Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
File:                     h_S8G8xE8-kQBwQ1297UG25ILmg.mft (raw, json)
Hash identifier:          3i9uIRL9mrnU0FDk4Np45CgytInqvmtkc3yE0ULsXec=
Subject key identifier:   A2:B9:2C:DC:93:E8:D9:81:3B:0F:A2:A9:43:A3:ED:87:A0:D3:9B:51
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Certificate issuer:       /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial:       019A7149D1A3765D5872A2F03C616F7A8463
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
Manifest number:          0552
Signing time:             Tue 11 Nov 2025 05:00:54 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:54 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:54 +0000
Files and hashes:         1: h_S8G8xE8-kQBwQ1297UG25ILmg.crl (hash: Yn0AuCh2EDzAWQt/R5RzNPuQH/LrNjgQ3KeWHH/Thus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:d1:a3:76:5d:58:72:a2:f0:3c:61:6f:7a:84:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
        Validity
            Not Before: Nov 11 05:00:54 2025 GMT
            Not After : Nov 12 05:00:54 2025 GMT
        Subject: CN=a2b92cdc93e8d9813b0fa2a943a3ed87a0d39b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:51:f9:70:13:02:45:2b:a8:eb:89:72:da:f6:
                    42:06:44:d7:05:54:53:3a:57:1b:f0:2d:61:f8:0d:
                    27:8d:1b:64:41:22:74:ef:13:7d:77:b8:ec:06:4d:
                    0a:41:60:5f:d2:4c:fb:53:b9:f2:94:16:a2:2a:41:
                    d2:fc:6c:68:bb:f9:f2:38:d4:3e:e1:50:31:15:6b:
                    78:3e:ea:f2:53:93:7e:c6:5a:e6:24:3a:89:43:42:
                    56:81:68:bc:92:1c:2f:cf:e3:da:1e:0a:7a:ef:1b:
                    12:d7:71:c5:4b:8f:b6:0e:06:6f:f8:a9:be:aa:b1:
                    b4:b2:7b:e7:61:10:c7:3c:de:98:5d:60:6d:78:b5:
                    49:85:bf:4c:08:f2:e7:a0:f9:a0:63:4f:67:07:2a:
                    1f:5b:d6:95:a7:75:fe:17:ee:f9:02:6d:1e:af:62:
                    6a:2c:00:b4:c7:38:13:ed:60:43:b4:a5:26:ad:e0:
                    98:eb:37:8a:40:a9:fe:ad:bd:0a:19:f2:89:6a:d7:
                    48:bc:d1:0f:e7:f1:39:22:33:1d:e1:17:3f:d9:f9:
                    f1:2e:13:23:b5:58:25:2b:73:c7:d6:73:61:40:10:
                    a5:5c:36:fe:f9:81:6f:58:ee:28:a6:e2:83:90:4a:
                    57:ed:0e:10:8b:7f:ec:e4:59:d2:d8:7d:6e:19:94:
                    02:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:B9:2C:DC:93:E8:D9:81:3B:0F:A2:A9:43:A3:ED:87:A0:D3:9B:51
            X509v3 Authority Key Identifier:
                keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:7a:2e:00:a4:0c:a5:8b:eb:2e:b7:24:5d:d7:9e:2a:07:c7:
         1f:09:43:fc:70:05:e3:0b:8a:74:6a:5a:6f:eb:3f:eb:95:66:
         17:4c:69:d5:ab:83:95:82:32:47:ef:4c:b2:14:04:8f:88:8a:
         26:67:06:19:e1:08:b5:6e:e4:bf:fc:40:d8:dc:b6:17:16:eb:
         23:c2:ca:62:11:bb:af:08:3d:1c:c3:56:2d:85:39:1e:84:23:
         2c:95:44:27:7b:f6:5d:32:4c:f3:73:31:1e:6f:0a:2d:2a:b7:
         ec:60:a5:22:65:ea:92:47:45:56:e7:14:a3:41:50:7c:2e:65:
         59:f5:09:63:73:5c:a5:ab:18:67:9a:d0:bd:1a:a8:5c:47:89:
         35:b2:aa:e5:7f:e4:4f:c8:d2:ae:2d:6d:56:8e:f5:3d:fb:23:
         f1:a0:cb:8c:b4:55:45:dd:a5:a4:e6:58:e5:e9:8c:fa:27:6e:
         73:d3:dd:a0:4a:62:e4:c0:c1:00:83:65:0d:cb:6c:56:07:eb:
         fc:5a:22:ae:bc:56:20:ed:93:3d:04:1d:65:eb:b4:bf:86:68:
         1f:9f:c4:c3:53:0a:16:ae:63:7a:a3:c7:50:30:47:75:4f:c1:
         0f:b5:a5:9b:5f:c9:39:4b:e6:2b:28:f6:03:15:b8:ab:f6:f5:
         39:4b:7f:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdGjdl1YcqLwPGFveoRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjUxMTExMDUwMDU0WhcNMjUxMTEyMDUwMDU0WjAzMTEwLwYDVQQD
EyhhMmI5MmNkYzkzZThkOTgxM2IwZmEyYTk0M2EzZWQ4N2EwZDM5YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lH5cBMCRSuo64ly2vZCBkTXBVRT
Olcb8C1h+A0njRtkQSJ07xN9d7jsBk0KQWBf0kz7U7nylBaiKkHS/Gxou/nyONQ+
4VAxFWt4PuryU5N+xlrmJDqJQ0JWgWi8khwvz+PaHgp67xsS13HFS4+2DgZv+Km+
qrG0snvnYRDHPN6YXWBteLVJhb9MCPLnoPmgY09nByofW9aVp3X+F+75Am0er2Jq
LAC0xzgT7WBDtKUmreCY6zeKQKn+rb0KGfKJatdIvNEP5/E5IjMd4Rc/2fnxLhMj
tVglK3PH1nNhQBClXDb++YFvWO4opuKDkEpX7Q4Qi3/s5FnS2H1uGZQCZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKK5LNyT6NmBOw+iqUOj7Yeg05tRMB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnouAKQM
pYvrLrckXdeeKgfHHwlD/HAF4wuKdGpab+s/65VmF0xp1auDlYIyR+9MshQEj4iK
JmcGGeEItW7kv/xA2Ny2FxbrI8LKYhG7rwg9HMNWLYU5HoQjLJVEJ3v2XTJM83Mx
Hm8KLSq37GClImXqkkdFVucUo0FQfC5lWfUJY3NcpasYZ5rQvRqoXEeJNbKq5X/k
T8jSri1tVo71Pfsj8aDLjLRVRd2lpOZY5emM+iduc9PdoEpi5MDBAINlDctsVgfr
/FoirrxWIO2TPQQdZeu0v4ZoH5/Ew1MKFq5jeqPHUDBHdU/BD7Wlm1/JOUvmKyj2
AxW4q/b1OUt/IA==
-----END CERTIFICATE-----