Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          kPGameOkHkmiNVFhQ55CWyNF334dGZ2JpSQwPg+OIyg=
Subject key identifier:   3B:16:97:A8:12:4D:77:1D:4A:86:59:1B:DD:51:51:1B:39:80:B8:FE
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       019A56AF24B95C3F29C526D5847928EC5241
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          05B2
Signing time:             Thu 06 Nov 2025 01:01:50 +0000
Manifest this update:     Thu 06 Nov 2025 01:01:50 +0000
Manifest next update:     Fri 07 Nov 2025 01:01:50 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: MnmdV7lrq1irI7ABH8itVur3BCfBDcUMzn5oAGnycj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 21:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:56:af:24:b9:5c:3f:29:c5:26:d5:84:79:28:ec:52:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Nov  6 01:01:50 2025 GMT
            Not After : Nov  7 01:01:50 2025 GMT
        Subject: CN=3b1697a8124d771d4a86591bdd51511b3980b8fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f6:23:9a:77:8e:9f:21:08:78:c5:30:09:f4:
                    cf:0b:3c:eb:ab:54:0f:cf:e2:3b:42:cf:0e:88:e9:
                    2f:69:6d:06:a1:97:8f:68:18:93:95:11:13:06:bf:
                    8f:50:5d:28:14:1b:8c:f5:31:60:9f:b8:2c:88:12:
                    98:50:42:38:21:bc:23:15:1b:27:e0:1f:8c:f9:e1:
                    1b:32:ae:0a:44:1e:2d:a7:49:d3:32:e8:65:23:e4:
                    32:2e:95:4c:fb:f9:7c:11:63:35:d0:47:45:36:fc:
                    9d:7c:5d:d6:5b:ce:1e:db:6c:8d:c5:1c:fe:b6:d9:
                    83:3c:f0:21:ed:f7:32:0a:f8:c4:1b:a4:ec:c7:e3:
                    11:e5:0d:ad:99:f4:6e:bc:1b:dd:b7:49:f1:bb:83:
                    44:7e:f8:df:79:53:cd:ea:1d:16:e6:bb:ef:09:cc:
                    e9:d4:8e:f5:a1:6b:06:12:7b:3a:ac:3d:7d:77:5c:
                    7b:1f:61:47:51:63:e7:fb:1c:78:9c:9e:69:34:6d:
                    4d:55:dc:63:cf:c8:b3:cf:d0:8b:1c:ab:3d:4f:15:
                    e4:ae:8a:27:e2:58:bf:22:dc:53:02:bc:ee:a4:ea:
                    9c:df:de:c0:dc:c4:bd:b1:e0:76:cb:1f:e6:77:1a:
                    33:9c:46:05:cb:e6:bf:6c:53:ba:1b:28:1b:fb:60:
                    88:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:16:97:A8:12:4D:77:1D:4A:86:59:1B:DD:51:51:1B:39:80:B8:FE
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:22:30:2b:dc:ab:9f:eb:c8:89:bf:b1:38:68:34:00:71:f7:
         33:97:fd:af:30:69:36:15:67:59:1d:21:d0:f7:0c:73:ce:64:
         6b:3d:fa:c2:b1:e3:25:a1:29:a2:d5:13:35:c8:b9:82:5d:03:
         64:9e:24:1a:07:c0:a4:06:c4:bd:83:03:26:91:6f:c5:bc:75:
         fe:49:0e:66:37:27:d6:65:59:ed:3d:13:47:1a:b3:c0:ea:4c:
         be:0a:3c:fa:20:32:5c:fe:03:8b:14:05:e6:3a:d4:f1:ea:72:
         55:d7:21:12:2f:6b:12:4c:6f:c9:45:cf:e1:fd:6c:93:a4:6e:
         d8:55:fc:6d:50:96:4f:d8:ad:95:3e:81:73:e4:62:c6:16:ea:
         3f:2c:bb:04:67:63:db:76:62:b3:4a:cb:7e:45:db:bf:95:32:
         f8:72:3b:23:d7:77:da:08:a1:eb:5f:ab:f0:60:70:57:9b:a9:
         8c:21:00:01:31:5c:0e:c4:e6:03:28:3c:0c:bb:c9:3a:e9:81:
         7c:b9:9c:9e:f5:5b:e4:f4:61:67:a1:59:41:c2:4f:c9:98:ef:
         55:fa:8b:f3:49:36:14:4e:93:93:93:e5:02:b4:9e:c9:2a:ef:
         47:05:02:ce:7d:57:37:74:56:6e:e3:02:0d:99:8b:4e:98:0a:
         85:90:a7:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpWryS5XD8pxSbVhHko7FJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUxMTA2MDEwMTUwWhcNMjUxMTA3MDEwMTUwWjAzMTEwLwYDVQQD
EygzYjE2OTdhODEyNGQ3NzFkNGE4NjU5MWJkZDUxNTExYjM5ODBiOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vYjmneOnyEIeMUwCfTPCzzrq1QP
z+I7Qs8OiOkvaW0GoZePaBiTlRETBr+PUF0oFBuM9TFgn7gsiBKYUEI4IbwjFRsn
4B+M+eEbMq4KRB4tp0nTMuhlI+QyLpVM+/l8EWM10EdFNvydfF3WW84e22yNxRz+
ttmDPPAh7fcyCvjEG6Tsx+MR5Q2tmfRuvBvdt0nxu4NEfvjfeVPN6h0W5rvvCczp
1I71oWsGEns6rD19d1x7H2FHUWPn+xx4nJ5pNG1NVdxjz8izz9CLHKs9TxXkroon
4li/ItxTArzupOqc397A3MS9seB2yx/mdxoznEYFy+a/bFO6Gygb+2CIQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsWl6gSTXcdSoZZG91RURs5gLj+MB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCIwK9yr
n+vIib+xOGg0AHH3M5f9rzBpNhVnWR0h0PcMc85kaz36wrHjJaEpotUTNci5gl0D
ZJ4kGgfApAbEvYMDJpFvxbx1/kkOZjcn1mVZ7T0TRxqzwOpMvgo8+iAyXP4DixQF
5jrU8epyVdchEi9rEkxvyUXP4f1sk6Ru2FX8bVCWT9itlT6Bc+RixhbqPyy7BGdj
23Zis0rLfkXbv5Uy+HI7I9d32gih61+r8GBwV5upjCEAATFcDsTmAyg8DLvJOumB
fLmcnvVb5PRhZ6FZQcJPyZjvVfqL80k2FE6Tk5PlArSeySrvRwUCzn1XN3RWbuMC
DZmLTpgKhZCn9w==
-----END CERTIFICATE-----