Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          IK5LRCCfkdJ5HumPkxPLU0D6/66/oyfAx6ayynBNU1c=
Subject key identifier:   ED:15:F6:BD:2F:CA:9F:87:8F:DF:72:D3:FF:2B:60:83:4E:78:0C:83
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019A71B8BD37C3B9C7B80D45CFC905D7F417
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 07:02:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:03 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: XJCmMp6zNrMX3uWzt17OcpGcTJYiSlKg60mucoUaPEU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:bd:37:c3:b9:c7:b8:0d:45:cf:c9:05:d7:f4:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Nov 11 07:02:03 2025 GMT
            Not After : Nov 12 07:02:03 2025 GMT
        Subject: CN=ed15f6bd2fca9f878fdf72d3ff2b60834e780c83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2b:2a:9b:1b:cc:06:83:5e:c9:31:8f:64:63:
                    91:be:3d:85:ec:da:11:fb:2f:64:65:4c:36:b9:55:
                    22:93:d3:9f:1d:77:a6:6f:5b:b2:fe:51:8b:8f:31:
                    33:c8:b1:0d:73:1e:7f:4f:5e:6d:17:fd:62:2f:e3:
                    c0:ca:a9:07:da:13:0e:2a:85:ff:8d:86:9d:f8:9e:
                    9c:21:7a:bf:f7:17:92:ee:6b:6e:ca:cf:b9:b2:98:
                    c9:56:30:1f:f6:3a:20:63:66:2e:47:e8:f9:c9:84:
                    8f:34:65:9b:53:d6:76:f7:f9:5b:dd:be:dd:8b:b4:
                    e9:fc:d1:6d:64:dd:da:39:68:aa:e6:7c:29:eb:69:
                    b8:8f:ea:33:1c:58:ba:e6:be:83:e8:68:3a:e3:42:
                    f1:89:0e:ee:79:00:99:a6:97:7b:9b:ab:c5:03:18:
                    41:bc:38:01:09:a6:4c:05:a8:f6:20:1d:08:90:f4:
                    64:d4:d7:69:72:94:f1:c9:29:c3:fa:4c:25:cb:7f:
                    ab:e3:5f:57:40:0e:7c:9a:2b:41:94:bc:29:c7:61:
                    d4:fd:77:40:f5:e7:b3:6c:7f:f4:b5:5e:dc:ac:df:
                    a3:71:0b:9c:51:b1:22:be:f5:80:f6:ff:4b:66:ac:
                    70:48:52:22:3b:97:ef:00:50:cc:ac:0c:61:b5:b3:
                    1c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:15:F6:BD:2F:CA:9F:87:8F:DF:72:D3:FF:2B:60:83:4E:78:0C:83
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:f9:9f:19:32:1b:c5:8c:22:89:1b:52:90:68:a2:f9:09:a9:
         ba:f7:35:1d:ef:c3:e8:97:2a:4b:0d:51:c8:b8:34:32:dd:e4:
         40:d7:4b:a0:bc:cb:d2:e0:f7:04:d2:af:f0:6d:1d:78:dd:c5:
         d8:73:ea:ab:8c:ab:31:93:b4:8c:b4:8a:19:5b:29:95:47:58:
         20:2c:08:e8:55:f1:9a:62:88:29:1b:a9:16:bf:f0:66:ce:ee:
         a8:1d:98:ce:eb:33:78:45:9d:0b:a0:91:94:a7:cb:52:0c:81:
         59:ca:91:4e:f0:ec:a9:b3:b4:3b:14:fb:13:0c:f8:3e:95:0d:
         dd:24:37:dd:ff:46:25:85:08:1c:87:f5:0b:a3:2d:da:44:93:
         64:07:bb:55:cd:97:46:be:3e:55:67:c8:5c:90:e9:27:eb:fa:
         16:e2:f0:db:25:95:c9:7f:cd:cc:47:42:84:c5:35:03:b9:f0:
         9c:cb:e4:4a:95:6d:a5:0a:01:9f:8b:f1:12:6d:21:8b:39:0b:
         3b:14:f1:0c:84:be:96:78:f4:10:e9:5f:ca:d7:c9:a1:89:0c:
         c3:26:51:ea:ad:1b:ef:42:7c:aa:64:2d:2d:74:f4:0f:5a:f5:
         6d:16:ff:63:ec:05:b5:dd:54:f4:28:5c:98:8e:ec:c2:5c:ae:
         49:9d:fa:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuL03w7nHuA1Fz8kF1/QXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUxMTExMDcwMjAzWhcNMjUxMTEyMDcwMjAzWjAzMTEwLwYDVQQD
EyhlZDE1ZjZiZDJmY2E5Zjg3OGZkZjcyZDNmZjJiNjA4MzRlNzgwYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCsqmxvMBoNeyTGPZGORvj2F7NoR
+y9kZUw2uVUik9OfHXemb1uy/lGLjzEzyLENcx5/T15tF/1iL+PAyqkH2hMOKoX/
jYad+J6cIXq/9xeS7mtuys+5spjJVjAf9jogY2YuR+j5yYSPNGWbU9Z29/lb3b7d
i7Tp/NFtZN3aOWiq5nwp62m4j+ozHFi65r6D6Gg640LxiQ7ueQCZppd7m6vFAxhB
vDgBCaZMBaj2IB0IkPRk1NdpcpTxySnD+kwly3+r419XQA58mitBlLwpx2HU/XdA
9eezbH/0tV7crN+jcQucUbEivvWA9v9LZqxwSFIiO5fvAFDMrAxhtbMcDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0V9r0vyp+Hj99y0/8rYINOeAyDMB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvmfGTIb
xYwiiRtSkGii+Qmpuvc1He/D6JcqSw1RyLg0Mt3kQNdLoLzL0uD3BNKv8G0deN3F
2HPqq4yrMZO0jLSKGVsplUdYICwI6FXxmmKIKRupFr/wZs7uqB2YzuszeEWdC6CR
lKfLUgyBWcqRTvDsqbO0OxT7Ewz4PpUN3SQ33f9GJYUIHIf1C6Mt2kSTZAe7Vc2X
Rr4+VWfIXJDpJ+v6FuLw2yWVyX/NzEdChMU1A7nwnMvkSpVtpQoBn4vxEm0hizkL
OxTxDIS+lnj0EOlfytfJoYkMwyZR6q0b70J8qmQtLXT0D1r1bRb/Y+wFtd1U9Chc
mI7swlyuSZ36ig==
-----END CERTIFICATE-----