Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
File:                     hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json)
Hash identifier:          myemsDUe2lGopsb41Wa1K3f64KqrsExCvLPGNflHZV8=
Subject key identifier:   D0:54:C7:B7:4F:2C:98:D8:E7:8B:43:60:F4:E5:B2:07:89:15:AB:2B
Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C
Certificate issuer:       /CN=869acd19e23a816644bad0e8a12b86e1288ad33c
Certificate serial:       019A71B8D81D3D54322F2C61B6CD14C094A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
Manifest number:          1108
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: A5m8eVTbCamgYoSBwCcZ61vh96lRtvhkSFonOM9B8kM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d8:1d:3d:54:32:2f:2c:61:b6:cd:14:c0:94:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=d054c7b74f2c98d8e78b4360f4e5b2078915ab2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:28:e0:19:9d:67:57:90:38:15:14:93:7c:c0:
                    c0:13:b8:aa:0c:58:89:54:34:2d:af:0c:c8:b3:3a:
                    78:42:a2:e4:f9:bb:77:e8:1b:ec:1d:c2:1c:df:6a:
                    84:b9:21:bc:e1:a3:c5:1b:60:e0:f5:6a:ef:6b:c8:
                    ae:e0:ba:b6:d6:24:8f:18:a7:48:0c:d4:a5:65:8b:
                    27:08:9a:d0:bb:a6:62:69:b1:f0:7e:4f:af:d0:22:
                    59:75:3d:e7:18:38:31:c8:80:b3:02:a6:2f:69:04:
                    1b:9a:4d:66:32:53:b8:27:75:a6:d2:14:ad:98:2b:
                    2e:8f:85:75:5e:41:44:3a:a0:64:07:f3:14:17:3b:
                    1f:87:2a:18:6b:0b:7d:36:3b:f8:cf:44:82:bf:5e:
                    6f:e1:c0:58:3e:8d:a9:78:21:c3:40:09:07:c1:e6:
                    1c:79:a0:ab:95:d3:e8:0b:34:26:8c:4f:b9:b5:bf:
                    b9:f4:61:45:50:34:dc:cd:67:14:f5:a7:b2:c2:26:
                    23:10:2c:7c:e1:27:83:35:d2:bd:4a:f3:33:a3:ac:
                    0e:1f:c9:11:fa:02:c2:84:cf:47:9b:fc:2e:45:71:
                    fc:d7:01:a4:7e:d6:8a:75:4e:1b:7e:4d:87:22:8a:
                    40:fd:2e:11:d7:3a:96:93:9b:d6:90:a1:e0:13:c5:
                    10:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:54:C7:B7:4F:2C:98:D8:E7:8B:43:60:F4:E5:B2:07:89:15:AB:2B
            X509v3 Authority Key Identifier:
                keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:21:7b:6d:ba:2b:1a:7b:6c:e6:ec:2b:8c:58:e4:db:69:90:
         0b:6f:18:ab:8d:23:ee:0b:98:82:df:7d:b1:a2:5f:43:85:cc:
         71:71:ab:f2:13:d3:5e:74:75:39:e8:de:66:05:22:86:73:cd:
         d0:6d:73:0b:5a:05:3e:7d:c4:89:22:30:4e:f1:a5:6d:63:9f:
         f9:e5:a6:30:e6:9c:ff:08:ef:c7:6d:cd:ac:ef:5d:ff:96:13:
         aa:dc:f3:f9:f7:b3:83:07:01:3d:37:2a:03:98:31:5c:cf:21:
         45:df:df:80:57:01:51:b4:09:00:d6:10:46:0e:0e:9d:5e:0c:
         3b:44:30:f6:05:d3:9f:e1:68:f3:4a:bb:3d:44:55:95:9c:97:
         c8:fc:e1:0b:07:63:31:62:d4:56:44:f3:fb:f4:21:33:57:72:
         72:e1:51:30:9d:61:ed:64:d2:e7:52:96:ed:c5:2b:ad:16:78:
         bc:82:5e:d8:6b:0f:9c:12:eb:53:65:12:c0:22:4e:1b:76:82:
         ca:fc:af:28:b3:65:e1:ca:ad:7a:a3:a3:2c:e4:2f:a4:43:5b:
         5d:0b:f5:03:e8:2c:14:d6:82:3a:9f:75:45:37:80:fd:27:b4:
         e8:92:0c:d8:c0:43:00:fe:8f:23:93:38:ac:67:4c:88:f7:8c:
         3b:67:e6:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNgdPVQyLyxhts0UwJSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4
YWQzM2MwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EyhkMDU0YzdiNzRmMmM5OGQ4ZTc4YjQzNjBmNGU1YjIwNzg5MTVhYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyjgGZ1nV5A4FRSTfMDAE7iqDFiJ
VDQtrwzIszp4QqLk+bt36BvsHcIc32qEuSG84aPFG2Dg9Wrva8iu4Lq21iSPGKdI
DNSlZYsnCJrQu6ZiabHwfk+v0CJZdT3nGDgxyICzAqYvaQQbmk1mMlO4J3Wm0hSt
mCsuj4V1XkFEOqBkB/MUFzsfhyoYawt9Njv4z0SCv15v4cBYPo2peCHDQAkHweYc
eaCrldPoCzQmjE+5tb+59GFFUDTczWcU9aeywiYjECx84SeDNdK9SvMzo6wOH8kR
+gLChM9Hm/wuRXH81wGkftaKdU4bfk2HIopA/S4R1zqWk5vWkKHgE8UQLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBUx7dPLJjY54tDYPTlsgeJFasrMB8GA1UdIwQY
MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt
N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw
LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyF7bbor
Gnts5uwrjFjk22mQC28Yq40j7guYgt99saJfQ4XMcXGr8hPTXnR1OejeZgUihnPN
0G1zC1oFPn3EiSIwTvGlbWOf+eWmMOac/wjvx23NrO9d/5YTqtzz+fezgwcBPTcq
A5gxXM8hRd/fgFcBUbQJANYQRg4OnV4MO0Qw9gXTn+Fo80q7PURVlZyXyPzhCwdj
MWLUVkTz+/QhM1dycuFRMJ1h7WTS51KW7cUrrRZ4vIJe2GsPnBLrU2USwCJOG3aC
yvyvKLNl4cqteqOjLOQvpENbXQv1A+gsFNaCOp91RTeA/Se06JIM2MBDAP6PI5M4
rGdMiPeMO2fmOQ==
-----END CERTIFICATE-----