Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          SNDbdM/Q7K1v4emVy4nJhASKYffQ0YUV+75exW47SLA=
Subject key identifier:   F7:44:86:9E:92:40:09:87:68:61:78:D9:1B:EC:04:D8:6D:88:97:30
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019A71B937235C49D635C7BFB8989D651DEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0A8F
Signing time:             Tue 11 Nov 2025 07:02:34 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:34 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:34 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: iqSbKqN0R4j4AfotJjDEhu1elhi/KeR7qSZgSRBZcm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:37:23:5c:49:d6:35:c7:bf:b8:98:9d:65:1d:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Nov 11 07:02:34 2025 GMT
            Not After : Nov 12 07:02:34 2025 GMT
        Subject: CN=f744869e92400987686178d91bec04d86d889730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:06:ea:46:83:2d:f8:df:ba:77:b1:ca:7b:4a:
                    91:9f:16:92:b7:3a:82:db:f0:0d:82:07:4f:bb:ec:
                    cc:9c:57:ff:07:9a:b1:59:49:92:88:d1:95:39:05:
                    b2:97:29:e3:c4:44:1b:a6:57:11:b4:09:c3:de:bf:
                    69:f4:a5:b7:9c:e4:a8:43:be:db:4a:d0:22:03:d9:
                    a7:cb:a0:6a:46:f8:df:3f:6f:1d:d2:fe:c5:c1:74:
                    5f:94:dd:52:6d:ea:14:04:04:94:1b:6a:2b:9b:24:
                    bc:01:cc:45:30:a8:4b:67:93:33:86:1f:e4:71:ec:
                    2e:2c:46:92:1a:57:6a:c0:c9:48:07:f5:89:bb:e5:
                    62:0e:ad:7c:39:b6:a1:fb:0e:59:39:f3:99:e7:31:
                    14:af:94:24:30:d6:5a:40:92:d5:48:dc:3b:40:e4:
                    8b:42:1d:a2:fb:95:8d:05:64:33:48:af:60:4e:bf:
                    0c:c2:f1:d0:33:03:3c:95:31:22:8a:63:24:51:29:
                    c8:f5:ca:58:f5:4f:c2:c1:9c:7a:87:f6:b8:99:5b:
                    24:cb:27:0d:c9:cd:bb:ce:e5:fd:2b:17:a8:4e:61:
                    9d:9f:e7:11:4e:88:ae:03:72:29:2d:40:73:fb:8c:
                    4f:79:2a:42:cd:31:ea:16:00:fd:ac:0d:f6:3f:e2:
                    c6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:44:86:9E:92:40:09:87:68:61:78:D9:1B:EC:04:D8:6D:88:97:30
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:d4:ce:69:21:4c:fe:12:e0:c6:1c:3e:85:e9:15:f5:51:b8:
         1b:42:a3:13:f9:1a:be:81:94:c0:41:4c:dd:bd:b0:21:cb:a1:
         6a:1f:cc:19:ce:87:56:52:bd:da:2d:75:46:66:45:9e:1f:c4:
         56:6c:4d:3f:29:6c:e3:51:2e:52:b2:e5:c7:b2:72:cc:ac:64:
         a8:60:6a:b8:78:32:28:a1:9b:2f:7f:bd:f1:5e:4c:d8:e2:a3:
         66:94:46:ad:bc:26:42:61:a9:e2:9f:d7:06:18:6a:03:b8:56:
         63:06:9f:1e:0c:c7:bf:a3:a3:22:ac:0c:22:61:d0:5d:6e:01:
         f3:1c:bf:89:64:b4:0c:b4:f9:0f:8f:be:92:49:0d:cd:6a:b0:
         78:e3:03:2b:f9:94:c2:a4:c4:98:b0:99:cb:6d:4c:04:ab:d8:
         44:52:7c:6f:1a:36:e9:01:5b:87:7c:81:77:ca:d2:e9:b1:e6:
         ab:28:db:02:4b:63:a5:71:28:3f:bf:59:cd:d8:a8:bf:9f:f5:
         df:90:d6:a6:4c:e6:87:ec:48:ca:7b:bf:94:ed:e0:64:82:c3:
         d6:82:c7:fc:f7:0a:87:60:ae:96:65:1d:91:a3:e7:33:f5:c6:
         6f:31:4e:22:11:eb:f9:62:72:8c:04:f1:3e:e7:0f:d0:11:70:
         3e:70:8c:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTcjXEnWNce/uJidZR3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUxMTExMDcwMjM0WhcNMjUxMTEyMDcwMjM0WjAzMTEwLwYDVQQD
EyhmNzQ0ODY5ZTkyNDAwOTg3Njg2MTc4ZDkxYmVjMDRkODZkODg5NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowbqRoMt+N+6d7HKe0qRnxaStzqC
2/ANggdPu+zMnFf/B5qxWUmSiNGVOQWylynjxEQbplcRtAnD3r9p9KW3nOSoQ77b
StAiA9mny6BqRvjfP28d0v7FwXRflN1SbeoUBASUG2ormyS8AcxFMKhLZ5Mzhh/k
cewuLEaSGldqwMlIB/WJu+ViDq18Obah+w5ZOfOZ5zEUr5QkMNZaQJLVSNw7QOSL
Qh2i+5WNBWQzSK9gTr8MwvHQMwM8lTEiimMkUSnI9cpY9U/CwZx6h/a4mVskyycN
yc27zuX9KxeoTmGdn+cRToiuA3IpLUBz+4xPeSpCzTHqFgD9rA32P+LGjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPdEhp6SQAmHaGF42RvsBNhtiJcwMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9TOaSFM
/hLgxhw+hekV9VG4G0KjE/kavoGUwEFM3b2wIcuhah/MGc6HVlK92i11RmZFnh/E
VmxNPyls41EuUrLlx7JyzKxkqGBquHgyKKGbL3+98V5M2OKjZpRGrbwmQmGp4p/X
BhhqA7hWYwafHgzHv6OjIqwMImHQXW4B8xy/iWS0DLT5D4++kkkNzWqweOMDK/mU
wqTEmLCZy21MBKvYRFJ8bxo26QFbh3yBd8rS6bHmqyjbAktjpXEoP79Zzdiov5/1
35DWpkzmh+xIynu/lO3gZILD1oLH/PcKh2CulmUdkaPnM/XGbzFOIhHr+WJyjATx
PucP0BFwPnCMXw==
-----END CERTIFICATE-----