Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
File:                     hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json)
Hash identifier:          Y+Yu6F1CLP1ega1+93jaXRznUUWTWknplcwC0pnptk4=
Subject key identifier:   33:3D:98:A0:32:90:DF:4C:67:7B:29:68:0F:2E:F5:D1:91:02:1E:51
Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C
Certificate issuer:       /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
Certificate serial:       019A72258CC27025EC135253F43744474FE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
Manifest number:          06BE
Signing time:             Tue 11 Nov 2025 09:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:54 +0000
Files and hashes:         1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: NZBjVgWwFVTmwU/ytcg0rsP6RpdZaTZzFH8mFLGYgNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:8c:c2:70:25:ec:13:52:53:f4:37:44:47:4f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c
        Validity
            Not Before: Nov 11 09:00:54 2025 GMT
            Not After : Nov 12 09:00:54 2025 GMT
        Subject: CN=333d98a03290df4c677b29680f2ef5d191021e51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3d:2e:7e:52:1d:37:34:17:12:b1:d6:c1:58:
                    a9:be:bf:11:d0:a5:1f:3b:1b:6a:54:21:de:3f:43:
                    48:f5:d9:ac:8b:02:af:8d:c1:07:e6:67:4d:d9:31:
                    d7:59:dc:74:3d:4d:be:43:f2:85:00:5e:0a:2b:cf:
                    08:59:2e:2b:9e:ae:fa:dc:c6:72:b8:57:a4:ce:1f:
                    e4:35:52:a6:9a:76:0e:54:a1:ba:a6:77:46:1f:c3:
                    ac:18:a4:e8:0e:63:a2:8d:81:99:3c:8b:54:03:4d:
                    d6:9b:b5:f2:25:40:35:e1:c3:e7:d7:27:4d:f6:a6:
                    6a:f8:f6:28:cc:75:41:9c:77:93:89:11:33:fd:0d:
                    d6:28:d3:36:47:bf:0b:4c:36:3b:1b:b4:94:4f:40:
                    d4:a5:80:df:14:64:c3:a2:1a:8e:35:5f:86:6f:9d:
                    e3:5f:14:7f:0a:01:23:49:e0:bb:90:01:4f:6c:aa:
                    b4:a9:41:43:62:45:68:61:57:92:81:5b:65:7e:83:
                    38:9d:9b:28:02:42:ac:36:12:8f:9a:9f:63:db:35:
                    5f:f0:d8:74:bd:56:e3:b0:80:83:9d:74:70:63:99:
                    7b:f7:5b:1b:bd:76:13:32:92:f2:10:db:33:66:f0:
                    4b:41:fa:7e:6d:92:b3:1a:ac:e5:7b:a9:5c:98:42:
                    5d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:3D:98:A0:32:90:DF:4C:67:7B:29:68:0F:2E:F5:D1:91:02:1E:51
            X509v3 Authority Key Identifier:
                keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:90:eb:5b:93:f1:60:c9:31:7a:5e:8f:90:50:bf:f2:54:e9:
         8d:35:3a:c6:da:95:f2:69:f3:a4:54:ca:29:22:92:d9:89:71:
         8a:c4:8a:18:ea:ea:5f:fb:4e:09:69:f4:e6:ec:c4:c3:76:98:
         ff:35:cd:3d:c6:bc:ac:2b:5e:16:bd:e7:71:1f:9d:48:7c:67:
         cf:25:bd:0f:67:c4:e1:0d:f4:e3:63:2a:94:73:bb:ce:09:57:
         17:64:ab:bb:ed:8c:ad:e8:58:d8:6d:aa:aa:d4:ba:5d:35:30:
         50:3c:e0:2d:01:f6:0f:1d:6e:ee:bd:e8:5c:6d:43:30:eb:78:
         39:88:99:10:f2:a7:d8:a3:30:ed:6e:1c:2d:a5:e2:7e:c3:3f:
         d9:b1:65:f3:a9:eb:20:71:b4:13:73:77:1c:72:5d:1a:1a:7b:
         0c:a1:eb:ea:c7:34:2f:1e:48:4b:7b:4b:18:d1:34:50:e0:ba:
         3b:b4:a5:40:78:6e:39:cf:24:bb:cd:da:44:26:4d:dd:83:de:
         74:f9:37:54:b8:9f:3c:6c:a0:ca:82:28:7f:e6:a4:90:1d:5d:
         d0:ea:2e:26:f0:20:7a:d3:df:52:6b:28:75:f5:09:34:6a:5f:
         56:50:f4:bf:85:75:08:d5:17:1e:92:b8:53:4c:cc:af:cf:0f:
         e4:8e:22:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYzCcCXsE1JT9DdER0/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy
ODFjMWMwHhcNMjUxMTExMDkwMDU0WhcNMjUxMTEyMDkwMDU0WjAzMTEwLwYDVQQD
EygzMzNkOThhMDMyOTBkZjRjNjc3YjI5NjgwZjJlZjVkMTkxMDIxZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j0uflIdNzQXErHWwVipvr8R0KUf
OxtqVCHeP0NI9dmsiwKvjcEH5mdN2THXWdx0PU2+Q/KFAF4KK88IWS4rnq763MZy
uFekzh/kNVKmmnYOVKG6pndGH8OsGKToDmOijYGZPItUA03Wm7XyJUA14cPn1ydN
9qZq+PYozHVBnHeTiREz/Q3WKNM2R78LTDY7G7SUT0DUpYDfFGTDohqONV+Gb53j
XxR/CgEjSeC7kAFPbKq0qUFDYkVoYVeSgVtlfoM4nZsoAkKsNhKPmp9j2zVf8Nh0
vVbjsICDnXRwY5l791sbvXYTMpLyENszZvBLQfp+bZKzGqzle6lcmEJdKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDM9mKAykN9MZ3spaA8u9dGRAh5RMB8GA1UdIwQY
MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt
YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi
LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZDrW5Px
YMkxel6PkFC/8lTpjTU6xtqV8mnzpFTKKSKS2YlxisSKGOrqX/tOCWn05uzEw3aY
/zXNPca8rCteFr3ncR+dSHxnzyW9D2fE4Q3042MqlHO7zglXF2Sru+2MrehY2G2q
qtS6XTUwUDzgLQH2Dx1u7r3oXG1DMOt4OYiZEPKn2KMw7W4cLaXifsM/2bFl86nr
IHG0E3N3HHJdGhp7DKHr6sc0Lx5IS3tLGNE0UOC6O7SlQHhuOc8ku83aRCZN3YPe
dPk3VLifPGygyoIof+akkB1d0OouJvAgetPfUmsodfUJNGpfVlD0v4V1CNUXHpK4
U0zMr88P5I4iJw==
-----END CERTIFICATE-----