Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
File:                     HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft (raw, json)
Hash identifier:          NDzyuWgpgWNGKONv3DPIi2Xub3/g1x7YFgdQsPS7yGg=
Subject key identifier:   4A:9E:E7:D0:0D:AF:59:90:81:A3:EE:E1:85:D8:28:5E:3B:44:0D:31
Authority key identifier: 1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52
Certificate issuer:       /CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
Certificate serial:       019A4D7461146AE2AFE41C96E98DC681E032
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
Manifest number:          0363
Signing time:             Tue 04 Nov 2025 06:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 06:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 06:01:03 +0000
Files and hashes:         1: HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl (hash: QEVIUIUKXlA38wqHGNfgRgmPCfqSD5FYxpoFMS8wC8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:61:14:6a:e2:af:e4:1c:96:e9:8d:c6:81:e0:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cd2e78a097f290fc2fcaf5d9c7d88fcc87bd452
        Validity
            Not Before: Nov  4 06:01:03 2025 GMT
            Not After : Nov  5 06:01:03 2025 GMT
        Subject: CN=4a9ee7d00daf599081a3eee185d8285e3b440d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fb:58:c7:ed:7d:e8:56:49:9d:59:fc:e4:5c:
                    fe:5d:50:0a:95:93:51:cc:f6:f4:a2:a2:a1:48:32:
                    ef:85:52:09:6c:5a:f0:11:32:4f:db:31:42:5a:67:
                    a1:87:76:20:f6:99:bd:57:9f:69:b6:c9:06:1f:d6:
                    97:21:2e:c3:c9:e1:e5:bf:d1:fb:37:92:7b:62:a3:
                    9f:e9:4d:a1:00:5a:47:d1:0c:6e:e4:26:05:21:ad:
                    99:9f:5a:a0:bf:4a:2c:55:96:2f:57:52:74:f5:ed:
                    c8:12:cd:65:61:1e:8f:b2:7b:08:2c:f9:b2:e7:96:
                    0f:c3:4a:e0:5e:42:f5:9f:e7:2c:17:c0:3f:f0:0a:
                    03:66:5a:b0:39:3e:7f:c9:47:2f:67:53:6f:99:d1:
                    fd:82:64:58:7e:12:02:14:55:8f:bf:b8:7e:f7:5a:
                    8e:fa:22:23:03:46:07:1f:82:f3:69:b9:83:bb:2a:
                    86:25:ec:6b:7d:f2:5b:b4:04:26:04:b4:db:92:c2:
                    65:81:ec:e8:1a:0f:ec:ea:ff:79:51:34:e8:33:61:
                    83:b1:bb:ed:52:32:3a:98:53:53:db:22:8c:74:a4:
                    fb:b4:4c:4d:10:4c:fb:25:b0:fd:08:55:f3:db:c6:
                    a5:f0:54:bf:00:a9:db:e1:81:56:a0:a4:71:92:fe:
                    18:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:9E:E7:D0:0D:AF:59:90:81:A3:EE:E1:85:D8:28:5E:3B:44:0D:31
            X509v3 Authority Key Identifier:
