Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
File:                     hWlFRtV2UOyEZtOS0X-jQylgFUA.mft (raw, json)
Hash identifier:          0g5hUAZ640LTDX+GsA/w3CkMr56lZ26SHsSaKgzo/vA=
Subject key identifier:   5F:35:6C:B0:71:6C:DA:6E:CC:D9:8B:8D:AF:FB:F9:F9:E6:2D:9A:3C
Authority key identifier: 85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40
Certificate issuer:       /CN=85694546d57650ec8466d392d17fa34329601540
Certificate serial:       01992367CFF129A11106EE872B41D10D244D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
Manifest number:          53
Signing time:             Sun 07 Sep 2025 09:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 09:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 09:00:29 +0000
Files and hashes:         1: hWlFRtV2UOyEZtOS0X-jQylgFUA.crl (hash: W0pJQyHQ0oehx9lyFi01+IaLvzrqiPHpHtzhxuhWz5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:67:cf:f1:29:a1:11:06:ee:87:2b:41:d1:0d:24:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85694546d57650ec8466d392d17fa34329601540
        Validity
            Not Before: Sep  7 09:00:29 2025 GMT
            Not After : Sep  8 09:00:29 2025 GMT
        Subject: CN=5f356cb0716cda6eccd98b8daffbf9f9e62d9a3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e5:ae:a3:36:05:1b:05:55:09:f8:01:4f:9c:
                    f0:a5:e4:28:58:dd:e5:4b:86:66:c4:65:29:0d:60:
                    d7:84:ff:95:ae:b8:22:34:1a:8b:7f:b9:7c:d5:34:
                    ac:7c:5e:79:b2:4b:19:ed:03:bf:fb:f5:e7:92:df:
                    7a:5f:11:04:a2:db:63:07:2b:4c:54:3a:0e:74:41:
                    10:b5:b7:66:f8:a6:31:9b:2e:02:d4:6e:57:03:2c:
                    6d:4c:19:26:39:e9:a7:d6:5f:14:fc:99:7c:b4:69:
                    e9:50:12:67:20:6f:d4:fe:34:16:29:7b:49:7e:06:
                    ea:fd:e6:a1:9e:b2:2f:f9:f1:ee:89:28:0a:cc:14:
                    9b:c1:09:77:84:30:49:70:45:39:66:a0:aa:d8:79:
                    4b:b7:42:1d:cd:4b:df:ba:a9:a5:71:4b:6c:83:ef:
                    f2:67:df:99:40:eb:05:71:22:a4:42:f9:d8:d6:39:
                    91:8f:76:7f:ca:1c:cb:c8:54:e5:5b:be:3c:db:8c:
                    8d:13:b3:0d:2a:04:79:a8:a8:f3:0d:01:50:22:a8:
                    9c:d4:93:1a:85:09:c3:6d:1b:75:ad:62:8f:27:9c:
                    66:82:97:76:50:9d:8d:27:86:0d:de:78:12:18:2b:
                    58:dd:08:4a:4f:51:df:31:30:52:4c:b7:af:13:07:
                    b9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:35:6C:B0:71:6C:DA:6E:CC:D9:8B:8D:AF:FB:F9:F9:E6:2D:9A:3C
            X509v3 Authority Key Identifier:
                keyid:85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:41:f4:b9:23:23:cb:4a:c2:68:f2:e4:e9:d3:d6:68:be:17:
         ef:0c:dc:1a:d3:73:f5:06:ef:aa:51:f8:50:43:38:fb:29:b4:
         f7:61:87:30:22:0a:87:a6:77:17:ef:5d:a3:6e:82:3e:9b:d0:
         9c:86:59:fd:d3:4e:33:c4:38:e1:b5:9e:5a:7b:d2:a9:43:be:
         26:c3:91:ab:a8:4a:48:6d:d2:84:b4:87:3b:b9:94:03:b2:0e:
         ef:92:62:49:c5:b5:86:4f:ca:ab:8e:f8:34:80:22:01:71:72:
         5a:b9:77:60:d2:61:06:c5:28:f7:01:02:c0:49:51:dd:7c:80:
         61:f9:9c:c7:bb:4c:33:ba:2b:d7:cd:b1:1a:ba:de:81:35:c8:
         ae:4f:5e:18:ca:f7:58:53:17:5c:22:af:2e:d5:22:25:dd:95:
         b1:06:33:5a:82:0d:21:1a:58:80:91:a6:25:df:f1:df:f0:29:
         67:26:57:9e:c1:81:6b:7e:96:61:ac:61:21:8a:9e:7d:82:cf:
         dd:e2:4f:11:9b:a3:ce:4a:6c:f5:ea:5d:24:bc:29:e5:d9:6b:
         2d:9a:49:69:f9:74:ad:2d:d6:d1:2c:93:87:43:85:15:66:2a:
         27:1e:b2:f8:34:a5:fb:db:e3:4c:23:68:e1:0c:86:11:ac:26:
         47:24:19:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjZ8/xKaERBu6HK0HRDSRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njk0NTQ2ZDU3NjUwZWM4NDY2ZDM5MmQxN2ZhMzQzMjk2
MDE1NDAwHhcNMjUwOTA3MDkwMDI5WhcNMjUwOTA4MDkwMDI5WjAzMTEwLwYDVQQD
Eyg1ZjM1NmNiMDcxNmNkYTZlY2NkOThiOGRhZmZiZjlmOWU2MmQ5YTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeWuozYFGwVVCfgBT5zwpeQoWN3l
S4ZmxGUpDWDXhP+VrrgiNBqLf7l81TSsfF55sksZ7QO/+/Xnkt96XxEEottjBytM
VDoOdEEQtbdm+KYxmy4C1G5XAyxtTBkmOemn1l8U/Jl8tGnpUBJnIG/U/jQWKXtJ
fgbq/eahnrIv+fHuiSgKzBSbwQl3hDBJcEU5ZqCq2HlLt0IdzUvfuqmlcUtsg+/y
Z9+ZQOsFcSKkQvnY1jmRj3Z/yhzLyFTlW74824yNE7MNKgR5qKjzDQFQIqic1JMa
hQnDbRt1rWKPJ5xmgpd2UJ2NJ4YN3ngSGCtY3QhKT1HfMTBSTLevEwe5GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF81bLBxbNpuzNmLja/7+fnmLZo8MB8GA1UdIwQY
MBaAFIVpRUbVdlDshGbTktF/o0MpYBVAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMt
M2YwODQxYWU2YmMxLzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMtM2YwODQxYWU2YmMx
LzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC0H0uSMj
y0rCaPLk6dPWaL4X7wzcGtNz9QbvqlH4UEM4+ym092GHMCIKh6Z3F+9do26CPpvQ
nIZZ/dNOM8Q44bWeWnvSqUO+JsORq6hKSG3ShLSHO7mUA7IO75JiScW1hk/Kq474
NIAiAXFyWrl3YNJhBsUo9wECwElR3XyAYfmcx7tMM7or182xGrregTXIrk9eGMr3
WFMXXCKvLtUiJd2VsQYzWoINIRpYgJGmJd/x3/ApZyZXnsGBa36WYaxhIYqefYLP
3eJPEZujzkps9epdJLwp5dlrLZpJafl0rS3W0SyTh0OFFWYqJx6y+DSl+9vjTCNo
4QyGEawmRyQZeg==
-----END CERTIFICATE-----