Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
File:                     r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json)
Hash identifier:          hCi5ovE0pbgT6aJKGjOJ3dKZ806+CQ/B+MrgySIMyCY=
Subject key identifier:   2B:AE:99:CB:67:D0:11:75:1A:D8:7E:7E:17:AE:43:62:AA:AA:B4:29
Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
Certificate issuer:       /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Certificate serial:       019A71B81E6FE9FFFD19176DEF3652913F9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
Manifest number:          0C14
Signing time:             Tue 11 Nov 2025 07:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:23 +0000
Files and hashes:         1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: AG/9hUt50llBgKl1t8m0m639wl68T28BpuMJq/Rl8js=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:1e:6f:e9:ff:fd:19:17:6d:ef:36:52:91:3f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
        Validity
            Not Before: Nov 11 07:01:23 2025 GMT
            Not After : Nov 12 07:01:23 2025 GMT
        Subject: CN=2bae99cb67d011751ad87e7e17ae4362aaaab429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:98:18:bb:16:88:5d:71:75:cb:82:11:15:f4:
                    68:67:ad:67:7d:4b:df:f6:68:f3:b1:1b:74:51:7f:
                    53:3a:b2:07:ef:4c:21:14:74:9d:35:6a:b9:4f:38:
                    00:aa:fd:53:21:68:e4:aa:69:39:39:62:be:a8:f4:
                    11:b4:59:02:c5:44:c4:d4:83:0f:92:4f:a4:bd:ec:
                    91:46:38:ae:2b:e8:9c:bc:81:24:14:e2:6d:c4:6e:
                    7c:35:97:b6:7b:a3:88:1f:12:de:c7:8f:cc:5d:04:
                    b7:5c:2b:fd:1d:46:2c:90:2c:34:e0:31:11:33:0e:
                    91:e5:15:97:d7:94:e0:c0:cd:63:23:36:b0:ec:b8:
                    11:b8:ec:b3:d9:3a:c8:69:91:87:06:cd:a7:fc:19:
                    74:6a:06:10:52:55:54:25:ae:0f:18:fb:07:60:f4:
                    92:c2:84:ee:a4:77:77:c4:c1:a0:7f:27:1f:0f:c1:
                    95:a8:ca:05:6d:47:ff:1f:fb:7a:d7:bd:59:3f:97:
                    3b:ab:8f:e7:62:fb:db:60:c0:5e:0a:fb:91:e9:6a:
                    0c:95:f1:c4:e1:43:b1:1a:2b:60:dd:76:02:ab:04:
                    50:c1:ca:e8:52:e4:44:ac:55:0a:29:70:1d:43:0e:
                    65:2e:8d:29:42:98:ff:ab:91:54:02:8f:f0:e5:2f:
                    87:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:AE:99:CB:67:D0:11:75:1A:D8:7E:7E:17:AE:43:62:AA:AA:B4:29
            X509v3 Authority Key Identifier:
                keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:73:07:93:ed:0a:da:37:90:be:8e:21:9f:5f:9e:ec:ba:9c:
         e9:f1:7b:51:f7:d7:a9:d9:37:11:f2:65:40:5e:77:70:86:de:
         9b:70:40:63:0a:64:20:0e:d7:18:ca:15:15:88:04:c5:0f:3a:
         16:eb:cd:b0:81:9a:4b:2e:d2:b8:9e:b7:30:af:3f:ee:5f:4f:
         2f:4c:63:56:79:ab:0b:42:40:1f:9e:bd:70:9f:e4:8c:57:32:
         36:0a:d9:21:ad:31:70:27:55:4d:34:35:e1:9e:c2:54:72:05:
         8a:11:0b:d7:2b:44:4b:38:9e:4f:d0:1c:70:d2:72:f4:7b:c2:
         8b:78:b0:00:0d:7c:9d:12:ba:e4:cf:f1:d5:af:75:c2:02:8b:
         87:46:e3:0e:d6:9c:51:a2:1d:76:49:0e:5c:02:ae:05:bc:86:
         39:b7:a1:7a:96:e4:5a:4c:e5:a9:3d:8e:5b:2d:e4:c8:e4:5c:
         44:aa:f0:65:05:ba:12:5c:92:a9:c3:0c:94:a9:c8:70:29:a9:
         72:aa:8e:03:95:fd:a9:40:ea:16:d1:3a:e8:59:c5:0a:f4:31:
         d2:a9:6b:33:54:b3:de:0c:9b:59:25:f6:f2:97:d4:9f:ba:70:
         81:e1:36:ec:c0:96:b7:d5:3c:ef:09:89:08:80:ac:5d:c8:4c:
         88:ab:54:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuB5v6f/9GRdt7zZSkT+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx
NWM5MTAwHhcNMjUxMTExMDcwMTIzWhcNMjUxMTEyMDcwMTIzWjAzMTEwLwYDVQQD
EygyYmFlOTljYjY3ZDAxMTc1MWFkODdlN2UxN2FlNDM2MmFhYWFiNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppgYuxaIXXF1y4IRFfRoZ61nfUvf
9mjzsRt0UX9TOrIH70whFHSdNWq5TzgAqv1TIWjkqmk5OWK+qPQRtFkCxUTE1IMP
kk+kveyRRjiuK+icvIEkFOJtxG58NZe2e6OIHxLex4/MXQS3XCv9HUYskCw04DER
Mw6R5RWX15TgwM1jIzaw7LgRuOyz2TrIaZGHBs2n/Bl0agYQUlVUJa4PGPsHYPSS
woTupHd3xMGgfycfD8GVqMoFbUf/H/t6171ZP5c7q4/nYvvbYMBeCvuR6WoMlfHE
4UOxGitg3XYCqwRQwcroUuRErFUKKXAdQw5lLo0pQpj/q5FUAo/w5S+HRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuumctn0BF1Gth+fheuQ2KqqrQpMB8GA1UdIwQY
MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt
YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx
LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXHMHk+0K
2jeQvo4hn1+e7Lqc6fF7UffXqdk3EfJlQF53cIbem3BAYwpkIA7XGMoVFYgExQ86
FuvNsIGaSy7SuJ63MK8/7l9PL0xjVnmrC0JAH569cJ/kjFcyNgrZIa0xcCdVTTQ1
4Z7CVHIFihEL1ytESzieT9AccNJy9HvCi3iwAA18nRK65M/x1a91wgKLh0bjDtac
UaIddkkOXAKuBbyGObehepbkWkzlqT2OWy3kyORcRKrwZQW6ElySqcMMlKnIcCmp
cqqOA5X9qUDqFtE66FnFCvQx0qlrM1Sz3gybWSX28pfUn7pwgeE27MCWt9U87wmJ
CICsXchMiKtU8g==
-----END CERTIFICATE-----