Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
File:                     RHhnr-yeLyk5So9fl_kJKdkoIQI.mft (raw, json)
Hash identifier:          eLmXPIZgV6EiS0HDfr8kRINt3QZZw7qKo0knboZN6cE=
Subject key identifier:   89:B6:4A:84:FB:22:EE:F7:53:2E:E8:49:EF:86:95:E5:78:42:A7:94
Authority key identifier: 44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02
Certificate issuer:       /CN=447867afec9e2f29394a8f5f97f90929d9282102
Certificate serial:       019A71B8DE5DE2A81193E3A43F61A051DEC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:12 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:12 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:12 +0000
Files and hashes:         1: RHhnr-yeLyk5So9fl_kJKdkoIQI.crl (hash: ZBkfhtNOY3BSMsT6/dW+o5dkx3x0oZ2EQP0PNnT7pwg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:de:5d:e2:a8:11:93:e3:a4:3f:61:a0:51:de:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=447867afec9e2f29394a8f5f97f90929d9282102
        Validity
            Not Before: Nov 11 07:02:12 2025 GMT
            Not After : Nov 12 07:02:12 2025 GMT
        Subject: CN=89b64a84fb22eef7532ee849ef8695e57842a794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b3:70:49:f0:f7:cc:97:60:05:be:33:24:5b:
                    5c:1f:84:dd:79:ce:a0:5d:95:0c:44:e3:5d:a0:f5:
                    73:75:29:06:62:66:60:9c:9e:b5:f0:87:f2:b8:09:
                    b6:ea:73:2e:70:ff:f5:f2:67:1f:e0:eb:8c:ab:e0:
                    62:64:60:79:64:28:61:cd:8b:89:4f:8b:e3:41:83:
                    9f:2a:15:39:d6:02:cf:7e:e5:1a:e6:19:65:8b:34:
                    90:39:b0:37:6b:f4:d0:01:96:ce:63:37:fc:a0:eb:
                    0b:6a:8f:5f:21:45:0a:fd:8b:cb:c5:15:be:9b:f3:
                    0b:6c:d2:ec:fa:84:da:7e:40:d3:67:72:7f:09:57:
                    9a:40:50:73:ff:a6:79:2d:6f:a9:57:53:db:b8:4b:
                    81:25:ff:46:81:7d:ca:f5:18:d3:4a:ca:41:18:a0:
                    08:36:3e:31:14:05:cd:90:88:ae:ac:cc:78:60:95:
                    c7:b9:37:13:2c:0a:e3:20:00:ea:fe:b0:19:45:9f:
                    bf:63:ea:96:41:6f:3e:38:ba:ad:c2:1c:0f:8c:5e:
                    14:77:98:5e:7c:41:b1:fd:59:61:cc:07:6f:69:3a:
                    8c:38:5b:8e:e4:ee:62:2d:39:34:35:4d:06:88:1a:
                    87:28:84:21:f6:4e:89:7f:a4:ee:78:9f:c6:1e:a1:
                    54:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:B6:4A:84:FB:22:EE:F7:53:2E:E8:49:EF:86:95:E5:78:42:A7:94
            X509v3 Authority Key Identifier:
                keyid:44:78:67:AF:EC:9E:2F:29:39:4A:8F:5F:97:F9:09:29:D9:28:21:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHhnr-yeLyk5So9fl_kJKdkoIQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a322b-6482-44a5-b3d2-3e109107ceb6/1/RHhnr-yeLyk5So9fl_kJKdkoIQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:4a:00:15:c3:b1:2c:9b:e3:70:9e:f1:f0:d7:10:e4:89:66:
         9e:4b:ab:5f:f5:41:18:67:4c:2b:87:23:11:5e:31:b7:43:5a:
         f8:f7:00:20:fd:3b:a9:0c:d9:a1:fc:bf:96:e9:0b:e7:58:18:
         f2:64:1d:36:0a:2d:02:38:42:b7:4e:f3:31:20:52:a1:ce:08:
         4a:8b:97:55:45:1d:71:54:cc:47:73:c7:21:33:5f:01:5b:84:
         d7:14:4b:65:09:f8:7b:7c:86:80:b6:aa:7c:e6:f0:63:a7:0b:
         4c:3d:96:7c:a0:c9:88:f6:5b:e8:48:ad:cf:ce:b7:81:6a:23:
         52:2a:51:47:d4:4c:12:cd:25:e0:b2:7d:81:55:26:42:2b:44:
         e5:ce:93:25:c6:b9:03:9d:10:7b:9e:f5:d5:88:de:cc:66:ca:
         8e:c7:7d:2a:60:ff:bd:a5:50:eb:24:54:a9:07:1f:fb:0f:56:
         6d:e5:53:56:04:0d:0a:19:3f:50:ff:fd:a9:95:02:e4:95:d3:
         08:66:7b:a3:1c:d4:80:c5:7e:e0:ab:05:20:a1:0a:8b:57:af:
         90:1f:5b:f1:dd:be:72:93:7a:49:b9:07:95:24:48:13:d3:87:
         5e:78:69:ca:cd:49:94:08:d7:0f:7c:53:30:09:3b:af:ab:60:
         cb:41:63:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuN5d4qgRk+OkP2GgUd7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Nzg2N2FmZWM5ZTJmMjkzOTRhOGY1Zjk3ZjkwOTI5ZDky
ODIxMDIwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
Eyg4OWI2NGE4NGZiMjJlZWY3NTMyZWU4NDllZjg2OTVlNTc4NDJhNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bNwSfD3zJdgBb4zJFtcH4Tdec6g
XZUMRONdoPVzdSkGYmZgnJ618IfyuAm26nMucP/18mcf4OuMq+BiZGB5ZChhzYuJ
T4vjQYOfKhU51gLPfuUa5hllizSQObA3a/TQAZbOYzf8oOsLao9fIUUK/YvLxRW+
m/MLbNLs+oTafkDTZ3J/CVeaQFBz/6Z5LW+pV1PbuEuBJf9GgX3K9RjTSspBGKAI
Nj4xFAXNkIiurMx4YJXHuTcTLArjIADq/rAZRZ+/Y+qWQW8+OLqtwhwPjF4Ud5he
fEGx/VlhzAdvaTqMOFuO5O5iLTk0NU0GiBqHKIQh9k6Jf6TueJ/GHqFUJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIm2SoT7Iu73Uy7oSe+GleV4QqeUMB8GA1UdIwQY
MBaAFER4Z6/sni8pOUqPX5f5CSnZKCECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDIt
M2UxMDkxMDdjZWI2LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMyMmItNjQ4Mi00NGE1LWIzZDItM2UxMDkxMDdjZWI2
LzEvUkhobnIteWVMeWs1U285Zmxfa0pLZGtvSVFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANkoAFcOx
LJvjcJ7x8NcQ5IlmnkurX/VBGGdMK4cjEV4xt0Na+PcAIP07qQzZofy/lukL51gY
8mQdNgotAjhCt07zMSBSoc4ISouXVUUdcVTMR3PHITNfAVuE1xRLZQn4e3yGgLaq
fObwY6cLTD2WfKDJiPZb6Eitz863gWojUipRR9RMEs0l4LJ9gVUmQitE5c6TJca5
A50Qe5711YjezGbKjsd9KmD/vaVQ6yRUqQcf+w9WbeVTVgQNChk/UP/9qZUC5JXT
CGZ7oxzUgMV+4KsFIKEKi1evkB9b8d2+cpN6SbkHlSRIE9OHXnhpys1JlAjXD3xT
MAk7r6tgy0Fj7w==
-----END CERTIFICATE-----