Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
File:                     HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json)
Hash identifier:          rDRFWVFAT4rmQELMA2o8b58FUMo3cBYl1dTcsMhkraw=
Subject key identifier:   6B:15:D1:E4:67:FA:60:0A:6E:41:9C:72:B8:86:9D:34:DE:95:CD:C6
Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3
Certificate issuer:       /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
Certificate serial:       019A71B7978597C99F0905292B84C272E3E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
Manifest number:          12EC
Signing time:             Tue 11 Nov 2025 07:00:48 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:48 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:48 +0000
Files and hashes:         1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: 8CQAGxkSVdBJb86UbRAUca9OT/K3LS3Ql8W89JZBIj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:97:85:97:c9:9f:09:05:29:2b:84:c2:72:e3:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3
        Validity
            Not Before: Nov 11 07:00:48 2025 GMT
            Not After : Nov 12 07:00:48 2025 GMT
        Subject: CN=6b15d1e467fa600a6e419c72b8869d34de95cdc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:29:48:96:57:80:49:a6:45:b7:0b:55:28:d5:
                    72:0f:01:da:8f:55:8a:03:eb:50:35:a1:5a:71:7d:
                    0c:16:d3:d1:d2:e0:96:cb:73:71:fd:24:e1:a0:62:
                    39:1e:e8:54:a5:20:ed:40:6b:e4:b3:f0:20:03:f3:
                    9e:f9:00:98:36:43:bc:ab:d5:46:68:df:0a:3a:d0:
                    cf:5d:2a:b1:de:fc:2c:f0:f6:85:7d:7d:07:4e:3c:
                    87:7c:19:bb:65:e4:64:53:66:9e:6b:cb:61:4e:04:
                    37:d8:89:f9:11:50:6a:43:66:10:77:1f:e2:fa:20:
                    24:6c:0f:2c:de:04:92:d1:b5:47:03:24:8c:ea:e0:
                    b1:b0:3a:fb:e1:a2:4a:62:ab:f3:28:9e:bd:76:5d:
                    bb:93:14:7b:b8:80:52:e6:eb:d0:66:60:f4:8c:00:
                    3a:22:31:e7:5a:f2:70:d6:38:b4:a2:99:36:b2:85:
                    0b:31:0e:38:3c:ce:b4:d7:30:1d:40:29:6c:98:2a:
                    42:62:b6:13:ca:05:d1:8d:92:94:dc:45:7b:ca:7c:
                    f1:ee:7c:14:95:e1:cc:a7:73:e3:ad:6a:d8:78:44:
                    c4:e5:39:9d:4c:22:b7:a0:32:32:59:4a:8d:e6:39:
                    96:94:b8:56:84:6d:28:20:c1:86:00:b5:f2:df:1c:
                    f2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:15:D1:E4:67:FA:60:0A:6E:41:9C:72:B8:86:9D:34:DE:95:CD:C6
            X509v3 Authority Key Identifier:
                keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e3:9b:f4:4b:64:c8:6a:f9:ea:6c:94:db:c9:9a:57:96:25:88:
         40:09:a1:d5:74:16:86:65:4d:78:6f:8a:8a:66:1a:9e:5e:57:
         f2:33:5d:f1:03:1f:9e:67:0e:43:2f:e0:b0:61:89:36:78:0c:
         4a:63:17:aa:ef:66:d3:03:a3:c8:16:33:c8:1b:b1:75:0a:95:
         2d:12:ba:6a:a8:71:a6:7b:29:5d:91:d8:57:df:72:c4:16:bc:
         e7:1d:61:0c:b5:25:d7:a8:99:06:ca:07:2b:0e:80:b5:e3:4c:
         10:21:a2:a5:b6:f7:c8:ae:6c:cb:89:83:d9:3d:86:df:3b:86:
         7d:85:f7:8c:6d:00:cb:20:8a:af:ae:a2:df:5b:76:aa:ed:6e:
         25:a8:72:e3:4a:15:05:27:12:47:9a:99:5d:ba:80:1e:eb:a6:
         9c:aa:af:13:ac:97:51:9d:fb:1c:1a:19:3d:c6:2d:bb:e1:e4:
         57:e8:d6:41:5f:6d:00:73:48:54:03:ca:86:38:32:db:a8:a2:
         23:68:33:ae:9e:54:8a:24:b9:22:f7:62:e9:53:8e:d5:84:1b:
         41:bb:8b:4d:01:49:2d:ed:d9:6d:6d:0e:33:62:ed:4c:24:d9:
         58:d4:bb:46:87:f2:93:1c:06:0a:39:7c:93:4c:22:35:b7:a8:
         06:6b:4f:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5eFl8mfCQUpK4TCcuPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2
Yjc1ZDMwHhcNMjUxMTExMDcwMDQ4WhcNMjUxMTEyMDcwMDQ4WjAzMTEwLwYDVQQD
Eyg2YjE1ZDFlNDY3ZmE2MDBhNmU0MTljNzJiODg2OWQzNGRlOTVjZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ClIlleASaZFtwtVKNVyDwHaj1WK
A+tQNaFacX0MFtPR0uCWy3Nx/SThoGI5HuhUpSDtQGvks/AgA/Oe+QCYNkO8q9VG
aN8KOtDPXSqx3vws8PaFfX0HTjyHfBm7ZeRkU2aea8thTgQ32In5EVBqQ2YQdx/i
+iAkbA8s3gSS0bVHAySM6uCxsDr74aJKYqvzKJ69dl27kxR7uIBS5uvQZmD0jAA6
IjHnWvJw1ji0opk2soULMQ44PM601zAdQClsmCpCYrYTygXRjZKU3EV7ynzx7nwU
leHMp3PjrWrYeETE5TmdTCK3oDIyWUqN5jmWlLhWhG0oIMGGALXy3xzyZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGsV0eRn+mAKbkGccriGnTTelc3GMB8GA1UdIwQY
MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt
NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5
LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA45v0S2TI
avnqbJTbyZpXliWIQAmh1XQWhmVNeG+KimYanl5X8jNd8QMfnmcOQy/gsGGJNngM
SmMXqu9m0wOjyBYzyBuxdQqVLRK6aqhxpnspXZHYV99yxBa85x1hDLUl16iZBsoH
Kw6AteNMECGipbb3yK5sy4mD2T2G3zuGfYX3jG0AyyCKr66i31t2qu1uJahy40oV
BScSR5qZXbqAHuumnKqvE6yXUZ37HBoZPcYtu+HkV+jWQV9tAHNIVAPKhjgy26ii
I2gzrp5UiiS5Ivdi6VOO1YQbQbuLTQFJLe3ZbW0OM2LtTCTZWNS7RofykxwGCjl8
k0wiNbeoBmtPpg==
-----END CERTIFICATE-----