Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          M4QkVSXyDaNNNAY2ot47KwiYzGGctNADh90rivLB/hk=
Subject key identifier:   87:23:A0:81:63:99:E7:AC:36:3F:B1:B7:BB:9C:E0:AB:E7:06:80:E2
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019A711353AFB15124125716AF66989F5E3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0DFE
Signing time:             Tue 11 Nov 2025 04:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:23 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: uMecPn2a+jpvbKPf2INm0dR8Kpqjk9a/feyvs4qWWfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:53:af:b1:51:24:12:57:16:af:66:98:9f:5e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Nov 11 04:01:23 2025 GMT
            Not After : Nov 12 04:01:23 2025 GMT
        Subject: CN=8723a0816399e7ac363fb1b7bb9ce0abe70680e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:55:20:7d:12:fe:3e:32:20:5d:37:8c:a7:00:
                    7c:bd:b9:0c:68:72:a3:f7:f7:92:f1:f1:43:1c:8d:
                    9f:95:e2:d8:ed:c3:68:43:79:52:2a:09:7f:1c:e3:
                    11:dd:22:d1:5c:ba:2b:a0:6d:9b:bd:fb:74:04:6f:
                    8a:e4:21:fd:6f:4e:54:c9:83:13:95:3e:72:a3:f4:
                    7c:f5:3d:2b:6f:6d:ce:7f:6f:3e:b8:10:71:fc:f8:
                    a2:41:ee:4d:fd:38:16:47:78:a1:36:c8:fc:a2:38:
                    5e:71:1f:b6:bf:b7:d7:9f:8b:22:61:e0:19:76:1b:
                    bd:a7:1b:18:43:61:49:cb:af:1c:40:8e:a1:c6:7f:
                    2e:ff:61:8f:3c:80:26:e9:1c:70:9c:7a:71:73:3a:
                    0c:6e:a9:86:ed:9a:c3:f4:88:22:cd:6e:47:6b:70:
                    2d:45:30:ff:fb:75:29:04:00:03:a1:44:cf:c5:8c:
                    9e:b8:df:58:30:0f:4f:0c:17:00:a4:d5:dc:55:de:
                    8e:f1:58:5c:80:40:0b:b4:ed:8f:ef:6d:3d:36:d6:
                    40:50:7f:e8:ef:5d:2e:49:0a:77:3b:87:4f:78:6c:
                    f0:08:8d:cc:3b:dd:f4:40:d0:c4:71:c0:05:c4:87:
                    c4:c3:2a:dc:f7:d6:a3:e2:ab:42:ae:3a:a0:c6:87:
                    ac:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:23:A0:81:63:99:E7:AC:36:3F:B1:B7:BB:9C:E0:AB:E7:06:80:E2
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:27:c8:a9:86:a4:d9:14:38:4f:ad:a2:0e:7b:60:b0:68:e5:
         4d:4c:98:3f:35:b6:fb:e5:5f:07:ab:a0:5c:41:22:f4:c7:ca:
         61:27:e1:0f:e6:fc:90:95:83:19:88:ae:d2:7b:e8:9d:eb:5a:
         5c:b6:ed:17:10:39:e9:76:cb:53:23:82:0f:81:30:13:c8:f7:
         a9:5a:8e:dd:d4:ad:f3:50:0e:29:b1:a2:59:d4:82:01:48:98:
         cc:da:56:52:01:27:b3:8c:4b:df:40:96:03:f3:b0:d5:02:b3:
         c2:41:70:f6:6c:6a:7e:e7:23:a0:75:0a:f2:62:9c:5d:32:dc:
         15:31:c9:4b:e9:9e:fd:56:42:c3:38:ca:2f:0e:94:5b:fe:87:
         b0:3e:e6:6b:65:9c:ef:6e:e5:b2:42:f4:57:14:f8:17:68:73:
         56:19:2d:4a:f0:a2:63:f1:f0:3d:1d:6a:d4:8e:9b:38:54:66:
         76:6c:8e:23:ce:80:39:06:70:64:f4:11:13:4e:86:06:e8:2e:
         95:dd:57:76:a8:01:1b:ad:be:aa:dc:77:a5:9e:a5:76:99:02:
         08:47:1e:38:c1:67:68:d0:1a:0e:f4:35:64:57:1b:da:f4:1d:
         5f:0f:82:d8:56:bb:94:2b:1b:3f:b0:b7:a3:31:cf:97:a4:8e:
         f5:73:ce:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1OvsVEkElcWr2aYn14+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
Eyg4NzIzYTA4MTYzOTllN2FjMzYzZmIxYjdiYjljZTBhYmU3MDY4MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFUgfRL+PjIgXTeMpwB8vbkMaHKj
9/eS8fFDHI2fleLY7cNoQ3lSKgl/HOMR3SLRXLoroG2bvft0BG+K5CH9b05UyYMT
lT5yo/R89T0rb23Of28+uBBx/PiiQe5N/TgWR3ihNsj8ojhecR+2v7fXn4siYeAZ
dhu9pxsYQ2FJy68cQI6hxn8u/2GPPIAm6RxwnHpxczoMbqmG7ZrD9IgizW5Ha3At
RTD/+3UpBAADoUTPxYyeuN9YMA9PDBcApNXcVd6O8VhcgEALtO2P7209NtZAUH/o
710uSQp3O4dPeGzwCI3MO930QNDEccAFxIfEwyrc99aj4qtCrjqgxoesjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcjoIFjmeesNj+xt7uc4KvnBoDiMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYCfIqYak
2RQ4T62iDntgsGjlTUyYPzW2++VfB6ugXEEi9MfKYSfhD+b8kJWDGYiu0nvoneta
XLbtFxA56XbLUyOCD4EwE8j3qVqO3dSt81AOKbGiWdSCAUiYzNpWUgEns4xL30CW
A/Ow1QKzwkFw9mxqfucjoHUK8mKcXTLcFTHJS+me/VZCwzjKLw6UW/6HsD7ma2Wc
727lskL0VxT4F2hzVhktSvCiY/HwPR1q1I6bOFRmdmyOI86AOQZwZPQRE06GBugu
ld1XdqgBG62+qtx3pZ6ldpkCCEceOMFnaNAaDvQ1ZFcb2vQdXw+C2Fa7lCsbP7C3
ozHPl6SO9XPOJw==
-----END CERTIFICATE-----