Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          LnwigSp1Jee6h4Yfl9MluDMouBNpWXyV6csS7hAkInk=
Subject key identifier:   4B:F0:AE:7D:06:7C:6B:DE:89:35:2F:BE:B9:6B:FA:D2:C2:EA:F6:08
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019A722607B53FE83E39B0B0C29B74499C7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          06F0
Signing time:             Tue 11 Nov 2025 09:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:25 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: H31IVJxsncL3ooJqISqxeGKd8/41YmoqeWEjILuNhYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:07:b5:3f:e8:3e:39:b0:b0:c2:9b:74:49:9c:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Nov 11 09:01:25 2025 GMT
            Not After : Nov 12 09:01:25 2025 GMT
        Subject: CN=4bf0ae7d067c6bde89352fbeb96bfad2c2eaf608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3b:42:c1:68:38:73:3a:3e:28:fd:26:32:45:
                    9d:30:ca:df:de:de:6b:40:78:88:e6:4b:f6:2c:28:
                    97:c6:7c:d4:b2:da:cd:65:ae:30:63:ee:5e:63:21:
                    40:98:7e:50:5e:ee:95:44:a5:05:36:c3:08:e0:1a:
                    4c:ec:cf:00:5d:28:5f:73:37:11:fe:84:fe:d3:37:
                    cd:08:1c:a9:7c:76:8b:7c:c6:59:40:e0:c5:c6:de:
                    12:fe:7d:89:e9:db:b3:cb:f9:19:1e:7a:12:96:ce:
                    63:40:c8:20:98:9d:86:29:4b:88:3c:e0:a8:55:fe:
                    c7:69:d0:c3:59:d7:78:cb:52:a1:83:18:5c:6f:bd:
                    95:59:2c:df:3a:44:fd:8a:62:2a:01:11:2c:e5:d2:
                    92:b0:7a:e9:df:f9:3b:74:51:81:f3:27:f5:1a:08:
                    a5:22:d9:54:d6:26:d4:a8:a6:2b:10:28:83:42:9e:
                    61:3a:08:ad:7b:bc:51:6b:eb:8f:51:6f:8c:db:15:
                    71:e7:a0:40:74:c0:64:ba:ba:e3:82:4c:3c:89:75:
                    dd:b7:7d:b2:8a:17:c5:f4:51:7f:70:5d:a7:76:e8:
                    b3:ae:0d:d6:c2:9b:c0:09:c8:ea:fd:ae:55:09:6f:
                    f9:1a:11:cd:a4:85:38:17:16:a2:0a:4a:94:7e:4c:
                    8e:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F0:AE:7D:06:7C:6B:DE:89:35:2F:BE:B9:6B:FA:D2:C2:EA:F6:08
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:71:4f:5b:96:2b:a8:90:c5:c7:5f:35:7c:c0:45:00:b5:18:
         d6:ac:98:50:35:29:47:ac:3a:00:91:cb:b6:63:81:9d:bb:6c:
         01:a7:91:30:f3:76:5a:c0:67:1b:30:74:5e:f5:cd:93:60:6f:
         b2:d2:45:55:16:8b:07:fe:b9:5a:87:67:8b:f6:07:4a:46:c6:
         c8:f0:48:f5:b2:74:f5:bd:db:cb:70:4d:6b:a1:fd:1b:60:e4:
         f2:8e:85:04:b8:2e:c6:53:e6:e8:1b:3e:90:08:3b:f8:ef:03:
         b9:91:4f:21:98:6f:c8:68:66:c9:f4:3b:03:9c:7e:66:87:fc:
         dc:f8:de:d1:b2:2c:82:da:3f:a3:be:86:69:d2:e0:0f:0b:ac:
         2f:26:f2:2e:c7:07:bb:81:04:29:48:f2:17:44:c0:b5:7f:2a:
         1c:e4:98:8d:28:28:37:0f:0a:3a:74:af:a7:db:48:1f:ef:cd:
         5a:7a:7f:c7:2a:91:a2:7e:c2:6f:9f:1d:da:e6:1e:82:4b:06:
         94:b4:11:38:38:3b:d8:e5:2d:fa:f1:05:71:07:3e:e4:26:24:
         c4:f6:81:3a:1e:3c:39:ce:d7:1e:21:74:77:92:e7:f2:7a:94:
         d8:8a:03:41:94:16:92:37:69:7c:81:e7:8c:bd:2d:37:bf:78:
         69:39:36:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJge1P+g+ObCwwpt0SZx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUxMTExMDkwMTI1WhcNMjUxMTEyMDkwMTI1WjAzMTEwLwYDVQQD
Eyg0YmYwYWU3ZDA2N2M2YmRlODkzNTJmYmViOTZiZmFkMmMyZWFmNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjtCwWg4czo+KP0mMkWdMMrf3t5r
QHiI5kv2LCiXxnzUstrNZa4wY+5eYyFAmH5QXu6VRKUFNsMI4BpM7M8AXShfczcR
/oT+0zfNCBypfHaLfMZZQODFxt4S/n2J6duzy/kZHnoSls5jQMggmJ2GKUuIPOCo
Vf7HadDDWdd4y1Khgxhcb72VWSzfOkT9imIqAREs5dKSsHrp3/k7dFGB8yf1Ggil
ItlU1ibUqKYrECiDQp5hOgite7xRa+uPUW+M2xVx56BAdMBkurrjgkw8iXXdt32y
ihfF9FF/cF2nduizrg3WwpvACcjq/a5VCW/5GhHNpIU4FxaiCkqUfkyO8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvwrn0GfGveiTUvvrlr+tLC6vYIMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYXFPW5Yr
qJDFx181fMBFALUY1qyYUDUpR6w6AJHLtmOBnbtsAaeRMPN2WsBnGzB0XvXNk2Bv
stJFVRaLB/65Wodni/YHSkbGyPBI9bJ09b3by3BNa6H9G2Dk8o6FBLguxlPm6Bs+
kAg7+O8DuZFPIZhvyGhmyfQ7A5x+Zof83Pje0bIsgto/o76GadLgDwusLybyLscH
u4EEKUjyF0TAtX8qHOSYjSgoNw8KOnSvp9tIH+/NWnp/xyqRon7Cb58d2uYegksG
lLQRODg72OUt+vEFcQc+5CYkxPaBOh48Oc7XHiF0d5Ln8nqU2IoDQZQWkjdpfIHn
jL0tN794aTk2iA==
-----END CERTIFICATE-----