Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          TySP2nOKz6gymQq+90q+iEFIY3Js8XFcrOL/Nn9uBys=
Subject key identifier:   FD:09:31:23:30:7A:56:C2:A2:B5:0B:DC:35:57:02:CE:DD:A9:E3:9A
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       019A71B8823C6B15960CD689C693D7A75192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          0A04
Signing time:             Tue 11 Nov 2025 07:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:48 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: A6GWTKziWvnlSCC/qPNBPiS45btvqmhkZjTNiYeSmN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:82:3c:6b:15:96:0c:d6:89:c6:93:d7:a7:51:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: Nov 11 07:01:48 2025 GMT
            Not After : Nov 12 07:01:48 2025 GMT
        Subject: CN=fd093123307a56c2a2b50bdc355702cedda9e39a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d6:94:fb:09:cd:4b:bd:9c:1f:40:42:c1:5d:
                    75:ca:68:d4:4d:f4:38:2e:69:82:e8:db:58:ac:67:
                    1a:03:08:eb:af:c3:29:ee:1d:79:c1:57:9d:01:35:
                    ee:63:ef:01:8c:f4:42:1c:99:5d:5d:e7:b6:74:73:
                    e7:21:12:1e:7f:39:73:23:f7:ed:ff:62:48:86:b2:
                    c6:fc:d2:b2:66:ca:85:f3:be:5a:c6:44:f6:cb:5c:
                    3c:58:3f:57:d5:1d:fd:32:9d:97:57:32:07:05:11:
                    d0:a0:72:22:42:b2:9d:c8:97:b4:5a:e0:10:3e:11:
                    f2:83:80:af:bc:e1:bb:f3:df:61:f3:99:17:09:f7:
                    23:d0:69:a0:53:6e:8f:79:ba:fd:6a:8b:e8:67:ec:
                    b8:7c:68:c4:c8:71:66:6a:0e:4e:c5:1a:c9:41:de:
                    c5:0f:43:27:19:8e:c6:bc:17:1d:f6:49:4f:ff:e2:
                    40:02:e3:23:48:14:85:b6:55:31:c4:05:7d:54:33:
                    e6:a1:3f:8b:45:2b:0b:54:ba:8d:13:0a:c7:67:9a:
                    12:da:68:33:62:ed:a6:ad:36:6b:be:34:b9:2b:00:
                    55:f8:1f:dd:83:6c:a8:79:41:5f:6e:37:46:e8:d6:
                    12:26:4a:7e:b5:d5:56:57:3f:d5:42:f6:04:e1:88:
                    20:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:09:31:23:30:7A:56:C2:A2:B5:0B:DC:35:57:02:CE:DD:A9:E3:9A
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:8c:53:13:c6:6f:92:e4:14:7d:5f:7c:38:81:d0:89:bc:a6:
         94:7d:6b:14:41:f4:3b:29:ff:28:dd:bb:ac:37:25:cf:13:75:
         fa:b0:2c:fb:7f:89:b8:ec:bc:0f:38:93:18:19:1c:18:67:64:
         66:86:58:66:ab:72:f2:e9:f1:f5:4a:76:75:e8:49:a2:74:0f:
         81:7e:35:42:2e:30:5a:80:cb:50:44:f5:ed:d9:dc:29:a6:6f:
         ae:be:02:2f:e1:58:8c:8f:e7:bb:24:77:b6:af:db:f6:3a:1d:
         0c:f2:83:c4:d3:8e:09:17:1d:7b:21:5b:13:27:54:cf:2b:a3:
         d7:ca:2b:20:b9:7b:b9:e4:63:94:22:7b:03:d4:52:af:36:0d:
         2e:b2:25:1b:dc:61:6c:4c:f8:52:54:8a:20:12:d1:73:df:5c:
         bd:51:6d:56:9e:82:52:01:d3:bc:8c:a7:dd:f3:b4:e2:9e:65:
         92:f7:35:e2:d9:2c:78:ac:33:1d:d7:b9:ba:61:25:10:5a:f1:
         0a:39:63:2d:6d:72:ca:d4:f2:c1:1c:ea:80:a5:06:98:bf:5e:
         dd:e5:2d:b0:66:86:ef:36:c9:e3:1b:e8:db:4d:9c:b3:a4:5d:
         62:e7:0e:3d:92:cb:4e:9a:b2:ae:81:ba:60:3f:dd:9b:ef:c6:
         31:32:53:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuII8axWWDNaJxpPXp1GSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjUxMTExMDcwMTQ4WhcNMjUxMTEyMDcwMTQ4WjAzMTEwLwYDVQQD
EyhmZDA5MzEyMzMwN2E1NmMyYTJiNTBiZGMzNTU3MDJjZWRkYTllMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9aU+wnNS72cH0BCwV11ymjUTfQ4
LmmC6NtYrGcaAwjrr8Mp7h15wVedATXuY+8BjPRCHJldXee2dHPnIRIefzlzI/ft
/2JIhrLG/NKyZsqF875axkT2y1w8WD9X1R39Mp2XVzIHBRHQoHIiQrKdyJe0WuAQ
PhHyg4CvvOG7899h85kXCfcj0GmgU26Pebr9aovoZ+y4fGjEyHFmag5OxRrJQd7F
D0MnGY7GvBcd9klP/+JAAuMjSBSFtlUxxAV9VDPmoT+LRSsLVLqNEwrHZ5oS2mgz
Yu2mrTZrvjS5KwBV+B/dg2yoeUFfbjdG6NYSJkp+tdVWVz/VQvYE4YggFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0JMSMwelbCorUL3DVXAs7dqeOaMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJYxTE8Zv
kuQUfV98OIHQibymlH1rFEH0Oyn/KN27rDclzxN1+rAs+3+JuOy8DziTGBkcGGdk
ZoZYZqty8unx9Up2dehJonQPgX41Qi4wWoDLUET17dncKaZvrr4CL+FYjI/nuyR3
tq/b9jodDPKDxNOOCRcdeyFbEydUzyuj18orILl7ueRjlCJ7A9RSrzYNLrIlG9xh
bEz4UlSKIBLRc99cvVFtVp6CUgHTvIyn3fO04p5lkvc14tkseKwzHde5umElEFrx
CjljLW1yytTywRzqgKUGmL9e3eUtsGaG7zbJ4xvo202cs6RdYucOPZLLTpqyroG6
YD/dm+/GMTJTDA==
-----END CERTIFICATE-----