Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
File:                     hWlFRtV2UOyEZtOS0X-jQylgFUA.mft (raw, json)
Hash identifier:          GiBK2ZLewBwZhvZGXCY5Yjus2v5DtfQvZzK0ylqBIpg=
Subject key identifier:   77:7F:AC:71:D1:51:46:51:55:31:E0:EF:63:CF:E5:6C:8F:E5:30:1D
Authority key identifier: 85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40
Certificate issuer:       /CN=85694546d57650ec8466d392d17fa34329601540
Certificate serial:       019A7180904BF73FB9C7E3CFCA17B412A703
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
Manifest number:          0100
Signing time:             Tue 11 Nov 2025 06:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 06:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 06:00:42 +0000
Files and hashes:         1: hWlFRtV2UOyEZtOS0X-jQylgFUA.crl (hash: DntrcBkoKcFmZSzjIBEm9vU97SOGCyjJmBQ7tC+ADzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:80:90:4b:f7:3f:b9:c7:e3:cf:ca:17:b4:12:a7:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85694546d57650ec8466d392d17fa34329601540
        Validity
            Not Before: Nov 11 06:00:42 2025 GMT
            Not After : Nov 12 06:00:42 2025 GMT
        Subject: CN=777fac71d15146515531e0ef63cfe56c8fe5301d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:f2:5c:c5:ee:f2:12:22:1c:87:7e:c8:a4:65:
                    45:ff:c6:b7:41:49:a5:3c:b5:13:7f:59:c4:34:f4:
                    c4:1f:1a:a2:06:2a:4f:91:9d:c8:c6:ae:8e:67:2c:
                    e2:d2:14:b7:bc:5e:59:4c:ec:7f:0b:46:bd:5c:8e:
                    02:e9:07:8d:a1:c2:03:5a:63:e6:13:96:a7:f3:73:
                    15:94:de:4b:fd:41:2c:ed:7f:32:1c:8a:34:6d:0a:
                    ae:37:77:00:0a:10:af:82:30:35:ab:81:c2:2d:88:
                    ae:16:4c:c0:1f:0a:75:87:91:9e:ab:e5:a8:ee:0f:
                    a0:4b:2d:15:cc:f3:96:4e:b9:c3:63:6a:c1:ff:4d:
                    f6:68:3c:ac:01:7b:15:7a:72:0c:68:c9:0f:89:50:
                    69:65:a2:29:24:83:45:65:d1:e5:97:78:91:9b:57:
                    9a:b6:e0:1d:7b:aa:87:b4:2c:85:d6:f7:8a:7c:bc:
                    b3:e4:c2:67:6c:bd:64:0a:a8:03:34:bd:68:06:7e:
                    ca:b0:16:af:ed:5b:f9:86:55:8d:d3:10:92:38:b3:
                    c5:2a:da:17:43:fa:d1:19:ea:0f:29:09:33:e0:e0:
                    cb:d3:4b:53:09:ca:65:bc:bd:e2:3c:1b:b2:6a:02:
                    d2:0c:00:6c:ea:5e:2c:2c:f7:ab:15:75:96:ef:15:
                    39:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:7F:AC:71:D1:51:46:51:55:31:E0:EF:63:CF:E5:6C:8F:E5:30:1D
            X509v3 Authority Key Identifier:
