Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          HGgN/XmuAjZ3Uf510JDSgWf6E2thpmXg345nClwZYBU=
Subject key identifier:   12:70:32:DC:97:A4:C3:B7:03:FA:8D:CE:C9:B5:05:16:2C:A5:F6:B0
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019A73A6E26D7310398FDDA541ADE89D30C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0C6A
Signing time:             Tue 11 Nov 2025 16:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 16:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 16:01:48 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: HCU8wf3n0BGZxefTG/OkAIVrlULOGu0LxiPK4LpDHvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a6:e2:6d:73:10:39:8f:dd:a5:41:ad:e8:9d:30:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Nov 11 16:01:48 2025 GMT
            Not After : Nov 12 16:01:48 2025 GMT
        Subject: CN=127032dc97a4c3b703fa8dcec9b505162ca5f6b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7b:7d:13:dd:ea:90:a5:15:27:8b:28:7f:b7:
                    c3:01:29:68:9a:5b:eb:76:b9:ce:fd:2e:0e:9e:d9:
                    22:3c:bf:9d:44:d4:6b:0f:b6:0b:f3:ad:cf:c5:f5:
                    68:a6:5f:dd:85:e0:36:6d:e0:c0:36:10:76:cd:5e:
                    e1:80:bb:f4:18:8b:09:72:e1:97:d1:d1:2c:ba:d9:
                    0d:e0:19:49:51:ba:a7:eb:b0:a7:e9:c1:e5:be:7f:
                    69:44:cf:48:c9:ac:c9:c0:89:ae:d4:b7:d6:b7:27:
                    cd:69:ad:db:65:bc:67:8e:48:4b:55:af:9c:ba:9e:
                    b6:af:f4:76:cb:ed:58:b0:41:fe:66:32:45:f5:41:
                    69:28:c4:7a:94:41:ad:fc:2c:37:d3:f5:9d:54:3c:
                    cc:ac:c2:6c:cc:21:35:4d:23:03:1a:3b:9b:d5:97:
                    68:ca:c0:33:c7:02:d4:7e:d1:58:3d:67:8f:ba:eb:
                    39:16:b1:07:a6:ef:c5:b1:a5:cb:f8:72:22:4e:cb:
                    02:1b:90:1b:b2:73:5a:5f:05:4f:ed:e9:6c:9a:48:
                    6a:81:f1:a7:c2:57:29:ae:90:22:3e:2f:a9:4e:30:
                    c1:66:32:d3:39:c2:80:12:f0:53:83:ae:a0:71:ca:
                    32:2f:f5:1a:b9:9a:1c:94:d2:4d:9e:48:e6:a8:01:
                    12:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:70:32:DC:97:A4:C3:B7:03:FA:8D:CE:C9:B5:05:16:2C:A5:F6:B0
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:7c:03:8a:10:18:26:40:39:ac:a2:9d:93:9d:f5:80:b5:18:
         7d:8f:19:71:bd:a4:b0:de:ea:50:48:b2:6c:12:52:13:a9:28:
         d3:6f:7a:4b:18:cf:92:9c:2c:d6:30:69:06:63:e1:5d:ae:45:
         f2:52:91:0c:1c:ea:b8:f6:93:9b:50:dc:c7:e3:7b:5d:40:2b:
         32:c4:63:45:f6:68:89:48:73:e1:74:a9:43:85:88:22:85:2f:
         ce:4d:31:b1:e3:30:ce:d2:61:02:31:4b:47:c9:4a:a0:2d:e7:
         bd:c8:a0:46:ee:23:e7:30:03:43:13:e1:85:25:a9:9f:d8:36:
         dc:3e:0f:ee:43:87:d5:62:da:f0:ca:8d:29:dc:e4:82:dd:b2:
         9f:49:5a:6c:c6:15:42:29:95:ff:58:7f:5f:88:ee:61:40:be:
         e1:ec:2c:d9:22:98:75:85:66:70:df:f7:9c:b1:23:a2:7e:84:
         fe:31:b2:29:39:ed:ce:b7:54:13:12:f6:71:74:05:0b:15:43:
         ce:fc:06:80:78:0f:21:11:96:0a:8c:de:b5:6f:a3:d7:86:49:
         02:3d:73:5b:03:24:9c:26:e2:5b:31:b6:69:4f:0e:2c:7a:f9:
         67:e3:e5:68:57:24:6d:e9:3a:80:e2:f1:ac:3b:b0:9a:33:b4:
         a6:1e:c7:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpuJtcxA5j92lQa3onTDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjUxMTExMTYwMTQ4WhcNMjUxMTEyMTYwMTQ4WjAzMTEwLwYDVQQD
EygxMjcwMzJkYzk3YTRjM2I3MDNmYThkY2VjOWI1MDUxNjJjYTVmNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHt9E93qkKUVJ4sof7fDASlomlvr
drnO/S4OntkiPL+dRNRrD7YL863PxfVopl/dheA2beDANhB2zV7hgLv0GIsJcuGX
0dEsutkN4BlJUbqn67Cn6cHlvn9pRM9IyazJwImu1LfWtyfNaa3bZbxnjkhLVa+c
up62r/R2y+1YsEH+ZjJF9UFpKMR6lEGt/Cw30/WdVDzMrMJszCE1TSMDGjub1Zdo
ysAzxwLUftFYPWePuus5FrEHpu/FsaXL+HIiTssCG5AbsnNaXwVP7elsmkhqgfGn
wlcprpAiPi+pTjDBZjLTOcKAEvBTg66gccoyL/UauZoclNJNnkjmqAESnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJwMtyXpMO3A/qNzsm1BRYspfawMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwnwDihAY
JkA5rKKdk531gLUYfY8Zcb2ksN7qUEiybBJSE6ko0296SxjPkpws1jBpBmPhXa5F
8lKRDBzquPaTm1Dcx+N7XUArMsRjRfZoiUhz4XSpQ4WIIoUvzk0xseMwztJhAjFL
R8lKoC3nvcigRu4j5zADQxPhhSWpn9g23D4P7kOH1WLa8MqNKdzkgt2yn0labMYV
QimV/1h/X4juYUC+4ews2SKYdYVmcN/3nLEjon6E/jGyKTntzrdUExL2cXQFCxVD
zvwGgHgPIRGWCozetW+j14ZJAj1zWwMknCbiWzG2aU8OLHr5Z+PlaFckbek6gOLx
rDuwmjO0ph7HsQ==
-----END CERTIFICATE-----