Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          aOx0HYzJBLjUEVCzg0i6jL+q0upUKiwXcLHjfxN9bjQ=
Subject key identifier:   E6:B8:0A:5D:59:25:26:93:04:52:26:CE:7B:87:8B:63:A5:3D:C6:C2
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       019A70DC2CB2BC3C611DD78960F7C471880E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          066A
Signing time:             Tue 11 Nov 2025 03:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:08 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: cLlDdR9fap1juAJI67AeawV0t6UrV4e4NATGghPkIRk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:2c:b2:bc:3c:61:1d:d7:89:60:f7:c4:71:88:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Nov 11 03:01:08 2025 GMT
            Not After : Nov 12 03:01:08 2025 GMT
        Subject: CN=e6b80a5d59252693045226ce7b878b63a53dc6c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:40:79:a3:5b:e0:8f:7e:d9:7f:6d:ac:50:a6:
                    eb:47:6e:b7:6e:82:da:95:b8:41:33:fb:82:4a:d4:
                    35:d2:5a:e8:6c:7f:08:a8:6e:5f:b5:da:ed:1d:80:
                    6c:e9:db:f1:38:9b:a5:70:4e:0e:a0:c0:df:83:f2:
                    72:7b:87:69:cc:3e:fa:ce:98:4c:3c:23:cc:1e:c4:
                    40:20:cc:39:c8:1b:cd:7a:5e:1d:6f:22:d5:03:40:
                    a1:e1:7f:84:b9:9f:42:f7:21:c6:9d:6c:c2:ca:94:
                    04:a1:23:e4:81:d3:89:4a:05:af:78:1b:76:83:3f:
                    68:55:4e:1a:9c:f9:bf:d3:cf:4e:fb:a3:12:74:d8:
                    bd:95:bf:3a:6c:e1:6d:a0:80:ca:ca:9e:60:a3:c4:
                    2e:af:a5:bf:44:a0:38:83:89:b5:9b:15:17:3e:9b:
                    3b:5d:32:1e:b9:ee:e5:25:a7:17:32:c2:25:60:45:
                    50:4c:f0:a6:cd:04:22:71:9f:bb:41:87:d7:9e:61:
                    1e:79:83:93:ed:96:3b:e1:97:bf:e5:bb:5b:c3:ac:
                    e0:d4:f9:f3:39:4c:b9:89:b6:58:5b:0f:7f:d0:46:
                    f6:a9:ae:f8:41:ff:a3:53:e0:de:b6:71:b7:1b:93:
                    08:8b:8e:52:ff:ec:81:81:57:40:89:49:d4:52:19:
                    14:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:B8:0A:5D:59:25:26:93:04:52:26:CE:7B:87:8B:63:A5:3D:C6:C2
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:96:4f:57:ca:14:63:d7:76:21:4c:01:f5:32:fb:1c:28:a9:
         eb:81:cd:4f:f2:6a:3e:2a:a4:29:96:e1:16:9d:54:db:f3:9f:
         d4:1d:86:f7:18:c8:9c:02:b3:da:b8:6c:64:b8:e3:52:8a:d0:
         1d:43:45:67:c9:a3:ac:a7:50:ee:e7:43:37:96:ec:97:c9:3a:
         40:2e:c9:99:1c:b2:b5:74:df:c5:3a:e7:b9:a4:05:53:7c:d5:
         8e:1c:09:a9:6a:72:2e:20:36:4e:60:36:af:34:0e:d7:aa:97:
         7f:82:cf:8e:ba:29:f0:e5:5a:30:de:85:4d:b6:be:1d:01:ea:
         5b:91:bf:43:3d:90:3a:ae:97:dc:50:b5:a2:f0:74:fd:db:53:
         d1:9f:05:99:c6:5a:4f:56:ac:34:b4:50:3c:17:b2:cd:d9:68:
         c1:77:3c:be:44:ba:1b:8c:5c:c0:99:f7:13:8d:72:51:99:9a:
         bb:ae:d5:05:f6:e0:77:ae:e4:2b:a6:5c:56:9c:e4:ce:e9:15:
         74:7d:d6:80:c8:05:83:2a:e2:61:b7:49:96:4d:00:47:7e:3e:
         98:7d:85:2b:77:ee:11:89:ba:97:16:4b:f5:32:94:fb:5a:70:
         fd:e1:4b:2a:b6:a9:e0:54:da:d7:6f:96:3f:61:aa:a8:26:cf:
         72:d5:0b:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3CyyvDxhHdeJYPfEcYgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjUxMTExMDMwMTA4WhcNMjUxMTEyMDMwMTA4WjAzMTEwLwYDVQQD
EyhlNmI4MGE1ZDU5MjUyNjkzMDQ1MjI2Y2U3Yjg3OGI2M2E1M2RjNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0B5o1vgj37Zf22sUKbrR263boLa
lbhBM/uCStQ10lrobH8IqG5ftdrtHYBs6dvxOJulcE4OoMDfg/Jye4dpzD76zphM
PCPMHsRAIMw5yBvNel4dbyLVA0Ch4X+EuZ9C9yHGnWzCypQEoSPkgdOJSgWveBt2
gz9oVU4anPm/089O+6MSdNi9lb86bOFtoIDKyp5go8Qur6W/RKA4g4m1mxUXPps7
XTIeue7lJacXMsIlYEVQTPCmzQQicZ+7QYfXnmEeeYOT7ZY74Ze/5btbw6zg1Pnz
OUy5ibZYWw9/0Eb2qa74Qf+jU+DetnG3G5MIi45S/+yBgVdAiUnUUhkULwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOa4Cl1ZJSaTBFImznuHi2OlPcbCMB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjpZPV8oU
Y9d2IUwB9TL7HCip64HNT/JqPiqkKZbhFp1U2/Of1B2G9xjInAKz2rhsZLjjUorQ
HUNFZ8mjrKdQ7udDN5bsl8k6QC7JmRyytXTfxTrnuaQFU3zVjhwJqWpyLiA2TmA2
rzQO16qXf4LPjrop8OVaMN6FTba+HQHqW5G/Qz2QOq6X3FC1ovB0/dtT0Z8FmcZa
T1asNLRQPBeyzdlowXc8vkS6G4xcwJn3E41yUZmau67VBfbgd67kK6ZcVpzkzukV
dH3WgMgFgyriYbdJlk0AR34+mH2FK3fuEYm6lxZL9TKU+1pw/eFLKrap4FTa12+W
P2GqqCbPctULQw==
-----END CERTIFICATE-----