Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft
File:                     HzPIww-60mD0qd98O1IGahp7TtU.mft (raw, json)
Hash identifier:          3Ae3HvPvKyzWK6zQqbV16YxTWkMDXKK/GcLzaMPA3cw=
Subject key identifier:   53:1A:7A:BA:ED:8C:DA:C1:E9:0E:14:33:CB:F3:C6:6D:35:76:7E:10
Authority key identifier: 1F:33:C8:C3:0F:BA:D2:60:F4:A9:DF:7C:3B:52:06:6A:1A:7B:4E:D5
Certificate issuer:       /CN=1f33c8c30fbad260f4a9df7c3b52066a1a7b4ed5
Certificate serial:       019A70A55224FF32A2DDAA8ADB529B9AB22E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft
Manifest number:          DD
Signing time:             Tue 11 Nov 2025 02:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 02:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 02:01:13 +0000
Files and hashes:         1: HzPIww-60mD0qd98O1IGahp7TtU.crl (hash: wkEPC2LvF4/roSwipxbYqj1Djj3UX7p6xOZQHAwsKRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 02:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:a5:52:24:ff:32:a2:dd:aa:8a:db:52:9b:9a:b2:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f33c8c30fbad260f4a9df7c3b52066a1a7b4ed5
        Validity
            Not Before: Nov 11 02:01:13 2025 GMT
            Not After : Nov 12 02:01:13 2025 GMT
        Subject: CN=531a7abaed8cdac1e90e1433cbf3c66d35767e10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:12:da:cf:8b:c4:60:1c:25:0d:f0:9c:ca:6c:
                    a7:0b:05:69:25:6d:ee:0c:90:86:36:38:d9:fc:27:
                    f1:18:d6:7b:b7:de:18:0d:73:fb:42:bd:82:3a:04:
                    2b:49:b7:e0:9d:0e:9a:a7:8d:ed:8b:19:cb:85:d5:
                    02:4a:26:d2:15:7e:73:de:a2:78:83:92:e7:62:1b:
                    71:21:a2:d4:34:dc:29:2e:22:24:01:7e:0e:76:95:
                    56:52:80:14:1c:4a:6b:a1:5d:7b:f0:bb:a3:c5:46:
                    cf:fb:23:77:cc:1c:fa:1a:99:51:4f:af:f8:84:f2:
                    8d:97:85:eb:5b:8c:65:e9:a1:6c:6c:08:3e:3b:3b:
                    ef:18:77:7a:23:15:5e:d1:f3:52:c5:a4:59:52:0f:
                    d8:d3:a8:f3:c6:40:5b:90:f1:4f:35:a7:f4:38:47:
                    73:b2:7b:ee:23:a0:bb:73:96:f8:70:86:1e:d3:48:
                    28:94:19:31:e3:5b:66:32:6f:1f:24:41:ed:a9:3e:
                    af:49:d0:63:5a:f2:e1:d8:7a:76:2a:9c:21:89:96:
                    0e:4b:ef:fa:7c:38:bf:bf:79:18:7d:f8:c9:43:57:
                    b4:fe:0f:a9:07:f0:21:e4:3d:c0:3a:20:00:1b:2c:
                    31:2e:96:cc:25:85:81:cf:5b:9c:70:fe:97:4a:16:
                    c2:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:1A:7A:BA:ED:8C:DA:C1:E9:0E:14:33:CB:F3:C6:6D:35:76:7E:10
