Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
File:                     hvKEMvItcjPdX3Xz07HMCHN4-0g.mft (raw, json)
Hash identifier:          k3wGuoMnrbe62FnZX3tFUG1Ab+d4yri1B/ozP1pR6zY=
Subject key identifier:   F5:96:6C:40:91:AA:62:5F:C7:E7:E0:1E:97:81:C3:FA:2F:E2:CA:16
Authority key identifier: 86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48
Certificate issuer:       /CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
Certificate serial:       01992179620A9EDC9602EAD9D68BD07F40C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
Manifest number:          1D
Signing time:             Sun 07 Sep 2025 00:00:26 +0000
Manifest this update:     Sun 07 Sep 2025 00:00:26 +0000
Manifest next update:     Mon 08 Sep 2025 00:00:26 +0000
Files and hashes:         1: hvKEMvItcjPdX3Xz07HMCHN4-0g.crl (hash: Z9Gv+deNJrIjptL7oB/Vz1YkQZZJklMiFjdmknaS7ME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:79:62:0a:9e:dc:96:02:ea:d9:d6:8b:d0:7f:40:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48
        Validity
            Not Before: Sep  7 00:00:26 2025 GMT
            Not After : Sep  8 00:00:26 2025 GMT
        Subject: CN=f5966c4091aa625fc7e7e01e9781c3fa2fe2ca16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:5c:73:ee:2a:b4:b0:42:e4:c4:9b:82:43:23:
                    9d:89:65:2f:bb:cb:41:b1:2f:70:5c:8a:01:2d:bf:
                    73:7e:38:68:75:ec:21:22:b3:bc:46:f5:9b:4a:31:
                    0e:df:01:31:c4:87:4c:51:1f:c3:c6:73:03:af:38:
                    4a:87:e7:2f:30:49:eb:de:d2:8b:e2:88:26:cc:41:
                    91:3a:2a:8f:95:ad:fe:82:50:24:57:15:b0:d9:20:
                    af:a1:b9:c2:39:c8:5d:a7:7c:3b:c1:a1:36:0b:7f:
                    06:78:eb:6e:b1:60:dd:b0:48:d8:ea:81:1e:51:a5:
                    10:88:16:c1:ad:7e:f1:06:c7:f6:57:6e:6a:5c:b4:
                    99:d9:23:b9:3d:ce:a4:6e:31:92:9e:82:31:7d:72:
                    cf:da:2d:93:b0:5c:fe:08:8e:df:54:ac:b2:b9:3c:
                    81:c9:d8:46:16:e6:2e:c4:ed:44:f0:6c:29:a1:10:
                    d0:70:52:a1:a4:97:cf:b5:a1:7a:63:b9:5b:de:99:
                    1f:97:c5:1b:33:c4:2e:47:43:6b:8a:cd:24:94:8c:
                    94:00:d2:5f:2b:6a:9f:43:1b:06:1b:fa:e7:a0:79:
                    15:93:a9:ac:9f:2e:4c:82:69:d7:da:5d:29:07:6f:
                    9f:a6:f5:57:a1:e9:71:62:a4:12:f2:c2:46:28:17:
                    ab:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:96:6C:40:91:AA:62:5F:C7:E7:E0:1E:97:81:C3:FA:2F:E2:CA:16
            X509v3 Authority Key Identifier:
                keyid:86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:af:9e:9e:ad:9c:dd:00:22:ef:98:90:de:a3:16:49:5c:6a:
         7b:00:d8:44:c9:bc:99:97:86:5b:67:1c:37:74:bb:80:1f:f1:
         77:43:08:e4:ee:4b:37:6c:2c:7f:fd:4b:39:86:1d:76:77:30:
         cf:ba:32:37:2e:0d:9a:96:48:2e:ce:74:f6:c5:38:b5:e5:e2:
         56:d9:83:57:06:42:e1:b8:bb:7d:f6:a0:e2:59:d2:41:e1:0a:
         a4:77:32:a6:b9:5c:04:42:12:7c:90:f2:68:aa:6f:46:19:9f:
         48:1c:06:16:13:ac:b8:4c:6e:cf:ed:5a:18:27:b1:34:cd:df:
         5e:1b:41:d1:ea:0c:b3:89:1e:3a:e3:9a:f6:46:77:1b:3d:e9:
         db:dd:8f:83:a5:9a:7f:7d:b4:98:6f:49:31:56:76:36:d5:bf:
         c4:44:50:8b:ae:7f:b1:6a:39:1f:75:ff:1a:7c:25:5d:db:f2:
         2e:b1:8b:12:89:87:6f:50:61:bf:8e:4c:2f:e8:3d:2b:34:5d:
         b2:eb:c0:bb:db:db:89:51:e3:1c:11:d0:b0:e5:cf:af:ad:d0:
         8d:d7:45:ec:79:ef:c7:3e:3f:90:ec:e7:cd:44:92:87:fe:28:
         31:fc:02:63:e6:ad:bb:7c:87:33:52:79:0e:4b:51:eb:11:62:
         7b:b8:bf:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkheWIKntyWAurZ1ovQf0DIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZjI4NDMyZjIyZDcyMzNkZDVmNzVmM2QzYjFjYzA4NzM3
OGZiNDgwHhcNMjUwOTA3MDAwMDI2WhcNMjUwOTA4MDAwMDI2WjAzMTEwLwYDVQQD
EyhmNTk2NmM0MDkxYWE2MjVmYzdlN2UwMWU5NzgxYzNmYTJmZTJjYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vxz7iq0sELkxJuCQyOdiWUvu8tB
sS9wXIoBLb9zfjhodewhIrO8RvWbSjEO3wExxIdMUR/DxnMDrzhKh+cvMEnr3tKL
4ogmzEGROiqPla3+glAkVxWw2SCvobnCOchdp3w7waE2C38GeOtusWDdsEjY6oEe
UaUQiBbBrX7xBsf2V25qXLSZ2SO5Pc6kbjGSnoIxfXLP2i2TsFz+CI7fVKyyuTyB
ydhGFuYuxO1E8GwpoRDQcFKhpJfPtaF6Y7lb3pkfl8UbM8QuR0Nris0klIyUANJf
K2qfQxsGG/rnoHkVk6msny5MgmnX2l0pB2+fpvVXoelxYqQS8sJGKBerEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWWbECRqmJfx+fgHpeBw/ov4soWMB8GA1UdIwQY
MBaAFIbyhDLyLXIz3V9189OxzAhzePtIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjct
ZmU1MWE0OGM2ODAxLzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjctZmU1MWE0OGM2ODAx
LzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsK+enq2c
3QAi75iQ3qMWSVxqewDYRMm8mZeGW2ccN3S7gB/xd0MI5O5LN2wsf/1LOYYddncw
z7oyNy4NmpZILs509sU4teXiVtmDVwZC4bi7ffag4lnSQeEKpHcyprlcBEISfJDy
aKpvRhmfSBwGFhOsuExuz+1aGCexNM3fXhtB0eoMs4keOuOa9kZ3Gz3p292Pg6Wa
f320mG9JMVZ2NtW/xERQi65/sWo5H3X/GnwlXdvyLrGLEomHb1Bhv45ML+g9KzRd
suvAu9vbiVHjHBHQsOXPr63QjddF7Hnvxz4/kOznzUSSh/4oMfwCY+atu3yHM1J5
DktR6xFie7i/cQ==
-----END CERTIFICATE-----