Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          d5gwUMkBpRLxjor7oVrdlLh0rHRv+dT80H353000y20=
Subject key identifier:   07:6B:F2:3C:97:CD:06:46:ED:10:9C:79:E7:D6:05:88:42:F9:82:40
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019A72265C8A4C3127FF7B9128CA025B07D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          171A
Signing time:             Tue 11 Nov 2025 09:01:47 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:47 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:47 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: oxnqxFDAXntet/L9GLQVcKj6dtZ2W7srN0JAsO7ONow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:5c:8a:4c:31:27:ff:7b:91:28:ca:02:5b:07:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Nov 11 09:01:47 2025 GMT
            Not After : Nov 12 09:01:47 2025 GMT
        Subject: CN=076bf23c97cd0646ed109c79e7d6058842f98240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5d:04:cc:a2:72:f5:10:52:7a:9a:2c:54:f9:
                    cf:ef:24:27:21:5e:35:3e:66:4b:56:a9:4f:8a:60:
                    7e:b7:58:78:97:df:5a:c6:ef:a6:6f:68:69:a0:c7:
                    47:08:26:51:64:1c:ff:ab:3a:27:e1:60:ef:52:de:
                    80:d1:06:55:94:18:d6:39:a3:22:9b:78:96:91:9f:
                    8b:aa:62:88:92:7d:0e:a2:67:0d:2f:d0:62:f5:2e:
                    bf:ab:62:ed:1d:1b:05:a4:5e:0e:e2:db:35:68:41:
                    d7:6a:ad:02:fb:2c:4f:20:27:c2:82:75:6b:12:25:
                    12:46:5f:86:e1:fa:50:6d:0d:c2:90:05:8a:f1:a7:
                    69:56:52:08:ac:9d:ae:43:14:44:b6:5f:1a:99:ad:
                    35:41:fe:59:72:f4:1a:4c:7f:86:fe:bc:d6:b4:4c:
                    6e:be:6a:68:ae:d1:88:b6:18:27:62:39:56:a1:ea:
                    7c:5d:9d:94:73:55:24:df:2d:60:4a:ff:ef:f1:49:
                    07:66:01:68:37:f0:ff:3d:42:15:b7:7e:0a:eb:5e:
                    2c:69:ca:e6:ce:62:7e:2d:93:db:93:45:7c:42:5f:
                    2d:0b:95:6d:7e:be:00:cd:3d:af:e6:58:e4:8d:77:
                    b9:d0:5f:93:66:e5:fa:81:02:af:d4:2c:15:06:6f:
                    a1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:6B:F2:3C:97:CD:06:46:ED:10:9C:79:E7:D6:05:88:42:F9:82:40
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:bb:fa:20:55:46:7a:ad:8b:5a:21:59:22:e2:15:c2:7f:0c:
         c6:72:3a:57:eb:4e:58:e2:d5:8e:be:c5:db:4b:1d:6a:ee:d3:
         c0:6d:aa:e3:61:ce:c7:f8:b3:2d:38:54:1b:5f:03:e4:29:3d:
         3f:e0:e8:14:9d:db:fe:99:35:2f:99:d8:6b:99:3d:53:f7:03:
         c1:01:50:4c:b3:31:8e:e6:ba:7a:07:fb:cc:61:86:ac:d8:b4:
         e0:53:d8:95:f3:0f:27:55:01:8b:30:ea:2e:fd:96:8d:49:35:
         11:83:1d:7a:08:dd:64:b8:63:ac:27:f8:ff:70:82:42:8d:10:
         85:f9:af:c6:72:fd:b5:b5:d5:f6:6e:f8:44:c3:79:46:51:33:
         24:0f:33:d3:15:22:06:37:c4:4c:25:25:79:17:7d:ce:21:91:
         23:25:97:6e:98:9f:33:1f:98:b0:c4:bb:16:5c:9c:bc:11:52:
         fa:c6:ab:25:4b:e2:de:7b:be:8b:65:95:64:9a:3e:2b:e6:7d:
         1d:49:34:32:8b:c3:b2:57:62:a7:4e:af:c4:35:17:0d:dc:6c:
         42:b0:f6:7f:78:65:d0:2b:65:22:31:a5:44:8e:84:11:18:72:
         64:93:a4:12:ad:1e:3d:8a:1c:ca:99:e6:b7:d7:00:cf:81:91:
         07:32:db:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlyKTDEn/3uRKMoCWwfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUxMTExMDkwMTQ3WhcNMjUxMTEyMDkwMTQ3WjAzMTEwLwYDVQQD
EygwNzZiZjIzYzk3Y2QwNjQ2ZWQxMDljNzllN2Q2MDU4ODQyZjk4MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV0EzKJy9RBSeposVPnP7yQnIV41
PmZLVqlPimB+t1h4l99axu+mb2hpoMdHCCZRZBz/qzon4WDvUt6A0QZVlBjWOaMi
m3iWkZ+LqmKIkn0OomcNL9Bi9S6/q2LtHRsFpF4O4ts1aEHXaq0C+yxPICfCgnVr
EiUSRl+G4fpQbQ3CkAWK8adpVlIIrJ2uQxREtl8ama01Qf5ZcvQaTH+G/rzWtExu
vmportGIthgnYjlWoep8XZ2Uc1Uk3y1gSv/v8UkHZgFoN/D/PUIVt34K614sacrm
zmJ+LZPbk0V8Ql8tC5Vtfr4AzT2v5ljkjXe50F+TZuX6gQKv1CwVBm+hqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdr8jyXzQZG7RCceefWBYhC+YJAMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADLv6IFVG
eq2LWiFZIuIVwn8MxnI6V+tOWOLVjr7F20sdau7TwG2q42HOx/izLThUG18D5Ck9
P+DoFJ3b/pk1L5nYa5k9U/cDwQFQTLMxjua6egf7zGGGrNi04FPYlfMPJ1UBizDq
Lv2WjUk1EYMdegjdZLhjrCf4/3CCQo0QhfmvxnL9tbXV9m74RMN5RlEzJA8z0xUi
BjfETCUleRd9ziGRIyWXbpifMx+YsMS7FlycvBFS+sarJUvi3nu+i2WVZJo+K+Z9
HUk0MovDsldip06vxDUXDdxsQrD2f3hl0CtlIjGlRI6EERhyZJOkEq0ePYocypnm
t9cAz4GRBzLbNQ==
-----END CERTIFICATE-----