Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
File:                     H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json)
Hash identifier:          ljjI+EiplwP2EoI24R/7BHpHCUAsPJB5IVay/e4IbHM=
Subject key identifier:   FF:53:D4:1C:4C:36:30:B6:D5:C7:DE:21:82:13:76:43:AD:D3:39:86
Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3
Certificate issuer:       /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
Certificate serial:       019A52D1A11D9FC8DD5200C58AC94C56FB8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
Manifest number:          05B0
Signing time:             Wed 05 Nov 2025 07:01:01 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:01 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:01 +0000
Files and hashes:         1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: 58LFeu55/hLsAAwRcuSDzV0S2fdZ0KkkvXoIa3EmvNs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:a1:1d:9f:c8:dd:52:00:c5:8a:c9:4c:56:fb:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3
        Validity
            Not Before: Nov  5 07:01:01 2025 GMT
            Not After : Nov  6 07:01:01 2025 GMT
        Subject: CN=ff53d41c4c3630b6d5c7de2182137643add33986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7f:dc:d5:aa:ec:e8:44:45:cf:70:09:c6:0e:
                    5f:40:ae:06:cf:54:7a:dd:b0:2b:08:83:7c:6f:25:
                    36:f4:0d:e2:36:9a:a5:e7:fe:e5:15:4b:08:23:15:
                    8d:ac:2e:92:a0:7a:b0:bc:fa:dc:98:9d:74:d7:b5:
                    b6:ec:4a:57:72:53:71:40:59:d2:1e:60:bb:c9:41:
                    39:28:f4:87:30:06:95:3f:f3:6f:72:15:af:0c:95:
                    75:40:47:c1:bb:18:0f:ba:d3:39:45:5b:bd:f4:3d:
                    24:83:56:dd:4a:8f:3e:68:61:d1:f6:fe:be:df:6e:
                    c6:0b:8b:da:b9:17:f9:32:79:55:39:fa:e6:50:4e:
                    cf:89:aa:d0:67:b1:a4:a3:f8:77:35:c9:f6:8b:7e:
                    1e:8f:e0:a7:5a:6d:e3:03:2b:c5:6f:f7:21:be:d8:
                    84:1e:fa:fe:f3:75:33:b9:4e:68:2c:ac:d7:bf:b1:
                    5a:cc:79:30:7d:8d:b5:ab:e3:58:d3:ca:1f:55:37:
                    bf:9e:61:f0:53:cb:de:dc:ed:e7:36:da:d0:ae:a2:
                    84:fc:f8:b4:63:c3:3e:03:4a:22:6a:c3:b7:20:b0:
                    bc:57:11:63:d9:d9:3d:0a:6f:9b:5d:ee:13:a4:32:
                    f4:f8:c4:da:78:49:15:a5:0d:25:3f:da:be:6a:e1:
                    3c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:53:D4:1C:4C:36:30:B6:D5:C7:DE:21:82:13:76:43:AD:D3:39:86
            X509v3 Authority Key Identifier:
                keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:2b:20:37:2f:b3:fe:32:a1:cd:bb:2d:cd:54:a1:55:12:63:
         a6:21:54:16:2b:ab:70:02:f2:22:48:f9:2f:e0:1f:d8:6e:e7:
         89:27:5a:14:c4:2a:26:51:08:18:0c:ad:7d:23:e5:da:60:db:
         26:f6:70:39:67:19:fe:3a:23:96:b6:d1:a9:d5:94:38:9f:26:
         f4:97:fc:e1:14:52:b3:4f:df:93:77:b8:92:24:e1:6f:44:ea:
         73:1c:d0:91:22:46:39:5b:b4:e7:d1:94:65:95:70:42:72:eb:
         51:72:16:e6:87:27:dc:8f:b6:fe:03:55:b3:13:ef:62:f9:bb:
         f4:08:78:8b:a8:e3:58:e4:0d:2e:17:b5:ad:ba:c9:26:ef:f5:
         f0:3b:d2:9c:b7:f9:20:7f:3c:4c:9b:6b:c2:71:c4:8f:7b:a8:
         37:54:17:72:7c:be:de:6b:b3:48:53:78:8f:77:75:73:ca:2a:
         cd:5d:0d:8b:65:ca:83:12:50:5c:c1:22:68:ab:25:29:76:62:
         8c:6d:85:a9:d0:2f:d6:ec:dd:92:01:81:04:41:a2:bd:bc:97:
         16:c1:13:45:13:59:43:62:13:80:3e:e4:09:e7:a2:e6:fb:e4:
         0e:d6:03:7f:b6:fc:59:0e:7f:2d:a4:10:4c:9d:a8:a4:85:96:
         0a:33:36:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0aEdn8jdUgDFislMVvuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj
ZWFmZTMwHhcNMjUxMTA1MDcwMTAxWhcNMjUxMTA2MDcwMTAxWjAzMTEwLwYDVQQD
EyhmZjUzZDQxYzRjMzYzMGI2ZDVjN2RlMjE4MjEzNzY0M2FkZDMzOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3X/c1ars6ERFz3AJxg5fQK4Gz1R6
3bArCIN8byU29A3iNpql5/7lFUsIIxWNrC6SoHqwvPrcmJ1017W27EpXclNxQFnS
HmC7yUE5KPSHMAaVP/NvchWvDJV1QEfBuxgPutM5RVu99D0kg1bdSo8+aGHR9v6+
327GC4vauRf5MnlVOfrmUE7PiarQZ7Gko/h3Ncn2i34ej+CnWm3jAyvFb/chvtiE
Hvr+83UzuU5oLKzXv7FazHkwfY21q+NY08ofVTe/nmHwU8ve3O3nNtrQrqKE/Pi0
Y8M+A0oiasO3ILC8VxFj2dk9Cm+bXe4TpDL0+MTaeEkVpQ0lP9q+auE82wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9T1BxMNjC21cfeIYITdkOt0zmGMB8GA1UdIwQY
MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt
ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx
LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANisgNy+z
/jKhzbstzVShVRJjpiFUFiurcALyIkj5L+Af2G7niSdaFMQqJlEIGAytfSPl2mDb
JvZwOWcZ/jojlrbRqdWUOJ8m9Jf84RRSs0/fk3e4kiThb0TqcxzQkSJGOVu059GU
ZZVwQnLrUXIW5ocn3I+2/gNVsxPvYvm79Ah4i6jjWOQNLhe1rbrJJu/18DvSnLf5
IH88TJtrwnHEj3uoN1QXcny+3muzSFN4j3d1c8oqzV0Ni2XKgxJQXMEiaKslKXZi
jG2FqdAv1uzdkgGBBEGivbyXFsETRRNZQ2ITgD7kCeei5vvkDtYDf7b8WQ5/LaQQ
TJ2opIWWCjM22A==
-----END CERTIFICATE-----