Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
File:                     HVdIhaDItCBcPfLR_Nc0h33hBdk.mft (raw, json)
Hash identifier:          RMoiK8vcBoA+13LmYLBCwyuPPaUoTlHMu/OFouu8b1c=
Subject key identifier:   B1:04:EB:71:51:75:A6:53:85:68:38:D9:39:2F:3A:A3:48:AA:38:35
Authority key identifier: 1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9
Certificate issuer:       /CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
Certificate serial:       019A72265BD94B6C83C13B3A1A8A7B60A448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
Manifest number:          02F0
Signing time:             Tue 11 Nov 2025 09:01:47 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:47 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:47 +0000
Files and hashes:         1: HVdIhaDItCBcPfLR_Nc0h33hBdk.crl (hash: MdKyzTnVWOY1SvL6ex3I/6aGajhDT8pT1H2pzaIfyTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:5b:d9:4b:6c:83:c1:3b:3a:1a:8a:7b:60:a4:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d574885a0c8b4205c3df2d1fcd734877de105d9
        Validity
            Not Before: Nov 11 09:01:47 2025 GMT
            Not After : Nov 12 09:01:47 2025 GMT
        Subject: CN=b104eb715175a653856838d9392f3aa348aa3835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ed:c5:0c:03:de:a9:4f:71:f9:8b:87:d5:1b:
                    88:03:8c:d4:9b:21:36:7b:d1:1b:fa:48:5c:e6:f1:
                    6c:4a:72:7f:25:d3:cc:62:53:e8:48:3c:50:60:58:
                    43:e5:2a:c1:b5:4e:ce:53:cb:1a:47:4e:2d:d7:f6:
                    2e:0e:0d:5f:f4:cc:c8:d9:55:49:51:67:28:59:25:
                    96:9e:a7:b9:76:60:45:26:e4:67:0c:e7:16:1a:79:
                    16:05:f8:e3:0b:d2:1d:a6:05:b5:45:1c:1d:61:52:
                    36:46:1b:e6:29:a1:52:ce:53:55:46:9b:90:95:d5:
                    a4:6c:1a:ac:9f:b0:b9:df:16:b1:bd:ab:42:6c:5a:
                    4d:22:bd:e6:ae:b3:21:fa:6c:06:e7:df:2c:f8:35:
                    43:49:f4:62:b3:84:68:23:e8:08:31:d5:0a:8c:be:
                    06:6c:45:2d:61:87:3e:19:a3:8b:e5:20:3c:8a:bb:
                    88:fe:6b:53:fd:f3:79:ee:b5:1a:27:f3:91:f1:6e:
                    bd:aa:30:d9:62:3a:8c:c8:3f:6e:9b:74:b0:1a:22:
                    2b:dc:ed:cf:70:64:f7:c8:18:85:91:e2:8f:78:b0:
                    c3:f2:a6:0d:b3:ec:20:f8:7f:14:cc:33:1f:3a:88:
                    6d:05:ac:45:34:8e:0f:67:ee:aa:2d:6e:3e:45:d4:
                    93:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:04:EB:71:51:75:A6:53:85:68:38:D9:39:2F:3A:A3:48:AA:38:35
            X509v3 Authority Key Identifier:
                keyid:1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:ed:6d:c0:b1:50:e9:cd:61:a3:4c:90:82:2c:d3:85:a0:a5:
         fc:af:be:9c:17:2b:eb:25:38:15:3c:e1:77:fe:b0:44:5c:d3:
         ac:b2:bd:b9:8f:4c:f7:44:5c:90:c9:90:5d:21:cf:d4:b6:cb:
         78:fa:41:73:75:17:64:3a:a2:b2:cf:be:aa:ae:3c:86:4b:8d:
         65:53:bf:88:42:56:d2:be:97:ca:03:77:d5:34:c2:1a:d6:53:
         3f:9a:fa:62:00:7f:6c:ca:ef:ef:cd:f5:b8:8d:d5:bd:12:83:
         73:3b:44:1c:5d:57:cf:6e:bc:bc:82:93:50:31:71:12:72:07:
         0c:3d:58:18:41:56:12:76:21:82:13:1d:31:b8:3a:f6:c4:23:
         43:91:be:71:5e:6f:98:12:e7:23:51:fc:d0:69:ab:51:10:06:
         82:4e:b0:6e:af:38:5e:84:02:e9:23:46:b6:30:2b:85:c9:26:
         af:88:24:22:6d:22:12:eb:09:8f:6a:af:2c:a2:63:65:09:8d:
         97:08:21:5b:95:03:2a:40:b4:8f:9f:4f:b9:33:a5:a3:46:52:
         ac:4f:60:1a:dc:4d:cf:13:36:f1:7c:7e:f8:46:23:58:08:bf:
         38:0e:b8:d1:e6:fe:9a:29:6f:3c:40:ef:ab:24:cd:ed:65:0f:
         47:39:4a:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlvZS2yDwTs6Gop7YKRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTc0ODg1YTBjOGI0MjA1YzNkZjJkMWZjZDczNDg3N2Rl
MTA1ZDkwHhcNMjUxMTExMDkwMTQ3WhcNMjUxMTEyMDkwMTQ3WjAzMTEwLwYDVQQD
EyhiMTA0ZWI3MTUxNzVhNjUzODU2ODM4ZDkzOTJmM2FhMzQ4YWEzODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu3FDAPeqU9x+YuH1RuIA4zUmyE2
e9Eb+khc5vFsSnJ/JdPMYlPoSDxQYFhD5SrBtU7OU8saR04t1/YuDg1f9MzI2VVJ
UWcoWSWWnqe5dmBFJuRnDOcWGnkWBfjjC9IdpgW1RRwdYVI2RhvmKaFSzlNVRpuQ
ldWkbBqsn7C53xaxvatCbFpNIr3mrrMh+mwG598s+DVDSfRis4RoI+gIMdUKjL4G
bEUtYYc+GaOL5SA8iruI/mtT/fN57rUaJ/OR8W69qjDZYjqMyD9um3SwGiIr3O3P
cGT3yBiFkeKPeLDD8qYNs+wg+H8UzDMfOohtBaxFNI4PZ+6qLW4+RdSTRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEE63FRdaZThWg42TkvOqNIqjg1MB8GA1UdIwQY
MBaAFB1XSIWgyLQgXD3y0fzXNId94QXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMt
OTE5OGNhMmFjNzY2LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMtOTE5OGNhMmFjNzY2
LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHO1twLFQ
6c1ho0yQgizThaCl/K++nBcr6yU4FTzhd/6wRFzTrLK9uY9M90RckMmQXSHP1LbL
ePpBc3UXZDqiss++qq48hkuNZVO/iEJW0r6XygN31TTCGtZTP5r6YgB/bMrv7831
uI3VvRKDcztEHF1Xz268vIKTUDFxEnIHDD1YGEFWEnYhghMdMbg69sQjQ5G+cV5v
mBLnI1H80GmrURAGgk6wbq84XoQC6SNGtjArhckmr4gkIm0iEusJj2qvLKJjZQmN
lwghW5UDKkC0j59PuTOlo0ZSrE9gGtxNzxM28Xx++EYjWAi/OA640eb+milvPEDv
qyTN7WUPRzlKCw==
-----END CERTIFICATE-----