Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
File:                     HFGW3tW6XWhucJXG1cY4xrj4uto.mft (raw, json)
Hash identifier:          E8/RoL804genAI4Bz1Asgz+msfJTTqH5nhL7PdGiO+8=
Subject key identifier:   DB:26:FC:EF:52:17:A9:1F:FC:BB:B9:05:0C:5D:B0:35:5B:9F:DE:C7
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       019A71B792EB47520A69895A32BD92D02366
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
Manifest number:          1064
Signing time:             Tue 11 Nov 2025 07:00:47 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:47 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:47 +0000
Files and hashes:         1: HFGW3tW6XWhucJXG1cY4xrj4uto.crl (hash: EkzAWf2ogwFR/NObh7YRwqFnCbRopOkafkfbENZ1Y+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:92:eb:47:52:0a:69:89:5a:32:bd:92:d0:23:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Nov 11 07:00:47 2025 GMT
            Not After : Nov 12 07:00:47 2025 GMT
        Subject: CN=db26fcef5217a91ffcbbb9050c5db0355b9fdec7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:96:05:37:d8:52:d4:93:dc:e6:10:23:a1:01:
                    a2:bc:b0:e1:06:2c:6c:40:53:32:58:b3:3e:5c:e7:
                    d2:d0:53:ce:e1:ff:87:c6:18:1d:e9:ba:ff:1a:0e:
                    39:b6:af:b5:65:0c:3b:8f:c5:cc:5f:36:9f:b1:31:
                    94:eb:0b:e8:6c:1c:7c:13:47:33:5d:8d:67:3a:f0:
                    34:f3:f6:93:c0:2f:a6:d9:61:e6:59:51:2c:d8:94:
                    75:47:67:d4:15:d7:ed:4e:af:44:1b:df:53:91:90:
                    7d:9e:cf:2f:cc:10:04:f6:c0:c8:0b:2e:69:95:79:
                    b5:6a:d6:f4:7a:1b:19:9a:39:1c:96:d1:b4:cc:30:
                    c4:76:81:6c:f7:4b:db:04:23:8b:75:25:61:a4:85:
                    28:d7:67:59:6b:29:9d:62:d9:29:36:18:05:de:e6:
                    f4:ee:8d:5d:4b:6e:37:e6:4e:d8:e8:29:dc:a3:41:
                    a3:e6:5c:6b:d1:e7:3d:38:23:63:bf:d1:4d:11:0a:
                    8b:d3:69:45:b3:4b:cb:12:06:32:7b:0a:a2:27:d4:
                    c3:99:1e:ff:b7:c5:19:95:f0:9f:ac:af:12:8e:a4:
                    62:e0:89:86:f8:09:87:f2:65:c3:27:7a:d3:f2:ef:
                    9f:29:14:b5:d2:5b:9a:a1:a6:50:5b:5b:f5:60:a1:
                    76:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:26:FC:EF:52:17:A9:1F:FC:BB:B9:05:0C:5D:B0:35:5B:9F:DE:C7
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:d2:f5:56:09:32:aa:18:de:7a:ec:ab:1a:11:2b:e2:17:8c:
         bf:3e:f3:54:ba:64:5f:ac:3d:30:69:3d:85:4a:6e:b8:b4:7a:
         0b:89:27:99:ee:f4:76:45:df:82:43:13:ff:20:36:e4:2e:b4:
         ed:c5:f3:af:4f:e0:bf:59:87:1b:08:d5:96:4e:67:e9:87:1f:
         90:8a:be:30:bf:56:df:ef:92:72:77:ed:0e:ce:90:cc:29:4c:
         e8:9f:dc:bd:9c:d7:87:e2:a3:12:db:a4:01:78:4e:ec:d2:14:
         b3:f5:25:50:81:31:bb:08:6f:7e:fc:53:85:83:de:d1:5e:df:
         8a:eb:cc:c0:a3:72:48:73:7e:6a:22:4a:90:a6:6c:c4:69:05:
         85:c2:10:b2:65:fc:ad:66:19:24:0c:79:cb:fc:3c:32:21:47:
         3e:9f:ae:35:fa:c9:b4:ad:9e:43:67:fb:e0:58:ff:a4:85:07:
         8f:45:6d:00:fe:1d:fd:94:8f:ea:d2:a3:8e:d4:b8:88:b7:32:
         23:f9:8e:5c:21:9e:bf:4e:b3:ca:14:a7:d0:45:d7:df:2f:8f:
         f3:6a:05:e4:ed:c9:e0:a0:64:19:03:3a:85:c3:fe:11:1e:de:
         44:e4:8a:26:48:1f:fa:d1:68:c8:70:31:ab:5d:4f:61:c9:fe:
         05:64:7d:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt5LrR1IKaYlaMr2S0CNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjUxMTExMDcwMDQ3WhcNMjUxMTEyMDcwMDQ3WjAzMTEwLwYDVQQD
EyhkYjI2ZmNlZjUyMTdhOTFmZmNiYmI5MDUwYzVkYjAzNTViOWZkZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJYFN9hS1JPc5hAjoQGivLDhBixs
QFMyWLM+XOfS0FPO4f+Hxhgd6br/Gg45tq+1ZQw7j8XMXzafsTGU6wvobBx8E0cz
XY1nOvA08/aTwC+m2WHmWVEs2JR1R2fUFdftTq9EG99TkZB9ns8vzBAE9sDICy5p
lXm1atb0ehsZmjkcltG0zDDEdoFs90vbBCOLdSVhpIUo12dZaymdYtkpNhgF3ub0
7o1dS2435k7Y6Cnco0Gj5lxr0ec9OCNjv9FNEQqL02lFs0vLEgYyewqiJ9TDmR7/
t8UZlfCfrK8SjqRi4ImG+AmH8mXDJ3rT8u+fKRS10luaoaZQW1v1YKF2wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsm/O9SF6kf/Lu5BQxdsDVbn97HMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtL1Vgky
qhjeeuyrGhEr4heMvz7zVLpkX6w9MGk9hUpuuLR6C4knme70dkXfgkMT/yA25C60
7cXzr0/gv1mHGwjVlk5n6YcfkIq+ML9W3++ScnftDs6QzClM6J/cvZzXh+KjEtuk
AXhO7NIUs/UlUIExuwhvfvxThYPe0V7fiuvMwKNySHN+aiJKkKZsxGkFhcIQsmX8
rWYZJAx5y/w8MiFHPp+uNfrJtK2eQ2f74Fj/pIUHj0VtAP4d/ZSP6tKjjtS4iLcy
I/mOXCGev06zyhSn0EXX3y+P82oF5O3J4KBkGQM6hcP+ER7eROSKJkgf+tFoyHAx
q11PYcn+BWR9FA==
-----END CERTIFICATE-----