Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
File:                     HzjUsMuomcJPTjQHOE1tP6jVGl8.mft (raw, json)
Hash identifier:          MTEPVYCZBEP0rb+Is2baroFTFXWAXXyR/CZPR3jsTgs=
Subject key identifier:   FA:B2:80:D1:BD:72:D0:FB:D5:06:A8:22:2D:CD:12:47:F8:F6:15:3F
Authority key identifier: 1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F
Certificate issuer:       /CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
Certificate serial:       019A7225D3933B026461A698450E349991C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
Manifest number:          04E9
Signing time:             Tue 11 Nov 2025 09:01:12 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:12 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:12 +0000
Files and hashes:         1: HzjUsMuomcJPTjQHOE1tP6jVGl8.crl (hash: Z+12Hb+689OKFnKa2Vj0zpfTZQ7Vo4z9JKwI+SC8zeI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:d3:93:3b:02:64:61:a6:98:45:0e:34:99:91:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
        Validity
            Not Before: Nov 11 09:01:12 2025 GMT
            Not After : Nov 12 09:01:12 2025 GMT
        Subject: CN=fab280d1bd72d0fbd506a8222dcd1247f8f6153f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b6:91:7f:12:66:c7:f0:33:08:1c:47:6f:ad:
                    de:c4:63:54:65:4a:54:70:c1:bd:4f:91:ed:25:0c:
                    d7:9f:16:a2:8b:eb:5c:66:c1:0b:cf:69:09:59:74:
                    56:cc:79:3a:f4:2e:33:1b:f9:5d:21:44:a7:74:a8:
                    b7:9b:d1:4b:2f:51:69:6e:31:0d:7f:5e:c6:3e:8c:
                    a8:78:e6:7b:8d:9c:b5:6f:3f:bf:a6:49:47:e0:3a:
                    6b:4d:5d:60:00:87:96:58:3a:63:1d:16:f9:fc:75:
                    36:eb:13:5d:ba:ba:48:8f:4b:fb:ef:a0:61:ae:8f:
                    01:eb:56:32:23:f0:a6:d9:3b:8e:e8:9b:c8:4d:00:
                    f1:d3:2a:0e:83:0b:1e:a4:c8:4f:65:e9:62:6b:c0:
                    f0:c1:ef:c4:34:40:c2:9e:97:6c:bd:08:e3:93:6d:
                    ad:2f:80:9d:75:8a:02:9e:49:45:86:d7:33:1d:25:
                    cc:db:c9:ae:f0:f4:bd:38:72:1b:0d:4c:33:fe:a6:
                    50:c0:96:0a:1c:33:61:cc:74:90:d8:e4:49:76:f5:
                    b7:b8:45:e6:13:a4:66:d2:08:72:6f:bd:af:61:df:
                    3a:5d:cb:99:05:85:a5:11:a2:63:88:fa:70:ab:29:
                    64:9e:e6:1d:51:81:6d:2a:e9:af:54:a8:02:87:9c:
                    62:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B2:80:D1:BD:72:D0:FB:D5:06:A8:22:2D:CD:12:47:F8:F6:15:3F
            X509v3 Authority Key Identifier:
                keyid:1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:18:9d:f3:65:a3:f7:61:8c:77:08:fd:9c:82:4d:f4:2b:f5:
         b5:ff:30:25:8e:8b:f5:d2:f5:46:1c:21:af:c7:dd:bd:db:e0:
         05:80:f9:67:12:6a:b5:bd:94:79:b3:a7:96:bd:04:5b:ad:06:
         b2:fe:39:7e:02:58:a2:db:b0:33:59:0d:5d:07:63:02:ce:70:
         5e:8e:63:04:46:71:9b:21:f9:ac:bd:1e:77:fc:47:6a:2f:8c:
         f6:c8:b0:fd:db:22:b1:ec:87:3a:62:86:31:cf:7a:36:fb:b6:
         f4:ed:c1:fd:85:48:6c:8b:43:a3:a0:4e:18:15:77:69:f0:da:
         1a:64:92:38:13:e5:55:e9:c1:7f:e1:57:44:6e:91:ba:95:f2:
         64:59:23:9d:d3:bf:65:04:57:34:e6:ed:8c:5a:be:e6:03:d4:
         76:a4:cb:b7:99:ba:b4:78:b8:b2:d9:82:4f:c6:36:0f:03:8c:
         87:9c:ca:e7:ef:89:4f:c3:7e:57:d6:22:1c:d1:7f:cd:58:31:
         0f:fa:cc:47:cf:22:66:96:2c:e2:6e:ab:fa:0a:c2:f0:99:81:
         60:4c:b6:03:48:47:f8:74:15:1a:12:e5:6e:90:0e:94:ca:6d:
         64:05:db:cb:ee:86:c1:13:90:01:74:b1:00:00:bd:1a:ea:92:
         46:d3:46:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdOTOwJkYaaYRQ40mZHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzhkNGIwY2JhODk5YzI0ZjRlMzQwNzM4NGQ2ZDNmYThk
NTFhNWYwHhcNMjUxMTExMDkwMTEyWhcNMjUxMTEyMDkwMTEyWjAzMTEwLwYDVQQD
EyhmYWIyODBkMWJkNzJkMGZiZDUwNmE4MjIyZGNkMTI0N2Y4ZjYxNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0baRfxJmx/AzCBxHb63exGNUZUpU
cMG9T5HtJQzXnxaii+tcZsELz2kJWXRWzHk69C4zG/ldIUSndKi3m9FLL1FpbjEN
f17GPoyoeOZ7jZy1bz+/pklH4DprTV1gAIeWWDpjHRb5/HU26xNdurpIj0v776Bh
ro8B61YyI/Cm2TuO6JvITQDx0yoOgwsepMhPZelia8Dwwe/ENEDCnpdsvQjjk22t
L4CddYoCnklFhtczHSXM28mu8PS9OHIbDUwz/qZQwJYKHDNhzHSQ2ORJdvW3uEXm
E6Rm0ghyb72vYd86XcuZBYWlEaJjiPpwqylknuYdUYFtKumvVKgCh5xinwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqygNG9ctD71QaoIi3NEkf49hU/MB8GA1UdIwQY
MBaAFB841LDLqJnCT040BzhNbT+o1RpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEt
M2EyODhjMmM4NTJjLzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEtM2EyODhjMmM4NTJj
LzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARRid82Wj
92GMdwj9nIJN9Cv1tf8wJY6L9dL1Rhwhr8fdvdvgBYD5ZxJqtb2UebOnlr0EW60G
sv45fgJYotuwM1kNXQdjAs5wXo5jBEZxmyH5rL0ed/xHai+M9siw/dsiseyHOmKG
Mc96Nvu29O3B/YVIbItDo6BOGBV3afDaGmSSOBPlVenBf+FXRG6RupXyZFkjndO/
ZQRXNObtjFq+5gPUdqTLt5m6tHi4stmCT8Y2DwOMh5zK5++JT8N+V9YiHNF/zVgx
D/rMR88iZpYs4m6r+grC8JmBYEy2A0hH+HQVGhLlbpAOlMptZAXby+6GwROQAXSx
AAC9GuqSRtNGww==
-----END CERTIFICATE-----