Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          jVYtjF9w8e9o3n2ULBQIraDPJp17AiROHUOJriTWvqc=
Subject key identifier:   EF:97:D1:58:B8:68:DA:DF:49:E9:A3:A5:3E:AF:1E:2B:E3:DD:BA:13
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019A714A2A336173C529C0111C1888245117
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          1201
Signing time:             Tue 11 Nov 2025 05:01:17 +0000
Manifest this update:     Tue 11 Nov 2025 05:01:17 +0000
Manifest next update:     Wed 12 Nov 2025 05:01:17 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: Yfu7mRVmvW4a2d/OuFE6j8OJ1JFgucBQFfOMTEfI9yw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:4a:2a:33:61:73:c5:29:c0:11:1c:18:88:24:51:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Nov 11 05:01:17 2025 GMT
            Not After : Nov 12 05:01:17 2025 GMT
        Subject: CN=ef97d158b868dadf49e9a3a53eaf1e2be3ddba13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e4:7a:c9:85:e8:ef:6b:c6:23:5b:fa:8b:ce:
                    7d:6c:7e:b8:dc:8f:25:51:b5:b5:38:e2:21:db:36:
                    20:f7:d0:a6:5b:b8:f4:5d:1b:07:e2:b4:10:1b:2c:
                    c1:d2:83:ca:9c:52:8e:90:69:03:85:4f:76:60:2a:
                    bc:1b:77:4b:60:c9:0c:ac:97:60:26:bc:aa:2f:aa:
                    1b:d4:be:d8:58:51:70:6e:bb:04:0d:d5:79:4e:23:
                    ae:70:93:cc:7a:48:3d:3d:cc:23:2d:d6:53:3a:ce:
                    7b:e3:1d:14:26:b0:e8:07:98:ff:66:cc:ae:67:9d:
                    02:d7:35:55:ad:5e:b5:d0:da:2d:07:3f:e8:91:45:
                    67:f6:38:3a:16:24:9e:32:23:9f:d4:96:29:f7:77:
                    a9:22:c8:c9:35:05:fe:c7:28:0e:c2:1a:5b:9a:85:
                    c3:72:32:68:15:e6:01:14:2e:bc:c9:ae:16:90:f7:
                    ec:b1:29:41:62:a5:2c:df:8f:a9:b6:b2:06:ab:e0:
                    cc:08:ad:78:4f:1a:d9:6d:2e:e8:82:e9:6b:0e:57:
                    6b:31:a9:88:c4:ab:ad:45:77:3c:16:37:60:aa:ca:
                    57:c5:ae:58:b5:d8:ac:6b:f5:d2:70:15:2a:f2:64:
                    28:f3:1b:8b:87:da:1c:3f:14:39:a8:b8:d1:3a:c9:
                    9e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:97:D1:58:B8:68:DA:DF:49:E9:A3:A5:3E:AF:1E:2B:E3:DD:BA:13
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:87:7e:d2:5a:87:3a:2e:57:f9:35:ce:ca:ce:67:e2:15:17:
         c7:4c:4b:95:f9:52:ae:2a:78:41:2f:03:7c:99:9d:52:21:4a:
         7a:cb:8b:e7:8d:d7:5b:3c:72:52:3c:26:35:a1:da:8c:2d:bf:
         6d:59:9f:a8:72:40:73:60:08:89:e8:f7:a6:38:86:5a:eb:e5:
         7f:ee:39:2b:98:a6:08:2e:77:5f:d8:fe:0e:a2:00:ae:4f:99:
         e7:a2:22:8f:a2:dc:69:ab:70:ff:19:1e:29:31:a7:41:96:2f:
         9f:8a:67:b1:aa:35:a2:91:e6:7c:db:81:45:d2:ba:57:e6:47:
         3c:24:a8:05:20:1f:28:b5:d2:46:cf:c0:72:32:c7:df:67:9f:
         97:ef:0e:44:ac:b2:db:26:2b:a5:51:f3:b3:ff:92:ea:ff:e3:
         ff:b0:58:c8:21:74:b1:0b:34:fa:ef:a7:89:c5:b6:35:34:af:
         0e:41:c2:0e:ac:63:f4:c5:1b:ae:09:02:65:19:ed:1e:df:80:
         b3:cb:34:9c:53:71:6b:bb:28:96:a4:b8:0d:e3:e3:45:0e:7a:
         d6:d9:48:5c:7b:82:30:78:be:02:9b:73:f0:9f:a1:d3:a6:23:
         4f:86:e2:bd:9b:2f:c4:df:bd:73:33:91:1d:fe:f0:b5:80:3e:
         f4:a9:1e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSiozYXPFKcARHBiIJFEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUxMTExMDUwMTE3WhcNMjUxMTEyMDUwMTE3WjAzMTEwLwYDVQQD
EyhlZjk3ZDE1OGI4NjhkYWRmNDllOWEzYTUzZWFmMWUyYmUzZGRiYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleR6yYXo72vGI1v6i859bH643I8l
UbW1OOIh2zYg99CmW7j0XRsH4rQQGyzB0oPKnFKOkGkDhU92YCq8G3dLYMkMrJdg
JryqL6ob1L7YWFFwbrsEDdV5TiOucJPMekg9PcwjLdZTOs574x0UJrDoB5j/Zsyu
Z50C1zVVrV610NotBz/okUVn9jg6FiSeMiOf1JYp93epIsjJNQX+xygOwhpbmoXD
cjJoFeYBFC68ya4WkPfssSlBYqUs34+ptrIGq+DMCK14TxrZbS7ogulrDldrMamI
xKutRXc8FjdgqspXxa5Ytdisa/XScBUq8mQo8xuLh9ocPxQ5qLjROsmeCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+X0Vi4aNrfSemjpT6vHivj3boTMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAId+0lqH
Oi5X+TXOys5n4hUXx0xLlflSrip4QS8DfJmdUiFKesuL543XWzxyUjwmNaHajC2/
bVmfqHJAc2AIiej3pjiGWuvlf+45K5imCC53X9j+DqIArk+Z56Iij6Lcaatw/xke
KTGnQZYvn4pnsao1opHmfNuBRdK6V+ZHPCSoBSAfKLXSRs/AcjLH32efl+8ORKyy
2yYrpVHzs/+S6v/j/7BYyCF0sQs0+u+nicW2NTSvDkHCDqxj9MUbrgkCZRntHt+A
s8s0nFNxa7solqS4DePjRQ561tlIXHuCMHi+Aptz8J+h06YjT4bivZsvxN+9czOR
Hf7wtYA+9KkeaA==
-----END CERTIFICATE-----