            X509v3 Authority Key Identifier:
                keyid:1F:33:C8:C3:0F:BA:D2:60:F4:A9:DF:7C:3B:52:06:6A:1A:7B:4E:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:a9:95:26:00:57:b0:e6:b2:e7:f3:e4:d1:f4:20:e5:5c:6b:
         0e:36:c9:4c:58:06:c1:28:f5:26:3f:da:53:94:7b:ab:52:8c:
         a2:f5:f0:0b:0a:4c:6b:31:a2:d2:47:18:ac:be:c2:2e:4d:e5:
         e6:7a:d2:ba:ee:8a:bf:54:6f:ed:13:4f:5f:1f:01:ef:88:64:
         c1:60:2d:44:26:f1:be:b3:ec:73:07:b8:4d:3d:0c:b7:63:1a:
         fc:5d:63:1c:7f:b2:65:0f:eb:32:7d:e0:2b:77:17:2f:26:ed:
         39:88:54:59:79:ab:c3:27:63:af:62:19:34:f6:b0:b0:d0:a1:
         c5:8d:a9:67:52:12:0e:9f:43:2c:91:c0:9b:10:af:77:62:d4:
         33:ee:99:e2:22:91:53:c3:00:92:2f:12:69:20:f7:a2:0c:b2:
         fb:03:7e:b6:bc:e0:f1:be:d5:d7:03:1a:92:c8:c5:53:dc:6f:
         13:44:79:68:c2:50:9c:7d:1b:d8:eb:f8:50:7a:36:b6:bb:48:
         ee:04:45:89:07:fc:2e:8c:6d:1e:33:a8:38:bd:00:62:c3:a0:
         ae:6d:bd:8c:33:f9:3f:fb:e2:55:3f:47:b5:01:45:e3:b7:b7:
         3e:b6:32:bf:33:7b:55:96:b6:7b:ef:04:ba:86:50:bc:bf:9f:
         2f:3c:54:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpVIk/zKi3aqK21KbmrIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzNjOGMzMGZiYWQyNjBmNGE5ZGY3YzNiNTIwNjZhMWE3
YjRlZDUwHhcNMjUxMTExMDIwMTEzWhcNMjUxMTEyMDIwMTEzWjAzMTEwLwYDVQQD
Eyg1MzFhN2FiYWVkOGNkYWMxZTkwZTE0MzNjYmYzYzY2ZDM1NzY3ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBLaz4vEYBwlDfCcymynCwVpJW3u
DJCGNjjZ/CfxGNZ7t94YDXP7Qr2COgQrSbfgnQ6ap43tixnLhdUCSibSFX5z3qJ4
g5LnYhtxIaLUNNwpLiIkAX4OdpVWUoAUHEproV178LujxUbP+yN3zBz6GplRT6/4
hPKNl4XrW4xl6aFsbAg+OzvvGHd6IxVe0fNSxaRZUg/Y06jzxkBbkPFPNaf0OEdz
snvuI6C7c5b4cIYe00golBkx41tmMm8fJEHtqT6vSdBjWvLh2Hp2KpwhiZYOS+/6
fDi/v3kYffjJQ1e0/g+pB/Ah5D3AOiAAGywxLpbMJYWBz1uccP6XShbCtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMaerrtjNrB6Q4UM8vzxm01dn4QMB8GA1UdIwQY
MBaAFB8zyMMPutJg9KnffDtSBmoae07VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lYWRlOTgtNGUxZC00Yzk4LTg1MDkt
MTM0NDE1ZmUxNWQwLzEvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9lYWRlOTgtNGUxZC00Yzk4LTg1MDktMTM0NDE1ZmUxNWQw
LzEvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6mVJgBX
sOay5/Pk0fQg5VxrDjbJTFgGwSj1Jj/aU5R7q1KMovXwCwpMazGi0kcYrL7CLk3l
5nrSuu6Kv1Rv7RNPXx8B74hkwWAtRCbxvrPscwe4TT0Mt2Ma/F1jHH+yZQ/rMn3g
K3cXLybtOYhUWXmrwydjr2IZNPawsNChxY2pZ1ISDp9DLJHAmxCvd2LUM+6Z4iKR
U8MAki8SaSD3ogyy+wN+trzg8b7V1wMaksjFU9xvE0R5aMJQnH0b2Ov4UHo2trtI
7gRFiQf8LoxtHjOoOL0AYsOgrm29jDP5P/viVT9HtQFF47e3PrYyvzN7VZa2e+8E
uoZQvL+fLzxUNA==
-----END CERTIFICATE-----