                keyid:85:69:45:46:D5:76:50:EC:84:66:D3:92:D1:7F:A3:43:29:60:15:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWlFRtV2UOyEZtOS0X-jQylgFUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/354a55-e6a9-4d17-b313-3f0841ae6bc1/1/hWlFRtV2UOyEZtOS0X-jQylgFUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:b0:05:fd:62:73:20:b5:08:ca:dd:82:9c:2a:d2:9c:29:f1:
         06:52:61:76:98:8a:ef:97:e1:17:a1:f5:47:61:a1:67:0b:ce:
         c8:f7:d6:02:8f:97:82:33:e5:c2:5c:6a:f8:7e:33:b5:cd:4f:
         67:77:1e:19:03:0a:76:a6:48:f2:98:6d:7d:c3:b4:8a:bc:7d:
         f8:de:98:52:b9:6a:f9:0a:5a:b6:8d:a6:71:c9:a0:bc:a9:ac:
         d7:e5:73:fa:a3:5d:08:ec:61:b6:6f:ef:e6:ee:8e:37:bb:43:
         44:f0:ba:1b:11:dd:c0:8e:aa:67:0c:54:08:f2:37:0a:a6:2d:
         08:9c:ad:28:7d:f9:c0:a9:79:0f:a7:7b:a1:75:37:54:fa:a6:
         dc:c2:f6:74:fa:22:64:ce:f0:03:c3:ad:c1:fe:5e:14:70:25:
         d7:6f:da:ed:6c:65:42:d3:cc:ae:dd:af:f2:f4:e6:10:a8:94:
         84:0f:74:e6:57:b9:1c:12:24:81:5f:e2:e3:30:f0:a1:9e:dd:
         60:c7:0d:fb:aa:7a:64:c8:62:ad:8f:c0:13:5c:f0:5a:b3:52:
         3d:c1:0b:f4:c5:64:ea:be:2e:84:ab:5c:21:b2:ec:9a:f4:7c:
         7c:cd:c7:3e:2d:af:cd:3f:a0:2c:9f:1f:e4:a0:70:af:71:d8:
         ac:df:07:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgJBL9z+5x+PPyhe0EqcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njk0NTQ2ZDU3NjUwZWM4NDY2ZDM5MmQxN2ZhMzQzMjk2
MDE1NDAwHhcNMjUxMTExMDYwMDQyWhcNMjUxMTEyMDYwMDQyWjAzMTEwLwYDVQQD
Eyg3NzdmYWM3MWQxNTE0NjUxNTUzMWUwZWY2M2NmZTU2YzhmZTUzMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vJcxe7yEiIch37IpGVF/8a3QUml
PLUTf1nENPTEHxqiBipPkZ3Ixq6OZyzi0hS3vF5ZTOx/C0a9XI4C6QeNocIDWmPm
E5an83MVlN5L/UEs7X8yHIo0bQquN3cAChCvgjA1q4HCLYiuFkzAHwp1h5Geq+Wo
7g+gSy0VzPOWTrnDY2rB/032aDysAXsVenIMaMkPiVBpZaIpJINFZdHll3iRm1ea
tuAde6qHtCyF1veKfLyz5MJnbL1kCqgDNL1oBn7KsBav7Vv5hlWN0xCSOLPFKtoX
Q/rRGeoPKQkz4ODL00tTCcplvL3iPBuyagLSDABs6l4sLPerFXWW7xU5pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHd/rHHRUUZRVTHg72PP5WyP5TAdMB8GA1UdIwQY
MBaAFIVpRUbVdlDshGbTktF/o0MpYBVAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMt
M2YwODQxYWU2YmMxLzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zNTRhNTUtZTZhOS00ZDE3LWIzMTMtM2YwODQxYWU2YmMx
LzEvaFdsRlJ0VjJVT3lFWnRPUzBYLWpReWxnRlVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtrAF/WJz
ILUIyt2CnCrSnCnxBlJhdpiK75fhF6H1R2GhZwvOyPfWAo+XgjPlwlxq+H4ztc1P
Z3ceGQMKdqZI8phtfcO0irx9+N6YUrlq+Qpato2mccmgvKms1+Vz+qNdCOxhtm/v
5u6ON7tDRPC6GxHdwI6qZwxUCPI3CqYtCJytKH35wKl5D6d7oXU3VPqm3ML2dPoi
ZM7wA8Otwf5eFHAl12/a7WxlQtPMrt2v8vTmEKiUhA905le5HBIkgV/i4zDwoZ7d
YMcN+6p6ZMhirY/AE1zwWrNSPcEL9MVk6r4uhKtcIbLsmvR8fM3HPi2vzT+gLJ8f
5KBwr3HYrN8H2g==
-----END CERTIFICATE-----