                keyid:1C:D2:E7:8A:09:7F:29:0F:C2:FC:AF:5D:9C:7D:88:FC:C8:7B:D4:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNLnigl_KQ_C_K9dnH2I_Mh71FI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5efcbb-3d40-4fe3-b8eb-06c0f2a1757f/1/HNLnigl_KQ_C_K9dnH2I_Mh71FI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:9b:ab:7f:41:4c:c1:08:7b:fc:40:d9:b7:bc:96:f6:bc:2d:
         45:e9:e2:54:9b:4c:0a:ae:ae:d2:21:c6:a4:29:1e:2d:12:8a:
         52:c1:8c:41:32:ca:46:67:10:f0:b4:69:db:12:f0:8b:27:ce:
         43:f6:0e:72:5e:b5:10:92:e7:56:a0:6e:76:2a:f7:30:ee:6f:
         21:3d:f7:9e:ee:f0:72:26:d9:5e:7d:59:40:c8:e4:81:6c:15:
         e2:2d:12:86:f4:e8:1a:9f:23:10:43:ea:93:e9:69:fe:55:71:
         0e:0e:e1:91:1a:bf:00:d6:68:67:31:84:25:a0:c7:f8:e1:bd:
         1a:1d:d2:21:1b:ee:df:c9:4b:80:e8:d3:65:12:18:43:92:3e:
         d7:46:8e:50:d5:a5:b2:05:63:ce:44:30:f7:68:1f:4e:81:b2:
         6e:f4:a4:13:2c:5f:b8:73:ba:09:79:b0:9c:ee:e0:0f:2b:b5:
         08:23:0c:d3:03:6c:49:cb:66:cf:d8:89:01:36:fb:3c:5e:db:
         af:5a:20:6b:9c:78:56:2d:c3:73:97:63:b1:4a:cd:f1:71:93:
         d9:01:67:5a:7f:2f:97:c3:fb:2e:aa:5a:e8:2c:aa:9c:84:23:
         c3:84:23:06:08:12:49:23:b8:42:de:a8:64:9e:b1:c2:e6:6d:
         70:83:d6:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdGEUauKv5ByW6Y3GgeAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDJlNzhhMDk3ZjI5MGZjMmZjYWY1ZDljN2Q4OGZjYzg3
YmQ0NTIwHhcNMjUxMTA0MDYwMTAzWhcNMjUxMTA1MDYwMTAzWjAzMTEwLwYDVQQD
Eyg0YTllZTdkMDBkYWY1OTkwODFhM2VlZTE4NWQ4Mjg1ZTNiNDQwZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/tYx+196FZJnVn85Fz+XVAKlZNR
zPb0oqKhSDLvhVIJbFrwETJP2zFCWmehh3Yg9pm9V59ptskGH9aXIS7DyeHlv9H7
N5J7YqOf6U2hAFpH0Qxu5CYFIa2Zn1qgv0osVZYvV1J09e3IEs1lYR6PsnsILPmy
55YPw0rgXkL1n+csF8A/8AoDZlqwOT5/yUcvZ1NvmdH9gmRYfhICFFWPv7h+91qO
+iIjA0YHH4LzabmDuyqGJexrffJbtAQmBLTbksJlgezoGg/s6v95UTToM2GDsbvt
UjI6mFNT2yKMdKT7tExNEEz7JbD9CFXz28al8FS/AKnb4YFWoKRxkv4YswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqe59ANr1mQgaPu4YXYKF47RA0xMB8GA1UdIwQY
MBaAFBzS54oJfykPwvyvXZx9iPzIe9RSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWIt
MDZjMGYyYTE3NTdmLzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81ZWZjYmItM2Q0MC00ZmUzLWI4ZWItMDZjMGYyYTE3NTdm
LzEvSE5MbmlnbF9LUV9DX0s5ZG5IMklfTWg3MUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpurf0FM
wQh7/EDZt7yW9rwtReniVJtMCq6u0iHGpCkeLRKKUsGMQTLKRmcQ8LRp2xLwiyfO
Q/YOcl61EJLnVqBudir3MO5vIT33nu7wcibZXn1ZQMjkgWwV4i0ShvToGp8jEEPq
k+lp/lVxDg7hkRq/ANZoZzGEJaDH+OG9Gh3SIRvu38lLgOjTZRIYQ5I+10aOUNWl
sgVjzkQw92gfToGybvSkEyxfuHO6CXmwnO7gDyu1CCMM0wNsSctmz9iJATb7PF7b
r1oga5x4Vi3Dc5djsUrN8XGT2QFnWn8vl8P7Lqpa6CyqnIQjw4QjBggSSSO4Qt6o
ZJ6xwuZtcIPW/w==
-----END CERTIFICATE-----