Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          yJPZyua76fJ49MpuTzdNXB7cJ0Y7/225cX13gXz/y90=
Subject key identifier:   BE:CA:38:53:A8:E2:17:01:5F:5B:D7:98:5C:3C:F1:88:90:5C:68:47
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       019874509D76E2BF683ABCC9B2BC394B961A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0AFE
Signing time:             Mon 04 Aug 2025 09:01:36 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:36 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:36 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: gl+q55vtGixPLfwok0nX1eeKKVDmQNbbBMlX9DDBrdY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:9d:76:e2:bf:68:3a:bc:c9:b2:bc:39:4b:96:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Aug  4 09:01:36 2025 GMT
            Not After : Aug  5 09:01:36 2025 GMT
        Subject: CN=beca3853a8e217015f5bd7985c3cf188905c6847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:5f:f4:ba:e3:71:fb:0c:d2:a5:ca:a1:1f:2b:
                    1f:bf:7b:cc:20:9d:60:ca:eb:27:4d:24:27:f8:33:
                    f4:48:3a:52:e1:73:96:a4:67:c0:01:15:1d:4a:6f:
                    8d:cf:b1:7a:1e:a2:c8:35:f0:5e:56:ee:15:11:a4:
                    d6:6a:f8:51:4e:1d:cc:86:ef:0a:e4:02:5a:32:54:
                    e8:ff:a1:f4:10:f4:e8:28:3f:d7:71:33:eb:4e:74:
                    01:e5:a4:bd:0a:ea:44:9d:d1:56:93:4a:fb:3c:8c:
                    29:80:4c:f6:55:3a:1c:65:1a:d1:05:cd:a1:cc:1b:
                    fa:48:80:b0:90:1f:4c:e0:d7:b8:a6:f9:51:aa:3b:
                    4c:ca:fa:6c:cf:e8:26:4d:3c:43:c0:bc:43:94:ff:
                    e8:ba:a7:4c:ab:97:59:7f:fd:1e:b4:7b:fe:aa:57:
                    94:0a:ad:dd:26:83:28:54:09:30:67:b9:6c:21:cc:
                    11:e6:2b:bd:96:49:9e:8f:9f:9a:92:9e:46:a0:78:
                    e1:bf:73:30:55:7d:95:48:40:0c:17:d0:d3:eb:e0:
                    44:b1:73:b7:2f:bc:42:a4:e2:81:61:e4:8a:20:79:
                    4c:6c:ba:c4:a1:df:45:69:b0:10:92:93:0a:e2:ec:
                    8c:a7:96:fe:ee:47:5d:ac:05:03:b2:a0:bb:35:3e:
                    c5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:CA:38:53:A8:E2:17:01:5F:5B:D7:98:5C:3C:F1:88:90:5C:68:47
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:02:7e:79:de:54:f7:34:8a:d2:e9:2f:80:62:28:e5:52:38:
         49:eb:e1:23:8b:27:ba:63:7e:f0:49:29:84:e6:f2:9e:42:9d:
         01:0c:69:48:5d:bf:0a:c6:13:47:06:bf:d6:10:ed:de:f5:60:
         05:bd:9f:01:eb:51:09:fb:ef:f3:9f:b0:2a:af:df:a9:44:da:
         7b:97:98:8d:7e:2f:84:34:c4:4c:a1:b2:2d:b4:a7:d7:14:15:
         dc:4f:22:16:0d:82:56:76:18:94:27:2d:7b:8a:3a:5f:b3:b7:
         8d:81:fc:15:a6:31:4e:46:d3:f1:cb:0a:43:00:64:bd:27:d2:
         c7:4a:98:4a:67:a8:c3:44:4e:7c:3f:f9:71:85:da:b7:29:cf:
         24:4e:e2:3c:d0:cb:00:02:4d:4f:3b:d0:2b:6d:45:10:ee:02:
         3b:22:6e:55:89:83:62:6f:44:ef:c7:48:6c:22:99:bf:20:72:
         f3:50:19:c0:3f:72:47:45:15:e1:f7:6a:78:9e:15:6d:72:31:
         6f:36:4f:95:1c:46:17:32:41:18:29:35:5b:f3:32:81:aa:4c:
         47:d0:29:8d:f0:94:7e:8a:3d:44:31:73:53:24:c6:c9:a3:e8:
         9d:56:94:13:5c:b1:ff:49:3c:6b:03:d3:03:ec:4b:a5:20:ac:
         33:f8:d4:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UJ124r9oOrzJsrw5S5YaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjUwODA0MDkwMTM2WhcNMjUwODA1MDkwMTM2WjAzMTEwLwYDVQQD
EyhiZWNhMzg1M2E4ZTIxNzAxNWY1YmQ3OTg1YzNjZjE4ODkwNWM2ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8V/0uuNx+wzSpcqhHysfv3vMIJ1g
yusnTSQn+DP0SDpS4XOWpGfAARUdSm+Nz7F6HqLINfBeVu4VEaTWavhRTh3Mhu8K
5AJaMlTo/6H0EPToKD/XcTPrTnQB5aS9CupEndFWk0r7PIwpgEz2VTocZRrRBc2h
zBv6SICwkB9M4Ne4pvlRqjtMyvpsz+gmTTxDwLxDlP/ouqdMq5dZf/0etHv+qleU
Cq3dJoMoVAkwZ7lsIcwR5iu9lkmej5+akp5GoHjhv3MwVX2VSEAMF9DT6+BEsXO3
L7xCpOKBYeSKIHlMbLrEod9FabAQkpMK4uyMp5b+7kddrAUDsqC7NT7FBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7KOFOo4hcBX1vXmFw88YiQXGhHMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuAJ+ed5U
9zSK0ukvgGIo5VI4SevhI4snumN+8EkphObynkKdAQxpSF2/CsYTRwa/1hDt3vVg
Bb2fAetRCfvv85+wKq/fqUTae5eYjX4vhDTETKGyLbSn1xQV3E8iFg2CVnYYlCct
e4o6X7O3jYH8FaYxTkbT8csKQwBkvSfSx0qYSmeow0ROfD/5cYXatynPJE7iPNDL
AAJNTzvQK21FEO4COyJuVYmDYm9E78dIbCKZvyBy81AZwD9yR0UV4fdqeJ4VbXIx
bzZPlRxGFzJBGCk1W/MygapMR9ApjfCUfoo9RDFzUyTGyaPonVaUE1yx/0k8awPT
A+xLpSCsM/jUEQ==
-----END CERTIFICATE-----