Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          WnMESNdWMuI4IjreXu0MyncAPdoL4IvomLDuzaZmZAA=
Subject key identifier:   F5:0F:4E:7B:7C:A2:1A:09:F5:F9:D4:73:44:A1:B0:59:34:17:81:5D
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       019A71B9018FD6E729B7A3C74FC65A9B7A25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 07:02:21 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:21 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:21 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: NqS4Cir0fsnytQegHBYb7K+cAej7zDVHE7Iw6YFv+LM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:01:8f:d6:e7:29:b7:a3:c7:4f:c6:5a:9b:7a:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Nov 11 07:02:21 2025 GMT
            Not After : Nov 12 07:02:21 2025 GMT
        Subject: CN=f50f4e7b7ca21a09f5f9d47344a1b0593417815d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7b:7c:02:e5:a9:ca:ff:02:21:88:f9:2e:c7:
                    34:1a:ba:f7:34:af:ec:f9:1d:fb:0e:e7:be:16:a4:
                    32:c5:ae:35:65:96:25:9d:8a:2e:7b:a5:77:30:21:
                    06:4b:6d:22:43:bd:55:1e:fd:3e:52:ff:a2:ab:98:
                    2b:9e:4a:2a:20:69:44:ac:a4:a5:af:a1:53:01:70:
                    f1:da:22:2f:a8:48:6a:4a:39:df:17:a0:25:a0:31:
                    3b:25:ec:cb:d0:4c:b9:fe:67:3f:0f:ee:78:5b:7f:
                    27:66:bf:76:83:b9:09:6f:66:fb:89:af:a9:25:a5:
                    92:68:57:b2:38:42:a5:99:4d:d5:1e:19:95:f6:2f:
                    59:34:c9:b5:aa:5f:7d:6e:c3:1f:29:de:e7:c1:66:
                    19:a1:03:11:93:31:57:75:24:31:71:05:27:b2:f5:
                    db:1e:6a:37:89:e3:39:bb:9a:0d:8f:b7:21:52:b2:
                    cc:08:a2:e7:13:dd:68:c0:77:95:2f:4a:d8:c8:85:
                    88:a6:82:27:61:62:ff:23:30:b2:5f:9f:bb:1b:94:
                    9f:6e:c5:4d:cb:ab:11:59:1a:91:36:eb:77:8b:5c:
                    27:13:8a:46:e3:5c:66:07:b3:bb:8b:7f:1f:e4:89:
                    05:4f:c2:d2:a1:2e:0e:37:a0:69:49:d4:4c:44:bf:
                    1f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:0F:4E:7B:7C:A2:1A:09:F5:F9:D4:73:44:A1:B0:59:34:17:81:5D
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:c2:8e:e2:94:58:13:82:4b:d6:97:5b:36:c1:b0:08:2c:66:
         66:05:17:68:6e:39:26:86:d4:5f:f3:dc:19:3f:0f:06:05:a0:
         42:5f:87:96:9d:c2:cf:7e:64:d6:a5:bc:7f:fb:e3:f1:6d:d2:
         d7:6c:4a:6a:48:df:74:55:09:5b:4f:be:5f:7b:e2:cc:06:44:
         03:c2:9c:c8:7b:ef:8d:52:aa:77:b3:c7:77:44:4a:f1:13:64:
         ad:51:7a:d1:2b:d6:2c:26:dc:69:3c:a3:1f:96:fe:50:2d:54:
         d2:d7:60:00:79:cb:84:ff:76:da:b2:14:8e:eb:f8:81:24:09:
         37:d5:11:3f:4a:30:71:97:90:07:7d:28:71:62:47:22:47:94:
         4d:d4:ff:c0:88:61:f5:f8:f7:66:c8:98:32:dd:32:ab:a2:4f:
         ae:3d:31:c0:86:0d:5a:33:d3:dd:49:c3:b3:95:c5:26:69:28:
         e8:1c:bd:1c:71:9c:02:cd:46:68:f2:5b:71:64:ec:dc:89:0c:
         5b:65:46:3d:62:13:f5:5f:ca:60:84:4a:e1:e7:ca:4c:fc:2e:
         59:5f:b9:d4:a5:07:0f:a2:7d:c7:9b:be:a1:20:7c:7a:f8:a4:
         66:ea:31:92:45:f1:23:1b:27:7d:53:4b:02:a2:11:20:b1:e6:
         da:11:05:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuQGP1ucpt6PHT8Zam3olMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjUxMTExMDcwMjIxWhcNMjUxMTEyMDcwMjIxWjAzMTEwLwYDVQQD
EyhmNTBmNGU3YjdjYTIxYTA5ZjVmOWQ0NzM0NGExYjA1OTM0MTc4MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03t8AuWpyv8CIYj5Lsc0Grr3NK/s
+R37Due+FqQyxa41ZZYlnYoue6V3MCEGS20iQ71VHv0+Uv+iq5grnkoqIGlErKSl
r6FTAXDx2iIvqEhqSjnfF6AloDE7JezL0Ey5/mc/D+54W38nZr92g7kJb2b7ia+p
JaWSaFeyOEKlmU3VHhmV9i9ZNMm1ql99bsMfKd7nwWYZoQMRkzFXdSQxcQUnsvXb
Hmo3ieM5u5oNj7chUrLMCKLnE91owHeVL0rYyIWIpoInYWL/IzCyX5+7G5SfbsVN
y6sRWRqRNut3i1wnE4pG41xmB7O7i38f5IkFT8LSoS4ON6BpSdRMRL8fPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUPTnt8ohoJ9fnUc0ShsFk0F4FdMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMKO4pRY
E4JL1pdbNsGwCCxmZgUXaG45JobUX/PcGT8PBgWgQl+Hlp3Cz35k1qW8f/vj8W3S
12xKakjfdFUJW0++X3vizAZEA8KcyHvvjVKqd7PHd0RK8RNkrVF60SvWLCbcaTyj
H5b+UC1U0tdgAHnLhP922rIUjuv4gSQJN9URP0owcZeQB30ocWJHIkeUTdT/wIhh
9fj3ZsiYMt0yq6JPrj0xwIYNWjPT3UnDs5XFJmko6By9HHGcAs1GaPJbcWTs3IkM
W2VGPWIT9V/KYIRK4efKTPwuWV+51KUHD6J9x5u+oSB8evikZuoxkkXxIxsnfVNL
AqIRILHm2hEFGQ==
-----END CERTIFICATE-----