Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          z7EnNk1pyEtnkgW12xjsvg1DLQvd6V3Y83KmlnGomfg=
Subject key identifier:   B3:A0:49:2E:13:1C:75:D9:4B:96:B2:35:83:FA:A0:63:6E:84:15:0B
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019A71B8152B5446BD4EED960236E5D9296F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0BFC
Signing time:             Tue 11 Nov 2025 07:01:20 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:20 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:20 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: FS4KAbMqgmhdxMOcwuw1wMia5N7/HF7sisCxOhe5jPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:15:2b:54:46:bd:4e:ed:96:02:36:e5:d9:29:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Nov 11 07:01:20 2025 GMT
            Not After : Nov 12 07:01:20 2025 GMT
        Subject: CN=b3a0492e131c75d94b96b23583faa0636e84150b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a9:e7:ca:83:7f:17:1a:c0:bd:9a:6c:d6:05:
                    64:bf:0e:bc:94:9b:ad:ca:55:99:82:8f:5b:be:05:
                    47:b6:97:7f:af:c0:a2:ef:fd:f9:23:15:4c:e1:94:
                    37:37:3e:39:59:63:c7:09:fa:ec:23:0e:98:04:c0:
                    7e:91:94:31:55:e9:18:4b:f1:7e:15:01:28:c8:d3:
                    37:78:74:cd:95:8a:ab:a7:31:37:6c:8f:99:a4:18:
                    b0:bd:d9:9c:62:5b:c3:f7:0d:c5:58:ea:21:41:bd:
                    66:93:ed:f8:1f:29:86:9f:e8:cc:a4:5d:6a:0e:90:
                    5d:f2:94:3d:2c:78:bf:02:58:e7:49:17:11:68:8c:
                    ed:6d:ea:e9:3e:bc:cb:e2:bd:82:33:15:32:f9:15:
                    f5:93:bf:c3:52:7a:f9:89:2a:6d:82:92:58:47:94:
                    35:9b:e4:04:f1:d5:76:0b:0d:a5:ce:ab:b2:f3:5c:
                    0d:42:75:dd:91:e4:f5:f9:de:ca:d6:e6:b6:5d:5b:
                    83:e0:62:63:45:8a:e7:33:d9:01:8e:d7:f9:4a:1e:
                    b8:ee:a9:4c:05:7b:10:a2:45:5a:df:ba:80:cc:c8:
                    0f:cd:1c:e7:5a:47:9f:2e:62:b7:4b:83:5b:72:90:
                    87:81:13:d6:58:e8:5c:38:58:cd:3d:72:43:11:eb:
                    c2:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A0:49:2E:13:1C:75:D9:4B:96:B2:35:83:FA:A0:63:6E:84:15:0B
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:ef:86:a9:dc:6b:8a:a6:a8:2b:be:cf:4a:04:36:01:8e:d0:
         95:4a:77:5b:56:aa:dd:a1:87:f4:f3:25:8f:0f:2a:02:90:de:
         68:23:0c:e2:ec:82:03:4d:1f:1a:7e:c4:a3:c6:31:5d:2c:74:
         68:bb:de:c2:45:6e:9f:16:e1:b7:ea:42:02:e2:74:da:7b:1c:
         f8:92:5f:17:b4:9c:2f:e9:d6:01:84:f4:40:55:76:ef:d2:fa:
         6f:bc:ab:a2:0a:87:aa:03:a6:a9:57:c0:3f:f2:0c:30:86:c6:
         29:fe:96:5f:ea:ae:21:0a:7e:da:10:8c:c0:3e:1e:85:c1:0b:
         4b:ff:d9:bc:59:83:90:df:6c:ed:b3:c9:2c:7a:f6:11:63:e4:
         18:dd:7f:05:e1:f0:2d:6f:70:35:28:cd:91:4b:b4:c1:ae:0a:
         66:ca:d5:6b:b7:85:18:20:64:b8:69:40:84:2e:1a:d7:f2:8d:
         86:a8:34:83:c6:1d:d1:47:d8:4e:f8:e9:64:50:dd:df:bc:d5:
         07:b1:04:f6:a2:7d:79:68:32:0d:66:f4:8b:1e:61:4d:7a:7b:
         70:61:a3:69:5b:11:9b:0b:ba:6c:95:c9:b2:e2:2d:73:14:50:
         05:54:30:a5:f7:cf:af:c6:b3:b8:46:f7:8a:29:bf:33:8a:44:
         27:3c:68:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBUrVEa9Tu2WAjbl2SlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUxMTExMDcwMTIwWhcNMjUxMTEyMDcwMTIwWjAzMTEwLwYDVQQD
EyhiM2EwNDkyZTEzMWM3NWQ5NGI5NmIyMzU4M2ZhYTA2MzZlODQxNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArannyoN/FxrAvZps1gVkvw68lJut
ylWZgo9bvgVHtpd/r8Ci7/35IxVM4ZQ3Nz45WWPHCfrsIw6YBMB+kZQxVekYS/F+
FQEoyNM3eHTNlYqrpzE3bI+ZpBiwvdmcYlvD9w3FWOohQb1mk+34HymGn+jMpF1q
DpBd8pQ9LHi/AljnSRcRaIztberpPrzL4r2CMxUy+RX1k7/DUnr5iSptgpJYR5Q1
m+QE8dV2Cw2lzquy81wNQnXdkeT1+d7K1ua2XVuD4GJjRYrnM9kBjtf5Sh647qlM
BXsQokVa37qAzMgPzRznWkefLmK3S4NbcpCHgRPWWOhcOFjNPXJDEevCcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOgSS4THHXZS5ayNYP6oGNuhBULMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhe+Gqdxr
iqaoK77PSgQ2AY7QlUp3W1aq3aGH9PMljw8qApDeaCMM4uyCA00fGn7Eo8YxXSx0
aLvewkVunxbht+pCAuJ02nsc+JJfF7ScL+nWAYT0QFV279L6b7yrogqHqgOmqVfA
P/IMMIbGKf6WX+quIQp+2hCMwD4ehcELS//ZvFmDkN9s7bPJLHr2EWPkGN1/BeHw
LW9wNSjNkUu0wa4KZsrVa7eFGCBkuGlAhC4a1/KNhqg0g8Yd0UfYTvjpZFDd37zV
B7EE9qJ9eWgyDWb0ix5hTXp7cGGjaVsRmwu6bJXJsuItcxRQBVQwpffPr8azuEb3
iim/M4pEJzxoOw==
-----END CERTIFICATE-----