Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
File:                     HLjjf1E93Cn_15HDjJZjI2nKVFE.mft (raw, json)
Hash identifier:          JDGvPPIYa8MJprIE2YamO1KjzB03H2J/ngJfcqiuRtg=
Subject key identifier:   CE:F4:1C:01:7F:22:67:A2:37:79:71:74:FD:9C:9C:1F:9C:C4:69:95
Authority key identifier: 1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51
Certificate issuer:       /CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
Certificate serial:       019923D5B06D82E98E89C4B50C4B45A64CBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
Manifest number:          121F
Signing time:             Sun 07 Sep 2025 11:00:30 +0000
Manifest this update:     Sun 07 Sep 2025 11:00:30 +0000
Manifest next update:     Mon 08 Sep 2025 11:00:30 +0000
Files and hashes:         1: HLjjf1E93Cn_15HDjJZjI2nKVFE.crl (hash: jiHpZYL7N9Gskt8kLsk6lUdJxJhyQUqwh7z2VokRPUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d5:b0:6d:82:e9:8e:89:c4:b5:0c:4b:45:a6:4c:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cb8e37f513ddc29ffd791c38c96632369ca5451
        Validity
            Not Before: Sep  7 11:00:30 2025 GMT
            Not After : Sep  8 11:00:30 2025 GMT
        Subject: CN=cef41c017f2267a237797174fd9c9c1f9cc46995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:07:a0:97:22:ed:46:f0:cb:29:16:90:d0:ce:
                    53:7e:d3:5e:aa:31:e3:e4:a3:30:b3:97:d3:da:93:
                    38:8f:64:d8:ba:52:c5:5b:65:3c:d5:e6:24:4f:b0:
                    b9:d2:54:f6:1c:6a:2a:a8:85:b4:e1:e5:fc:f8:93:
                    94:73:e6:5c:87:5a:a7:4f:63:a9:2a:20:ec:12:a8:
                    7d:d0:78:3b:b3:7b:2e:a4:55:d3:05:b2:8f:e9:68:
                    57:f4:f2:46:4c:56:bc:35:57:8f:f1:d8:5b:3b:fd:
                    27:0c:5e:c8:58:31:93:be:51:40:30:2d:dc:b3:a1:
                    7d:36:a9:93:7f:84:f3:0f:07:fc:a5:5d:c4:71:32:
                    3b:24:39:26:6a:19:9d:79:c9:69:32:aa:36:fd:e3:
                    ff:00:4a:41:db:b2:90:a0:a6:e6:7b:09:f5:b0:ec:
                    bc:e5:77:53:49:13:fe:57:b7:a6:bc:d3:1a:84:95:
                    15:cb:d9:f1:42:02:a9:c1:85:75:46:15:e0:22:a1:
                    a8:d7:12:d4:34:a1:14:8c:58:bf:a8:2b:c1:b5:be:
                    71:e7:ac:c8:61:b1:66:22:77:82:a5:5a:aa:45:19:
                    9a:62:1b:aa:55:0b:60:d7:1f:e6:3b:a7:51:76:d8:
                    55:fe:ea:da:e8:13:20:e3:f9:42:ec:96:b3:ed:b5:
                    44:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F4:1C:01:7F:22:67:A2:37:79:71:74:FD:9C:9C:1F:9C:C4:69:95
            X509v3 Authority Key Identifier:
                keyid:1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:43:e8:ab:02:4f:e9:bf:93:d0:97:22:cd:71:5e:88:76:8b:
         ae:7d:2f:f2:1c:a4:bf:45:28:0c:9c:28:ad:c6:cb:16:49:ab:
         4b:42:db:b7:f8:ff:7c:f0:97:d1:58:cb:a8:f8:20:ab:38:1b:
         65:2d:aa:11:43:77:63:af:c2:83:a3:5e:0f:18:13:b4:71:72:
         bc:06:e2:e9:7d:ac:c1:ff:fe:09:7f:55:9d:6a:b6:cc:4a:22:
         17:63:f4:19:b5:2e:f2:43:62:87:cc:d0:f4:9d:f8:6a:2a:82:
         85:e2:aa:db:26:eb:27:c7:46:e3:e1:2e:b5:5a:89:11:81:3f:
         a2:0e:19:e1:9b:dd:ef:4f:e2:70:f9:b6:39:94:72:03:c3:06:
         09:39:22:e8:e8:19:c6:87:ae:49:02:16:0f:c4:90:4b:c9:ef:
         5b:36:c9:1a:c1:de:28:fc:70:98:09:31:3b:b3:00:47:3b:dc:
         4d:66:1f:c7:4e:bc:08:d8:74:7f:dd:f6:7d:af:10:5d:97:ca:
         63:63:b6:df:a3:59:a4:72:c2:9b:b3:6e:c9:f5:a3:7f:61:3d:
         df:a2:d0:83:1f:b5:53:38:3b:ee:57:f7:00:90:28:30:cb:c1:
         86:4d:7a:bc:70:20:25:12:8a:07:04:c8:fa:a9:f2:db:fe:15:
         f6:04:c3:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1bBtgumOicS1DEtFpky+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYjhlMzdmNTEzZGRjMjlmZmQ3OTFjMzhjOTY2MzIzNjlj
YTU0NTEwHhcNMjUwOTA3MTEwMDMwWhcNMjUwOTA4MTEwMDMwWjAzMTEwLwYDVQQD
EyhjZWY0MWMwMTdmMjI2N2EyMzc3OTcxNzRmZDljOWMxZjljYzQ2OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAeglyLtRvDLKRaQ0M5TftNeqjHj
5KMws5fT2pM4j2TYulLFW2U81eYkT7C50lT2HGoqqIW04eX8+JOUc+Zch1qnT2Op
KiDsEqh90Hg7s3supFXTBbKP6WhX9PJGTFa8NVeP8dhbO/0nDF7IWDGTvlFAMC3c
s6F9NqmTf4TzDwf8pV3EcTI7JDkmahmdeclpMqo2/eP/AEpB27KQoKbmewn1sOy8
5XdTSRP+V7emvNMahJUVy9nxQgKpwYV1RhXgIqGo1xLUNKEUjFi/qCvBtb5x56zI
YbFmIneCpVqqRRmaYhuqVQtg1x/mO6dRdthV/ura6BMg4/lC7Jaz7bVExwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM70HAF/ImeiN3lxdP2cnB+cxGmVMB8GA1UdIwQY
MBaAFBy4439RPdwp/9eRw4yWYyNpylRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMt
ZTFjZGIyNGMxODBiLzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMtZTFjZGIyNGMxODBi
LzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArEPoqwJP
6b+T0JcizXFeiHaLrn0v8hykv0UoDJworcbLFkmrS0Lbt/j/fPCX0VjLqPggqzgb
ZS2qEUN3Y6/Cg6NeDxgTtHFyvAbi6X2swf/+CX9VnWq2zEoiF2P0GbUu8kNih8zQ
9J34aiqCheKq2ybrJ8dG4+EutVqJEYE/og4Z4Zvd70/icPm2OZRyA8MGCTki6OgZ
xoeuSQIWD8SQS8nvWzbJGsHeKPxwmAkxO7MARzvcTWYfx068CNh0f932fa8QXZfK
Y2O236NZpHLCm7NuyfWjf2E936LQgx+1Uzg77lf3AJAoMMvBhk16vHAgJRKKBwTI
+qny2/4V9gTDag==
-----END CERTIFICATE-----