Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          kSSZUk6K0c1okEJKh5cf+92j/bg20hbF7EFso9KbTzc=
Subject key identifier:   CA:9C:56:DE:AC:48:50:C1:C3:C3:E5:24:06:00:ED:B9:77:56:AF:64
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       019922C3043CCE313A570CD98C23B2A7EE1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          05BD
Signing time:             Sun 07 Sep 2025 06:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:29 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: 5hgqgFXtM8wg8C7TDfAMf8A+uRX2Ldyeg3da0HDaNCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:04:3c:ce:31:3a:57:0c:d9:8c:23:b2:a7:ee:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Sep  7 06:00:29 2025 GMT
            Not After : Sep  8 06:00:29 2025 GMT
        Subject: CN=ca9c56deac4850c1c3c3e5240600edb97756af64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:64:93:4f:63:59:9f:78:a0:5f:50:27:64:6c:
                    a7:93:cc:47:47:69:49:a4:c0:98:4c:9e:c7:53:3d:
                    c6:c5:58:28:ee:bb:b4:57:71:85:6d:9e:f5:9b:e7:
                    21:cd:2b:d2:95:c4:81:38:50:0b:df:00:bd:07:42:
                    f7:c7:63:ca:aa:95:bf:eb:9a:5c:ba:7b:a7:74:1a:
                    7e:df:c6:4f:b0:21:98:ea:0e:1d:69:5e:94:9d:9c:
                    57:04:60:90:b6:d3:7b:a3:a9:8b:70:2e:ec:6a:2f:
                    6d:ea:06:fb:13:13:79:eb:72:a5:27:b6:19:26:e0:
                    e6:f3:c6:45:5e:21:73:1c:08:15:69:13:11:4c:c0:
                    5b:04:98:96:11:6f:10:ca:6f:ba:61:d5:8a:11:60:
                    f2:0c:fd:9d:d1:6c:31:2d:e2:fc:98:f9:cb:d3:a7:
                    b8:81:d9:aa:54:e4:99:e6:75:10:9d:74:4e:31:68:
                    4c:62:bb:37:64:46:d8:c0:25:8e:c8:a9:03:19:66:
                    e4:a7:fb:0c:9f:73:2e:fb:c0:1f:c7:09:d5:55:db:
                    85:d8:58:e0:ef:15:a5:0a:fc:c9:fd:08:6d:cf:ea:
                    8d:e6:dc:f3:75:8e:be:d9:1a:59:69:01:32:89:16:
                    9e:75:3a:6c:35:04:1e:6d:23:7b:94:28:f6:a7:26:
                    da:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:9C:56:DE:AC:48:50:C1:C3:C3:E5:24:06:00:ED:B9:77:56:AF:64
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:bb:56:06:4e:b7:09:31:1d:01:7a:9a:ea:2c:13:c7:59:cd:
         a2:f5:c3:07:fb:0e:77:30:1f:46:01:b0:83:02:a5:b7:cc:d8:
         ce:4e:26:7d:eb:f2:a7:a6:d3:73:0d:e3:5f:e5:8a:90:7b:78:
         a0:a4:c4:f7:ef:93:47:8a:33:93:94:ef:d8:26:40:d4:ef:0a:
         01:50:69:2d:1d:4d:12:d0:ae:58:ae:53:16:ab:3c:60:d8:7b:
         3b:59:9e:38:3f:34:7d:21:1f:93:66:ca:99:5e:56:f3:fd:de:
         4c:bc:e9:69:0b:23:0c:7d:19:0c:b0:26:21:b8:6c:47:4e:bd:
         5c:d9:d7:76:fd:40:93:f1:4e:92:43:44:d9:3e:0a:cc:d8:5a:
         18:25:2e:2f:49:39:61:89:94:11:09:cd:4f:bf:13:15:2d:ef:
         f9:6d:4d:8c:85:63:f7:e4:43:97:8d:70:65:01:05:8a:b4:6c:
         fa:a3:47:91:9b:d3:93:83:84:86:58:ad:2c:da:fa:fb:f8:71:
         42:ca:20:9a:13:67:d9:a6:92:b7:08:e0:f8:53:56:f7:19:b4:
         21:61:1f:9e:74:73:f1:26:b0:e3:20:bd:e4:2a:41:62:0a:eb:
         63:db:ff:de:b7:a5:6e:e4:ff:f6:fc:d7:9e:e7:44:f2:9b:8f:
         b1:4d:06:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwwQ8zjE6VwzZjCOyp+4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUwOTA3MDYwMDI5WhcNMjUwOTA4MDYwMDI5WjAzMTEwLwYDVQQD
EyhjYTljNTZkZWFjNDg1MGMxYzNjM2U1MjQwNjAwZWRiOTc3NTZhZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWSTT2NZn3igX1AnZGynk8xHR2lJ
pMCYTJ7HUz3GxVgo7ru0V3GFbZ71m+chzSvSlcSBOFAL3wC9B0L3x2PKqpW/65pc
unundBp+38ZPsCGY6g4daV6UnZxXBGCQttN7o6mLcC7sai9t6gb7ExN563KlJ7YZ
JuDm88ZFXiFzHAgVaRMRTMBbBJiWEW8Qym+6YdWKEWDyDP2d0WwxLeL8mPnL06e4
gdmqVOSZ5nUQnXROMWhMYrs3ZEbYwCWOyKkDGWbkp/sMn3Mu+8AfxwnVVduF2Fjg
7xWlCvzJ/Qhtz+qN5tzzdY6+2RpZaQEyiRaedTpsNQQebSN7lCj2pyba5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqcVt6sSFDBw8PlJAYA7bl3Vq9kMB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjrtWBk63
CTEdAXqa6iwTx1nNovXDB/sOdzAfRgGwgwKlt8zYzk4mfevyp6bTcw3jX+WKkHt4
oKTE9++TR4ozk5Tv2CZA1O8KAVBpLR1NEtCuWK5TFqs8YNh7O1meOD80fSEfk2bK
mV5W8/3eTLzpaQsjDH0ZDLAmIbhsR069XNnXdv1Ak/FOkkNE2T4KzNhaGCUuL0k5
YYmUEQnNT78TFS3v+W1NjIVj9+RDl41wZQEFirRs+qNHkZvTk4OEhlitLNr6+/hx
QsogmhNn2aaStwjg+FNW9xm0IWEfnnRz8Saw4yC95CpBYgrrY9v/3relbuT/9vzX
nudE8puPsU0GHQ==
-----END CERTIFICATE-----