Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
File:                     HNuFgmJdF7G8uuE_xt20OruV0v4.mft (raw, json)
Hash identifier:          FQocFmpFGU+6VHtZPBac1UmCn9HBXqkUA4aVro9k/XI=
Subject key identifier:   CA:E1:30:FF:EB:11:52:12:5B:2C:03:90:AE:6E:AC:22:A8:62:C9:6E
Authority key identifier: 1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE
Certificate issuer:       /CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
Certificate serial:       019A72939245E92F13380EC09807D7703F1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
Manifest number:          02DC
Signing time:             Tue 11 Nov 2025 11:01:04 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:04 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:04 +0000
Files and hashes:         1: HNuFgmJdF7G8uuE_xt20OruV0v4.crl (hash: D7jEYTkitoYqnXMkwNKL8kHQCdgV95nmFEatNE0Jaoc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:92:45:e9:2f:13:38:0e:c0:98:07:d7:70:3f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cdb8582625d17b1bcbae13fc6ddb43abb95d2fe
        Validity
            Not Before: Nov 11 11:01:04 2025 GMT
            Not After : Nov 12 11:01:04 2025 GMT
        Subject: CN=cae130ffeb1152125b2c0390ae6eac22a862c96e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:97:bc:83:0e:e3:ab:f6:73:bc:ea:58:9d:02:
                    3c:9e:e1:49:c6:63:27:c3:11:4c:50:66:ef:d4:ff:
                    99:47:95:2b:2f:50:db:3e:b4:21:aa:db:91:2c:5a:
                    7d:1b:d7:8d:fb:fa:8b:93:18:f3:f4:44:35:dc:5b:
                    e0:57:93:41:18:2e:81:44:9b:d2:c5:08:88:09:a3:
                    07:85:8d:ef:10:8a:bb:ff:5e:73:c6:bb:55:24:15:
                    83:e6:ba:87:44:a0:28:cd:ad:14:47:26:37:24:20:
                    fd:b3:0b:6f:c1:dd:34:81:6e:5e:d1:41:0f:66:d2:
                    48:c5:fc:a6:79:6d:12:bb:e9:f9:d9:3a:27:fa:49:
                    d7:12:50:e8:11:87:99:34:5d:4c:e5:1f:5c:ff:f7:
                    86:b8:6c:b2:a7:4f:33:67:11:b4:05:66:28:5f:a3:
                    2c:50:d2:70:17:f7:4d:43:93:cf:c4:5f:89:04:0d:
                    b8:c9:20:29:bc:8a:d3:53:62:9e:96:b7:92:84:ff:
                    18:fc:a0:47:27:5a:06:14:83:b6:ce:92:d6:58:c0:
                    b3:bb:a2:b3:68:2a:c3:75:fc:a5:c0:ac:ee:c3:42:
                    ca:f7:01:67:46:da:2f:95:17:46:b2:d3:82:ef:c6:
                    11:0b:3f:2e:56:0a:1d:58:aa:9e:a9:ea:ca:4b:0e:
                    5b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:E1:30:FF:EB:11:52:12:5B:2C:03:90:AE:6E:AC:22:A8:62:C9:6E
            X509v3 Authority Key Identifier:
