4227C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          0280
Signing time:             Mon 11 Aug 2025 03:01:09 +0000
Manifest this update:     Mon 11 Aug 2025 03:01:09 +0000
Manifest next update:     Tue 12 Aug 2025 03:01:09 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: LIj96U72z2BdDE7lheKOUjBJAXmdxYBaxkbyWQsSQCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:13:1d:ce:91:a1:c9:cc:5a:7b:c9:ac:88:f4:22:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Aug 11 03:01:09 2025 GMT
            Not After : Aug 12 03:01:09 2025 GMT
        Subject: CN=6853a572d673647e956f68a49dc895899b98b0db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8b:8c:15:dc:79:4d:f2:35:cb:2f:4a:c6:55:
                    b8:85:03:4f:0c:18:09:9f:4d:1b:c6:56:15:0a:51:
                    61:a9:65:63:73:09:fc:50:dc:8e:c8:0c:70:36:23:
                    01:36:86:c9:3a:5a:b6:77:e7:a8:ec:0c:fc:10:5b:
                    90:b5:d4:5f:90:cc:7b:be:61:d0:a4:aa:78:54:3a:
                    6f:06:a1:c1:a8:92:1d:07:74:4c:5d:20:2d:57:e8:
                    17:6a:47:e2:5d:37:be:a5:5f:a7:49:53:3b:70:29:
                    7c:7b:4c:f5:1d:f3:de:1a:65:1e:66:ea:29:2d:99:
                    19:c1:fd:0c:5b:97:b0:7d:aa:26:d4:35:a4:95:cb:
                    3e:30:aa:06:cb:24:ae:44:ab:91:c1:ac:c4:1e:5d:
                    e3:99:2a:27:f3:79:c2:e3:5d:7c:1d:bd:66:e7:6b:
                    27:dc:17:3c:92:b2:a2:a7:8b:c4:96:a2:f8:af:45:
                    9d:b5:bc:48:bf:bd:0c:d6:5c:5d:2d:f6:35:6e:00:
                    18:a6:de:d9:41:a7:3b:60:b5:3e:76:46:37:7d:73:
                    23:16:1a:a8:57:b5:b4:7e:7e:df:16:7a:cd:32:a5:
                    bf:2b:ec:88:c2:cd:e1:13:28:3a:f4:e1:c1:d2:2c:
                    ff:61:db:53:e9:a6:d8:ed:0a:42:86:90:4e:81:2b:
                    7e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:53:A5:72:D6:73:64:7E:95:6F:68:A4:9D:C8:95:89:9B:98:B0:DB
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:d1:42:f6:92:30:d7:35:5c:e1:41:dc:e7:33:d3:08:2b:19:
         37:40:56:24:5c:59:47:58:67:96:b0:d3:d5:5b:55:b2:18:e0:
         ad:1e:0b:96:12:2a:fd:53:70:f9:30:06:c8:33:3c:60:d7:5e:
         e5:25:e6:ef:49:5a:55:94:16:9a:13:1f:5d:24:21:11:75:49:
         6a:e7:4c:f9:98:0d:9c:8c:b7:dc:37:1a:d0:67:83:e0:49:d8:
         fd:8b:ab:55:65:13:7c:4c:2f:73:0a:ca:40:4b:8e:e5:b9:86:
         6b:e0:e9:ab:66:93:8a:9e:11:68:96:69:90:98:2d:1e:67:74:
         ce:b8:51:86:06:62:d5:1b:3b:0b:77:60:a6:bc:80:97:7c:20:
         ae:ff:b4:54:c2:04:cd:c8:5f:27:bc:32:ac:06:ab:54:65:9b:
         46:fb:7e:a8:1b:63:c3:c7:91:3b:f8:2f:19:1b:a7:dd:bb:bd:
         b0:34:16:fb:cb:b0:93:50:a7:1a:6a:34:6f:fd:4f:f3:de:25:
         4a:b9:07:d1:0b:ce:eb:6d:91:55:64:7e:a2:a3:76:8f:be:f0:
         f5:c4:68:48:f6:98:19:db:a1:c0:32:b3:fa:cd:0a:e5:30:d1:
         b6:cf:22:f8:d6:99:ac:21:7b:fd:69:3f:9b:57:f1:af:2b:89:
         a7:93:dc:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXEx3OkaHJzFp7yayI9CJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUwODExMDMwMTA5WhcNMjUwODEyMDMwMTA5WjAzMTEwLwYDVQQD
Eyg2ODUzYTU3MmQ2NzM2NDdlOTU2ZjY4YTQ5ZGM4OTU4OTliOThiMGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxouMFdx5TfI1yy9KxlW4hQNPDBgJ
n00bxlYVClFhqWVjcwn8UNyOyAxwNiMBNobJOlq2d+eo7Az8EFuQtdRfkMx7vmHQ
pKp4VDpvBqHBqJIdB3RMXSAtV+gXakfiXTe+pV+nSVM7cCl8e0z1HfPeGmUeZuop
LZkZwf0MW5ewfaom1DWklcs+MKoGyySuRKuRwazEHl3jmSon83nC4118Hb1m52sn
3Bc8krKip4vElqL4r0WdtbxIv70M1lxdLfY1bgAYpt7ZQac7YLU+dkY3fXMjFhqo
V7W0fn7fFnrNMqW/K+yIws3hEyg69OHB0iz/YdtT6abY7QpChpBOgSt+ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhTpXLWc2R+lW9opJ3IlYmbmLDbMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9FC9pIw
1zVc4UHc5zPTCCsZN0BWJFxZR1hnlrDT1VtVshjgrR4LlhIq/VNw+TAGyDM8YNde
5SXm70laVZQWmhMfXSQhEXVJaudM+ZgNnIy33Dca0GeD4EnY/YurVWUTfEwvcwrK
QEuO5bmGa+Dpq2aTip4RaJZpkJgtHmd0zrhRhgZi1Rs7C3dgpryAl3wgrv+0VMIE
zchfJ7wyrAarVGWbRvt+qBtjw8eRO/gvGRun3bu9sDQW+8uwk1CnGmo0b/1P894l
SrkH0QvO622RVWR+oqN2j77w9cRoSPaYGduhwDKz+s0K5TDRts8i+NaZrCF7/Wk/
m1fxryuJp5Pc7w==
-----END CERTIFICATE-----