Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File:                     Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier:          vbDPRJ/CqQmEWRVJIXe7WEIFcCQbzEGLuyCz0EoF7m8=
Subject key identifier:   F2:E3:84:76:EA:60:41:D3:9D:B8:1C:1A:DE:76:0F:5F:68:A5:23:A7
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer:       /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial:       0199239F22BD343A97915F0849C14C2D1FF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number:          1254
Signing time:             Sun 07 Sep 2025 10:00:55 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:55 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:55 +0000
Files and hashes:         1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: sFNjFzu+snk8fx9Crj3dqINJAhrAFpqZSSMQGlDOv1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:22:bd:34:3a:97:91:5f:08:49:c1:4c:2d:1f:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
        Validity
            Not Before: Sep  7 10:00:55 2025 GMT
            Not After : Sep  8 10:00:55 2025 GMT
        Subject: CN=f2e38476ea6041d39db81c1ade760f5f68a523a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:48:9f:b1:d4:03:71:40:12:69:ad:e4:e8:9e:
                    53:01:ec:cc:ed:37:c9:a3:ae:fa:4d:8e:4a:dc:45:
                    e9:0f:6d:fe:b9:62:72:2d:a0:a2:1c:05:74:0d:a3:
                    1e:82:95:cd:82:eb:2d:0d:2e:83:85:af:85:42:fb:
                    ce:00:85:bb:ce:39:32:07:b0:37:e3:ac:84:1f:1d:
                    5d:b4:ba:18:dd:b0:ed:43:bb:bf:01:e2:b5:b7:4f:
                    b9:c1:b2:e2:dc:85:43:12:af:68:38:98:85:98:33:
                    ac:84:09:65:fe:23:1a:62:c2:0a:3a:24:0d:80:70:
                    71:d4:57:38:a6:38:e3:d2:2e:4e:09:1b:f7:47:b0:
                    39:30:bf:f2:a0:91:f6:f6:2d:ae:ba:0a:d3:c8:22:
                    52:d5:92:7d:6d:b6:f4:ff:bd:95:41:e3:f8:b4:0e:
                    46:5a:65:c0:a6:70:9f:eb:c6:8f:18:3c:0e:9d:a8:
                    07:4b:ea:9c:84:9b:06:90:72:69:8a:b1:a5:a3:d9:
                    d7:8e:17:bf:3c:a2:39:9a:0c:fc:15:0d:61:22:a9:
                    d6:57:a2:a3:0e:7f:6e:1b:32:09:be:df:85:d2:3a:
                    61:70:53:bf:0b:b8:a0:0f:b4:5c:84:b8:c9:75:14:
                    62:20:ad:a3:dd:58:7c:90:97:d0:a0:fc:33:89:2d:
                    65:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:E3:84:76:EA:60:41:D3:9D:B8:1C:1A:DE:76:0F:5F:68:A5:23:A7
            X509v3 Authority Key Identifier:
                keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:53:87:55:ec:4f:d7:a7:0b:9c:5c:8a:84:7f:8c:95:08:58:
         c0:42:dc:83:42:0d:dc:93:da:6e:b9:b6:70:46:45:ca:70:be:
         cd:00:9c:ad:40:bb:c4:f6:13:dd:06:87:9e:13:8d:84:99:34:
         12:98:88:b4:37:92:49:16:6a:a8:13:19:ae:3a:8e:2d:04:f9:
         de:ed:26:5c:c1:9a:6e:ff:ab:d1:aa:81:eb:c1:aa:f3:53:cb:
         d7:ac:43:60:12:e5:7e:08:2e:2f:31:ed:33:0e:40:f8:72:4f:
         8e:5b:69:1e:e2:10:31:a8:90:82:dc:26:a9:b1:eb:56:d6:48:
         c9:fd:70:33:31:99:ce:ff:83:6f:15:42:86:25:9e:d2:b9:84:
         1c:90:cd:fe:37:32:e7:c6:c7:76:92:13:46:02:89:92:58:3e:
         d8:e0:7a:34:03:60:21:3f:2a:ae:92:47:61:97:95:ea:33:35:
         c1:a4:ae:f0:cc:b8:47:59:40:c3:75:69:0e:46:84:38:a3:10:
         cb:7b:28:a7:26:d8:96:5d:88:57:2d:fb:cb:cf:e8:3c:fa:d2:
         bb:d8:bf:8f:2a:fd:66:44:3c:0a:c6:da:d9:94:79:c7:fd:91:
         45:e4:0b:9f:60:86:25:7e:7e:c8:40:e9:ae:72:2c:b9:5f:4b:
         ac:e8:bd:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnyK9NDqXkV8IScFMLR/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjUwOTA3MTAwMDU1WhcNMjUwOTA4MTAwMDU1WjAzMTEwLwYDVQQD
EyhmMmUzODQ3NmVhNjA0MWQzOWRiODFjMWFkZTc2MGY1ZjY4YTUyM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEifsdQDcUASaa3k6J5TAezM7TfJ
o676TY5K3EXpD23+uWJyLaCiHAV0DaMegpXNgustDS6Dha+FQvvOAIW7zjkyB7A3
46yEHx1dtLoY3bDtQ7u/AeK1t0+5wbLi3IVDEq9oOJiFmDOshAll/iMaYsIKOiQN
gHBx1Fc4pjjj0i5OCRv3R7A5ML/yoJH29i2uugrTyCJS1ZJ9bbb0/72VQeP4tA5G
WmXApnCf68aPGDwOnagHS+qchJsGkHJpirGlo9nXjhe/PKI5mgz8FQ1hIqnWV6Kj
Dn9uGzIJvt+F0jphcFO/C7igD7RchLjJdRRiIK2j3Vh8kJfQoPwziS1lUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPLjhHbqYEHTnbgcGt52D19opSOnMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj1OHVexP
16cLnFyKhH+MlQhYwELcg0IN3JPabrm2cEZFynC+zQCcrUC7xPYT3QaHnhONhJk0
EpiItDeSSRZqqBMZrjqOLQT53u0mXMGabv+r0aqB68Gq81PL16xDYBLlfgguLzHt
Mw5A+HJPjltpHuIQMaiQgtwmqbHrVtZIyf1wMzGZzv+DbxVChiWe0rmEHJDN/jcy
58bHdpITRgKJklg+2OB6NANgIT8qrpJHYZeV6jM1waSu8My4R1lAw3VpDkaEOKMQ
y3sopybYll2IVy37y8/oPPrSu9i/jyr9ZkQ8Csba2ZR5x/2RReQLn2CGJX5+yEDp
rnIsuV9LrOi9vw==
-----END CERTIFICATE-----