                keyid:1C:DB:85:82:62:5D:17:B1:BC:BA:E1:3F:C6:DD:B4:3A:BB:95:D2:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNuFgmJdF7G8uuE_xt20OruV0v4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/54cabe-0052-455f-8047-45fba5c97593/1/HNuFgmJdF7G8uuE_xt20OruV0v4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:ab:9f:5e:d6:8a:19:57:bb:e1:73:64:b2:d7:70:a1:c0:5a:
         61:d1:66:c9:73:1e:31:a7:15:77:da:fe:36:30:17:bb:74:8d:
         6b:0e:8f:80:c9:55:8b:8d:6c:a4:c0:f9:b2:48:1c:f4:9f:f7:
         17:a2:c6:77:38:f1:f5:e1:28:85:fe:34:30:cc:a6:e7:23:fa:
         e8:7c:c5:2b:32:65:c2:b1:93:f8:62:ea:74:a5:7c:38:c9:6a:
         85:76:1d:45:d2:6d:86:62:1e:a6:6b:49:cd:01:e5:83:55:f1:
         61:5a:f8:ba:12:07:39:ae:ae:32:c0:46:03:7f:18:2c:21:2f:
         f3:26:f4:65:07:0d:3d:ce:d4:d4:ec:be:db:dc:ba:f5:fd:35:
         0f:54:61:7d:0a:c5:e5:0c:40:b2:41:3a:80:bc:cd:bd:5a:29:
         95:2a:88:9e:fa:f9:80:a1:31:31:fe:aa:e9:72:f3:26:f6:af:
         91:78:e0:87:79:bb:e8:af:9d:ad:55:3f:f2:15:ea:32:35:40:
         dd:bd:22:e3:1b:7f:02:d9:a4:fb:d4:60:df:9e:7f:10:38:7a:
         85:9a:b8:38:44:14:92:f0:85:ae:3e:c3:b1:bd:a3:41:8c:5d:
         4e:4f:11:50:d6:04:78:59:1a:1a:70:5f:34:00:31:ff:13:0a:
         7e:c7:c5:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5JF6S8TOA7AmAfXcD8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGI4NTgyNjI1ZDE3YjFiY2JhZTEzZmM2ZGRiNDNhYmI5
NWQyZmUwHhcNMjUxMTExMTEwMTA0WhcNMjUxMTEyMTEwMTA0WjAzMTEwLwYDVQQD
EyhjYWUxMzBmZmViMTE1MjEyNWIyYzAzOTBhZTZlYWMyMmE4NjJjOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJe8gw7jq/ZzvOpYnQI8nuFJxmMn
wxFMUGbv1P+ZR5UrL1DbPrQhqtuRLFp9G9eN+/qLkxjz9EQ13FvgV5NBGC6BRJvS
xQiICaMHhY3vEIq7/15zxrtVJBWD5rqHRKAoza0URyY3JCD9swtvwd00gW5e0UEP
ZtJIxfymeW0Su+n52Ton+knXElDoEYeZNF1M5R9c//eGuGyyp08zZxG0BWYoX6Ms
UNJwF/dNQ5PPxF+JBA24ySApvIrTU2KelreShP8Y/KBHJ1oGFIO2zpLWWMCzu6Kz
aCrDdfylwKzuw0LK9wFnRtovlRdGstOC78YRCz8uVgodWKqeqerKSw5buQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrhMP/rEVISWywDkK5urCKoYsluMB8GA1UdIwQY
MBaAFBzbhYJiXRexvLrhP8bdtDq7ldL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDct
NDVmYmE1Yzk3NTkzLzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81NGNhYmUtMDA1Mi00NTVmLTgwNDctNDVmYmE1Yzk3NTkz
LzEvSE51RmdtSmRGN0c4dXVFX3h0MjBPcnVWMHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYKufXtaK
GVe74XNkstdwocBaYdFmyXMeMacVd9r+NjAXu3SNaw6PgMlVi41spMD5skgc9J/3
F6LGdzjx9eEohf40MMym5yP66HzFKzJlwrGT+GLqdKV8OMlqhXYdRdJthmIepmtJ
zQHlg1XxYVr4uhIHOa6uMsBGA38YLCEv8yb0ZQcNPc7U1Oy+29y69f01D1RhfQrF
5QxAskE6gLzNvVoplSqInvr5gKExMf6q6XLzJvavkXjgh3m76K+drVU/8hXqMjVA
3b0i4xt/Atmk+9Rg355/EDh6hZq4OEQUkvCFrj7Dsb2jQYxdTk8RUNYEeFkaGnBf
NAAx/xMKfsfFsA==
-----END CERTIFICATE-----