Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          zbJu/khcXvAsMlrEuodu9YncgpBjUED1frEbamO7vFc=
Subject key identifier:   7D:70:BE:AA:51:2C:3F:4F:6C:42:74:E4:EE:40:BA:69:24:F2:BE:06
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019A711375FE9C33E33AEBA5777679F688FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          171D
Signing time:             Tue 11 Nov 2025 04:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:32 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: xMV5QLfEt0PprBMgTmG2dqf7QAy1EZeLIgZyyP1T1i0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:75:fe:9c:33:e3:3a:eb:a5:77:76:79:f6:88:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Nov 11 04:01:32 2025 GMT
            Not After : Nov 12 04:01:32 2025 GMT
        Subject: CN=7d70beaa512c3f4f6c4274e4ee40ba6924f2be06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:95:be:de:67:0d:a3:25:60:3f:5d:c4:ba:30:
                    39:6f:03:4a:1c:cf:7a:d0:b5:a6:9b:fe:b0:76:4e:
                    ef:a6:6a:f1:11:e2:a1:f4:88:e4:34:8e:1b:6e:8e:
                    e5:16:f0:aa:f7:18:b1:67:2b:5c:d7:75:04:0f:05:
                    e6:36:f6:68:1f:ca:5b:75:b7:a6:14:34:73:12:ff:
                    3b:b1:b0:8e:09:54:d0:ff:d5:fb:42:d4:27:68:02:
                    b3:2c:4b:af:0d:c0:d3:a7:e3:e5:0f:a9:e2:f8:00:
                    86:b6:f2:e2:51:65:3b:75:55:f4:5a:9b:dc:ec:eb:
                    a3:77:cb:ff:a4:1a:6f:e7:4a:f2:1d:a3:f5:51:4d:
                    b5:f6:22:9a:a2:83:07:20:c6:7f:d5:8f:19:64:9c:
                    da:88:d2:59:47:53:c6:ce:dd:83:01:cd:66:5f:07:
                    e3:d4:07:38:00:7c:ab:bf:9d:b9:52:55:a7:78:30:
                    c7:43:af:6c:f0:b1:77:0d:a9:47:46:3f:21:33:db:
                    f8:34:c6:7a:1b:87:4d:7d:5e:67:06:c7:a5:67:46:
                    15:58:69:6d:b6:51:a3:be:55:ba:eb:52:a1:92:30:
                    5d:e7:f0:58:ae:b7:72:f6:29:3b:87:72:38:a9:cb:
                    d8:d4:e0:5e:82:bd:40:b5:6c:cf:7b:3c:34:e9:34:
                    d6:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:70:BE:AA:51:2C:3F:4F:6C:42:74:E4:EE:40:BA:69:24:F2:BE:06
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:ed:85:1c:40:44:a2:a8:65:d9:79:bb:e6:24:16:52:99:cb:
         ad:52:fe:64:6b:6c:5a:21:cb:b1:a2:44:c0:58:2c:de:d3:78:
         dc:c1:0b:5e:7d:1c:eb:c6:02:5f:b7:50:e7:94:d2:67:4b:fe:
         a4:e0:57:31:b3:2f:87:55:b2:4b:02:fc:34:fd:20:ee:e6:17:
         82:e9:ab:60:7c:65:76:ab:fb:bb:b7:62:69:f2:35:62:aa:68:
         56:8b:02:08:8b:d5:b1:d2:a8:7f:f0:c3:50:72:48:0f:13:bd:
         fc:28:de:c7:ff:05:7d:01:87:2c:3a:11:9d:b2:f5:b4:fe:81:
         04:71:a8:77:48:2c:1d:d2:23:cf:da:b4:02:35:a6:7f:48:8d:
         e7:13:4b:28:85:cf:ed:b4:15:5d:99:f9:ed:6b:65:fa:aa:32:
         a2:76:09:48:57:06:11:ff:db:b1:63:ad:58:e9:59:93:b4:e7:
         f4:0f:a5:55:ff:29:64:04:ca:99:44:9a:fc:1f:65:de:f5:83:
         d8:4e:7d:d2:10:d9:bd:c9:9d:4a:8a:55:ea:a9:d3:2a:b6:dc:
         a0:e3:4c:1f:df:c3:31:b7:9d:c9:57:70:0c:7c:51:2a:82:41:
         96:af:c5:b5:74:b9:fd:0e:2f:c8:bc:4a:a1:a2:75:84:2a:41:
         bc:20:20:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE3X+nDPjOuuld3Z59oj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUxMTExMDQwMTMyWhcNMjUxMTEyMDQwMTMyWjAzMTEwLwYDVQQD
Eyg3ZDcwYmVhYTUxMmMzZjRmNmM0Mjc0ZTRlZTQwYmE2OTI0ZjJiZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJW+3mcNoyVgP13EujA5bwNKHM96
0LWmm/6wdk7vpmrxEeKh9IjkNI4bbo7lFvCq9xixZytc13UEDwXmNvZoH8pbdbem
FDRzEv87sbCOCVTQ/9X7QtQnaAKzLEuvDcDTp+PlD6ni+ACGtvLiUWU7dVX0Wpvc
7Oujd8v/pBpv50ryHaP1UU219iKaooMHIMZ/1Y8ZZJzaiNJZR1PGzt2DAc1mXwfj
1Ac4AHyrv525UlWneDDHQ69s8LF3DalHRj8hM9v4NMZ6G4dNfV5nBselZ0YVWGlt
tlGjvlW661KhkjBd5/BYrrdy9ik7h3I4qcvY1OBegr1AtWzPezw06TTWVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1wvqpRLD9PbEJ05O5Aumkk8r4GMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUe2FHEBE
oqhl2Xm75iQWUpnLrVL+ZGtsWiHLsaJEwFgs3tN43MELXn0c68YCX7dQ55TSZ0v+
pOBXMbMvh1WySwL8NP0g7uYXgumrYHxldqv7u7diafI1YqpoVosCCIvVsdKof/DD
UHJIDxO9/Cjex/8FfQGHLDoRnbL1tP6BBHGod0gsHdIjz9q0AjWmf0iN5xNLKIXP
7bQVXZn57Wtl+qoyonYJSFcGEf/bsWOtWOlZk7Tn9A+lVf8pZATKmUSa/B9l3vWD
2E590hDZvcmdSopV6qnTKrbcoONMH9/DMbedyVdwDHxRKoJBlq/FtXS5/Q4vyLxK
oaJ1hCpBvCAgvA==
-----END CERTIFICATE-----