Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
File:                     HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json)
Hash identifier:          6j+G4PSMbt/yOzY/hlBVfKtA/7+EtflpsU59L1S6gBw=
Subject key identifier:   47:90:2E:37:D7:E3:89:7F:FF:C3:A1:30:6F:8A:2E:D5:1C:23:87:C3
Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6
Certificate issuer:       /CN=1f390af833d7d4269042c249bcf49648572095b6
Certificate serial:       019A71B86336CF5DF907B48C4837ECB8A091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
Manifest number:          11BE
Signing time:             Tue 11 Nov 2025 07:01:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:40 +0000
Files and hashes:         1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: tMMfChQU1KnrhURL2Jw0/jvjckQ6NFqxyBt3C8cBQtI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:63:36:cf:5d:f9:07:b4:8c:48:37:ec:b8:a0:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6
        Validity
            Not Before: Nov 11 07:01:40 2025 GMT
            Not After : Nov 12 07:01:40 2025 GMT
        Subject: CN=47902e37d7e3897fffc3a1306f8a2ed51c2387c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:69:e0:39:70:cb:72:1d:5e:67:49:c4:3d:f4:
                    08:7e:c2:29:31:99:d2:5a:70:9f:a9:3b:da:48:d6:
                    2d:2c:60:5b:7f:17:31:87:1b:a5:d0:9f:ad:46:0b:
                    56:88:5e:43:84:90:2f:1c:b7:18:00:ea:aa:32:4f:
                    56:22:68:d9:a8:45:8b:f5:1b:c7:38:84:e9:d6:04:
                    b9:4b:6b:94:58:d2:2e:f1:41:ae:9b:f5:0b:fb:63:
                    ea:21:6d:3d:23:62:3c:31:10:fb:a3:a1:c1:5a:1c:
                    42:fb:69:fa:20:e1:14:b1:7c:f5:32:64:1d:77:dd:
                    f7:bc:3b:2c:19:74:a4:76:ce:09:6c:04:ec:25:8c:
                    33:17:28:cd:b1:07:c3:49:38:94:7b:57:6e:96:8b:
                    6d:48:6c:32:2e:e0:89:55:05:5b:6f:cb:92:8b:88:
                    10:fe:49:63:4a:79:f6:11:14:4e:4e:03:d6:e2:7d:
                    4f:1c:9c:5f:86:3e:02:a2:17:61:56:c6:51:a9:86:
                    3c:10:f8:10:d5:e2:d9:98:d3:83:5c:50:eb:8d:26:
                    ab:c6:2f:52:95:ca:8c:5a:f0:e4:58:f0:14:08:a8:
                    fc:81:3f:4f:3e:8a:f7:f2:7f:5f:dc:76:2a:d6:8e:
                    11:11:81:b5:8e:cd:0c:d7:c3:2f:38:51:3e:f5:e1:
                    5d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:90:2E:37:D7:E3:89:7F:FF:C3:A1:30:6F:8A:2E:D5:1C:23:87:C3
            X509v3 Authority Key Identifier:
                keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:8a:8a:f3:04:d7:95:c5:ed:7d:00:d9:47:05:74:94:88:f5:
         b9:72:56:f3:79:78:6b:16:41:52:9f:37:b6:65:1e:95:3e:e3:
         5f:1e:30:e6:18:ff:19:15:ca:e4:69:8b:c2:cc:91:f2:5b:7b:
         a4:30:1c:04:8d:03:77:1a:e1:f6:d0:60:29:05:f4:a0:91:2b:
         3a:a4:f7:eb:d0:9d:db:13:2b:fe:cf:76:d5:78:f5:59:19:6d:
         15:10:92:e2:0e:7a:19:cc:f2:46:79:40:37:3e:77:3b:e4:da:
         f4:2b:63:fb:04:5b:ed:f2:e9:7d:9c:16:ec:1c:72:9c:0d:08:
         70:7f:b0:07:93:d9:05:fd:33:cb:1d:4a:8f:94:64:17:e4:d7:
         e9:ad:f7:54:a0:06:82:2a:50:ab:3f:0b:31:ad:3a:04:9f:c5:
         3c:b0:d7:e2:10:41:ec:d1:db:ec:50:ec:7d:f0:5a:c0:8a:a5:
         9c:28:91:88:ba:72:a4:2d:a9:51:3e:38:73:e0:1a:1b:69:12:
         5d:f6:fc:c6:2f:19:0e:41:58:2a:2c:74:69:fe:06:12:4b:86:
         19:d6:e3:81:04:05:d7:4a:d1:88:f7:04:cc:b5:dc:17:f0:0b:
         1d:8d:e8:84:df:ed:06:a9:fa:da:15:83:7e:de:75:92:c2:c7:
         f2:1f:d9:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGM2z135B7SMSDfsuKCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy
MDk1YjYwHhcNMjUxMTExMDcwMTQwWhcNMjUxMTEyMDcwMTQwWjAzMTEwLwYDVQQD
Eyg0NzkwMmUzN2Q3ZTM4OTdmZmZjM2ExMzA2ZjhhMmVkNTFjMjM4N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGngOXDLch1eZ0nEPfQIfsIpMZnS
WnCfqTvaSNYtLGBbfxcxhxul0J+tRgtWiF5DhJAvHLcYAOqqMk9WImjZqEWL9RvH
OITp1gS5S2uUWNIu8UGum/UL+2PqIW09I2I8MRD7o6HBWhxC+2n6IOEUsXz1MmQd
d933vDssGXSkds4JbATsJYwzFyjNsQfDSTiUe1dulottSGwyLuCJVQVbb8uSi4gQ
/kljSnn2ERROTgPW4n1PHJxfhj4CohdhVsZRqYY8EPgQ1eLZmNODXFDrjSarxi9S
lcqMWvDkWPAUCKj8gT9PPor38n9f3HYq1o4REYG1js0M18MvOFE+9eFdkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeQLjfX44l//8OhMG+KLtUcI4fDMB8GA1UdIwQY
MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt
ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw
LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYqK8wTX
lcXtfQDZRwV0lIj1uXJW83l4axZBUp83tmUelT7jXx4w5hj/GRXK5GmLwsyR8lt7
pDAcBI0Ddxrh9tBgKQX0oJErOqT369Cd2xMr/s921Xj1WRltFRCS4g56GczyRnlA
Nz53O+Ta9Ctj+wRb7fLpfZwW7BxynA0IcH+wB5PZBf0zyx1Kj5RkF+TX6a33VKAG
gipQqz8LMa06BJ/FPLDX4hBB7NHb7FDsffBawIqlnCiRiLpypC2pUT44c+AaG2kS
Xfb8xi8ZDkFYKix0af4GEkuGGdbjgQQF10rRiPcEzLXcF/ALHY3ohN/tBqn62hWD
ft51ksLH8h/Zww==
-----END CERTIFICATE-----