Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          mmTCxFqmLTZOV99CkFosBN/G84tGjmWTOkZsoodjDrs=
Subject key identifier:   4A:EB:DF:EA:00:68:31:02:1B:B9:51:C2:49:39:65:5F:9B:07:AC:60
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       019A72264F117210FBCD75B1D09372E9326E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0AC6
Signing time:             Tue 11 Nov 2025 09:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:44 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: i2gDjNBdvAghhCnqsi0b09LaTgCi37PJDm4VC+nKS3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:4f:11:72:10:fb:cd:75:b1:d0:93:72:e9:32:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Nov 11 09:01:44 2025 GMT
            Not After : Nov 12 09:01:44 2025 GMT
        Subject: CN=4aebdfea006831021bb951c24939655f9b07ac60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:00:53:ab:b1:67:6b:43:f8:85:7b:a4:ee:50:
                    36:de:85:1a:9d:37:b7:2f:ae:f0:3a:cd:ae:95:18:
                    b7:ff:7a:e8:4a:bf:92:16:e5:45:2a:d9:b1:04:a9:
                    db:b0:c2:c9:ec:3d:a1:41:d2:f9:b0:fe:46:f7:2b:
                    7f:3e:02:94:6b:79:b0:1c:de:66:87:d5:9c:06:4e:
                    0c:b9:e6:4f:45:9a:5e:2b:55:e0:6d:90:43:22:d9:
                    29:1a:18:5c:20:37:e4:0c:84:72:a8:b8:a7:54:8f:
                    a7:8f:4c:79:93:2b:f0:eb:d4:f3:bd:4c:6c:b0:db:
                    0c:e7:14:9d:b1:24:aa:ab:c9:59:cc:8f:fd:67:fc:
                    24:19:be:63:10:3a:69:c3:83:64:65:0b:f1:f4:40:
                    72:dd:14:51:ad:b7:86:d2:b4:c6:0d:73:cc:f6:41:
                    c7:53:80:03:48:7b:08:a6:e0:3f:3b:fd:b2:01:2d:
                    9f:d4:c8:6b:1d:dd:52:37:2b:2d:12:71:e7:84:8b:
                    fb:9a:96:2e:0c:a5:8c:5c:4f:c3:7d:85:54:7d:7e:
                    b9:c8:41:5b:e2:a5:7e:bc:df:c6:ff:35:c2:24:c0:
                    bf:6c:1b:9a:46:d0:c9:8d:3b:f1:91:36:16:6a:1d:
                    7c:79:89:07:52:b4:1c:f0:f3:07:3f:0d:86:d9:45:
                    1a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:EB:DF:EA:00:68:31:02:1B:B9:51:C2:49:39:65:5F:9B:07:AC:60
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:a0:cd:36:e7:d9:89:ba:0b:bb:cf:72:67:cb:11:83:a9:e4:
         27:1f:3d:d2:d1:c5:cd:6c:af:5a:b0:58:77:91:5b:8c:f3:cb:
         8a:45:05:19:00:a8:94:35:64:f2:d3:66:7c:e1:b5:85:6a:dd:
         9e:38:fe:c1:79:b2:60:d4:36:3d:38:5e:9d:e6:d5:66:c7:17:
         83:55:a2:c3:12:3d:06:56:13:96:85:7f:d1:34:ac:71:9b:54:
         38:89:52:bd:c0:e4:4e:93:0b:78:2d:67:09:af:6d:8d:3d:55:
         7e:b1:2f:a6:03:7c:cd:2f:c4:85:db:2c:2a:b1:8d:82:bb:4f:
         2b:03:8f:26:e1:9c:38:3b:91:81:b6:6e:51:c1:a5:7d:f1:e5:
         b2:08:0f:4a:26:80:d1:4f:62:a8:b8:d8:55:21:3a:c0:f7:85:
         cd:a5:a2:ac:2f:b7:56:61:c3:22:ff:26:7a:1f:f0:7d:94:5c:
         3c:97:a3:6e:62:33:af:b7:67:9b:3d:43:09:e9:ba:81:d1:b8:
         a4:95:7a:ff:f9:d7:92:74:e5:67:a5:7a:87:1e:c7:cc:cd:af:
         6f:2b:f1:f0:c3:2f:51:a3:78:64:53:46:e6:90:5a:7d:a2:c5:
         e4:b1:84:8f:68:f6:96:a6:c9:c1:28:a2:b2:a8:93:dc:47:cc:
         4c:ef:9a:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk8RchD7zXWx0JNy6TJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
Eyg0YWViZGZlYTAwNjgzMTAyMWJiOTUxYzI0OTM5NjU1ZjliMDdhYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtABTq7Fna0P4hXuk7lA23oUanTe3
L67wOs2ulRi3/3roSr+SFuVFKtmxBKnbsMLJ7D2hQdL5sP5G9yt/PgKUa3mwHN5m
h9WcBk4MueZPRZpeK1XgbZBDItkpGhhcIDfkDIRyqLinVI+nj0x5kyvw69TzvUxs
sNsM5xSdsSSqq8lZzI/9Z/wkGb5jEDppw4NkZQvx9EBy3RRRrbeG0rTGDXPM9kHH
U4ADSHsIpuA/O/2yAS2f1MhrHd1SNystEnHnhIv7mpYuDKWMXE/DfYVUfX65yEFb
4qV+vN/G/zXCJMC/bBuaRtDJjTvxkTYWah18eYkHUrQc8PMHPw2G2UUakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErr3+oAaDECG7lRwkk5ZV+bB6xgMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqDNNufZ
iboLu89yZ8sRg6nkJx890tHFzWyvWrBYd5FbjPPLikUFGQColDVk8tNmfOG1hWrd
njj+wXmyYNQ2PThenebVZscXg1WiwxI9BlYTloV/0TSscZtUOIlSvcDkTpMLeC1n
Ca9tjT1VfrEvpgN8zS/EhdssKrGNgrtPKwOPJuGcODuRgbZuUcGlffHlsggPSiaA
0U9iqLjYVSE6wPeFzaWirC+3VmHDIv8meh/wfZRcPJejbmIzr7dnmz1DCem6gdG4
pJV6//nXknTlZ6V6hx7HzM2vbyvx8MMvUaN4ZFNG5pBafaLF5LGEj2j2lqbJwSii
sqiT3EfMTO+asg==
-----END CERTIFICATE-----