Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
File:                     HLjjf1E93Cn_15HDjJZjI2nKVFE.mft (raw, json)
Hash identifier:          07SWM0W7QfrvBnp0+Q5+5CGJVoHOxbP75xat1wScosM=
Subject key identifier:   F3:87:67:53:0C:95:67:30:C0:FF:D5:75:EE:A0:31:36:04:07:14:78
Authority key identifier: 1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51
Certificate issuer:       /CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
Certificate serial:       019A71B8486C34D006672CA297D3F18BF418
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
Manifest number:          12CC
Signing time:             Tue 11 Nov 2025 07:01:33 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:33 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:33 +0000
Files and hashes:         1: HLjjf1E93Cn_15HDjJZjI2nKVFE.crl (hash: FDXOLgTha/3QWP6t+1ab3RLbaNAglD9EmTYnTbWogDc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:48:6c:34:d0:06:67:2c:a2:97:d3:f1:8b:f4:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
        Validity
            Not Before: Nov 11 07:01:33 2025 GMT
            Not After : Nov 12 07:01:33 2025 GMT
        Subject: CN=f38767530c956730c0ffd575eea0313604071478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:63:0e:3c:83:79:83:37:51:11:33:f0:f2:e9:
                    e4:e8:b7:f0:5a:7c:2f:6f:f3:f2:b1:d0:24:c9:0e:
                    d9:7f:2f:5c:47:44:52:92:3d:27:94:ce:95:61:03:
                    92:0e:17:a4:2e:72:e2:f6:b3:47:06:08:d3:89:e7:
                    9e:f9:69:0a:c6:01:47:0e:30:fd:fd:06:2f:28:53:
                    e3:4a:33:da:63:a4:b2:be:89:4d:4f:35:56:b7:59:
                    25:35:3b:f3:32:18:7c:50:c7:d3:dc:40:8a:32:ac:
                    ca:06:a2:a5:0a:c6:ba:94:0a:43:53:1f:da:4b:59:
                    04:43:3b:a2:0f:a3:82:e7:4d:98:06:b2:a5:44:b3:
                    91:74:39:04:71:6e:6b:c8:e2:d9:8b:a4:6d:cc:51:
                    1d:ed:f9:9b:3e:79:f1:69:77:77:cd:4b:31:5c:5d:
                    22:91:6b:ea:16:5c:09:9a:5b:be:74:43:f9:9d:6a:
                    99:be:a2:ba:3b:b9:c4:3d:f9:09:b7:d3:85:0a:f3:
                    0f:f5:bd:14:d3:53:33:95:7c:59:98:65:bc:9c:2b:
                    1a:48:92:5a:74:d7:ad:af:b8:f1:26:d1:03:29:14:
                    54:64:dc:f1:a9:f3:72:e0:6e:30:54:42:d3:8a:03:
                    f8:4b:88:60:20:b3:7f:fe:57:fe:cf:ed:84:a6:33:
                    e3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:87:67:53:0C:95:67:30:C0:FF:D5:75:EE:A0:31:36:04:07:14:78
            X509v3 Authority Key Identifier:
                keyid:1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:af:30:6b:ab:76:6d:eb:55:e2:26:78:ad:5b:6e:74:c4:fd:
         65:0d:6f:d0:1c:63:5b:ae:cf:e8:74:2d:1d:90:a3:ad:e4:9e:
         50:95:e2:8b:4b:bb:fb:e2:74:bf:4d:a5:60:51:da:13:16:04:
         76:bc:74:db:79:5a:a1:e1:e3:75:04:a3:16:77:eb:a1:2b:1f:
         1b:82:40:94:bd:99:87:4b:30:07:2c:ec:f5:0e:d7:75:ed:df:
         34:e0:08:19:cd:8f:a8:ef:7f:50:8b:2c:b1:54:10:e7:c1:c4:
         91:84:8b:86:29:d7:a8:85:1a:c9:a7:a5:be:1b:d8:93:0b:00:
         d0:14:05:ba:77:da:54:26:78:16:ae:60:ba:ca:e6:a1:ee:b5:
         bc:5a:d0:06:93:63:77:5a:e0:51:c4:9c:5a:f9:87:10:d3:c8:
         dc:24:e4:fa:6a:45:7f:80:d6:d5:43:8a:d4:6b:6c:0d:1a:88:
         81:35:14:ee:94:d0:a8:58:d7:b0:02:05:0f:97:2e:df:50:ca:
         cb:d7:5b:a8:0f:2d:1b:0d:5a:3a:2c:df:86:f5:3a:62:f7:9b:
         80:b0:7e:86:ee:ac:39:54:f6:39:bf:19:99:5e:25:60:d9:40:
         16:a0:0e:e8:88:e0:c2:ca:7f:1c:b9:a6:65:d8:5a:17:a1:c7:
         75:82:3b:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEhsNNAGZyyil9Pxi/QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYjhlMzdmNTEzZGRjMjlmZmQ3OTFjMzhjOTY2MzIzNjlj
YTU0NTEwHhcNMjUxMTExMDcwMTMzWhcNMjUxMTEyMDcwMTMzWjAzMTEwLwYDVQQD
EyhmMzg3Njc1MzBjOTU2NzMwYzBmZmQ1NzVlZWEwMzEzNjA0MDcxNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GMOPIN5gzdRETPw8unk6LfwWnwv
b/PysdAkyQ7Zfy9cR0RSkj0nlM6VYQOSDhekLnLi9rNHBgjTieee+WkKxgFHDjD9
/QYvKFPjSjPaY6SyvolNTzVWt1klNTvzMhh8UMfT3ECKMqzKBqKlCsa6lApDUx/a
S1kEQzuiD6OC502YBrKlRLORdDkEcW5ryOLZi6RtzFEd7fmbPnnxaXd3zUsxXF0i
kWvqFlwJmlu+dEP5nWqZvqK6O7nEPfkJt9OFCvMP9b0U01MzlXxZmGW8nCsaSJJa
dNetr7jxJtEDKRRUZNzxqfNy4G4wVELTigP4S4hgILN//lf+z+2EpjPjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOHZ1MMlWcwwP/Vde6gMTYEBxR4MB8GA1UdIwQY
MBaAFBy4439RPdwp/9eRw4yWYyNpylRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMt
ZTFjZGIyNGMxODBiLzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMtZTFjZGIyNGMxODBi
LzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaK8wa6t2
betV4iZ4rVtudMT9ZQ1v0BxjW67P6HQtHZCjreSeUJXii0u7++J0v02lYFHaExYE
drx023laoeHjdQSjFnfroSsfG4JAlL2Zh0swByzs9Q7Xde3fNOAIGc2PqO9/UIss
sVQQ58HEkYSLhinXqIUayaelvhvYkwsA0BQFunfaVCZ4Fq5gusrmoe61vFrQBpNj
d1rgUcScWvmHENPI3CTk+mpFf4DW1UOK1GtsDRqIgTUU7pTQqFjXsAIFD5cu31DK
y9dbqA8tGw1aOizfhvU6YvebgLB+hu6sOVT2Ob8ZmV4lYNlAFqAO6Ijgwsp/HLmm
ZdhaF6HHdYI7KA==
-----END CERTIFICATE-----