Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
File:                     hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json)
Hash identifier:          AKjVaqOYyQzIZr/Pvcw9cLfdCtGMvTYI1Pgn1lT+ja4=
Subject key identifier:   75:8E:0E:79:C2:9C:34:A2:F1:F6:3D:ED:09:1D:48:B4:35:10:9F:62
Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C
Certificate issuer:       /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
Certificate serial:       019A54BFDD30D939F15A1C899972A26C3484
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
Manifest number:          0960
Signing time:             Wed 05 Nov 2025 16:00:51 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:51 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:51 +0000
Files and hashes:         1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: 9uj9Er1tolOl+jkyIUH0IBGAWgg7mZHz9dGJ1gsZe1I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 12:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:dd:30:d9:39:f1:5a:1c:89:99:72:a2:6c:34:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c
        Validity
            Not Before: Nov  5 16:00:51 2025 GMT
            Not After : Nov  6 16:00:51 2025 GMT
        Subject: CN=758e0e79c29c34a2f1f63ded091d48b435109f62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:89:61:37:2f:59:1b:ad:1a:fd:20:c3:75:19:
                    1d:ee:af:af:74:23:83:f4:b8:bc:ee:72:eb:09:7c:
                    ae:8b:c1:d7:d1:dc:b8:dc:c4:c0:15:a0:f7:f7:99:
                    6a:8d:ec:11:13:5a:1a:cb:e0:5e:12:38:18:b4:6e:
                    77:00:82:ef:ef:69:8f:13:63:09:22:c6:25:15:0e:
                    76:2a:48:4a:af:6e:0f:34:69:d6:6b:b7:5e:8a:9b:
                    81:91:94:ac:55:7f:80:3e:b2:6f:b8:56:2a:91:74:
                    7e:cd:a1:14:4d:49:30:0e:f2:c7:75:6b:d7:6f:74:
                    cb:5f:92:f1:08:5a:fb:16:d9:79:a3:ce:6f:8f:69:
                    2f:70:51:6a:0d:94:29:bf:69:0e:43:60:7c:32:4a:
                    1e:86:55:66:d8:56:3f:9f:a2:f5:7e:b4:0b:ef:ee:
                    6a:ec:db:db:c5:68:1a:1e:4c:5e:f4:a3:e6:5d:fc:
                    0e:08:82:d7:23:ae:4b:36:55:0a:fd:36:89:cf:b6:
                    73:e1:11:d4:a1:58:09:66:5d:36:03:3d:d1:b9:73:
                    ee:c7:a8:d2:8c:c3:59:1d:ab:db:25:1f:e9:f8:4c:
                    14:15:df:7c:b1:2d:af:ed:9d:b4:8e:49:27:2f:b1:
                    6e:4d:a6:5a:7c:cc:4b:e9:18:ab:40:e1:f6:98:59:
                    92:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8E:0E:79:C2:9C:34:A2:F1:F6:3D:ED:09:1D:48:B4:35:10:9F:62
            X509v3 Authority Key Identifier:
                keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:74:33:c5:de:c4:47:aa:38:3a:fa:65:d7:8f:5f:b4:64:ce:
         17:d7:4c:2e:ef:eb:cd:5c:65:31:b1:68:35:29:32:fb:b7:7e:
         73:02:ca:46:69:66:d4:7f:3e:d9:1e:be:30:cc:29:a4:2a:20:
         ed:92:a8:f7:f2:1d:9e:dc:5c:38:cf:64:83:d4:62:8c:fd:9b:
         e4:c0:ee:5b:4b:22:5b:85:80:3e:bb:f3:2a:b2:34:48:2d:22:
         5a:a0:58:77:00:7d:4c:6a:9a:d3:32:3d:2c:95:7b:68:fe:80:
         1b:b8:2d:36:ee:d2:85:4c:4a:4d:39:aa:68:4e:8a:f1:c2:09:
         e1:4d:4a:11:8e:61:4c:d9:8d:2d:1e:8e:45:81:40:2f:2d:a4:
         9c:e7:ba:86:a1:3c:e9:0d:7a:03:af:1d:6d:1b:91:55:04:da:
         d2:c4:74:74:bc:e7:9f:46:ad:27:a0:57:39:a0:b6:4c:70:04:
         ea:f9:33:b4:e6:3e:7e:43:24:1e:b0:39:a4:dc:98:28:d6:d5:
         d3:f3:1f:47:3d:5a:94:82:84:94:44:99:81:08:e0:7a:b4:7a:
         21:6a:3f:33:38:9b:9a:5c:58:81:7e:1f:29:6d:52:f8:76:fa:
         e9:99:2a:65:c8:c5:01:3a:45:2f:bc:fd:7c:57:d3:9a:d4:07:
         e6:61:02:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv90w2TnxWhyJmXKibDSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw
M2UyMmMwHhcNMjUxMTA1MTYwMDUxWhcNMjUxMTA2MTYwMDUxWjAzMTEwLwYDVQQD
Eyg3NThlMGU3OWMyOWMzNGEyZjFmNjNkZWQwOTFkNDhiNDM1MTA5ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YlhNy9ZG60a/SDDdRkd7q+vdCOD
9Li87nLrCXyui8HX0dy43MTAFaD395lqjewRE1oay+BeEjgYtG53AILv72mPE2MJ
IsYlFQ52KkhKr24PNGnWa7deipuBkZSsVX+APrJvuFYqkXR+zaEUTUkwDvLHdWvX
b3TLX5LxCFr7Ftl5o85vj2kvcFFqDZQpv2kOQ2B8MkoehlVm2FY/n6L1frQL7+5q
7NvbxWgaHkxe9KPmXfwOCILXI65LNlUK/TaJz7Zz4RHUoVgJZl02Az3RuXPux6jS
jMNZHavbJR/p+EwUFd98sS2v7Z20jkknL7FuTaZafMxL6RirQOH2mFmS2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWODnnCnDSi8fY97QkdSLQ1EJ9iMB8GA1UdIwQY
MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt
MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4
LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx3Qzxd7E
R6o4Ovpl149ftGTOF9dMLu/rzVxlMbFoNSky+7d+cwLKRmlm1H8+2R6+MMwppCog
7ZKo9/IdntxcOM9kg9RijP2b5MDuW0siW4WAPrvzKrI0SC0iWqBYdwB9TGqa0zI9
LJV7aP6AG7gtNu7ShUxKTTmqaE6K8cIJ4U1KEY5hTNmNLR6ORYFALy2knOe6hqE8
6Q16A68dbRuRVQTa0sR0dLznn0atJ6BXOaC2THAE6vkztOY+fkMkHrA5pNyYKNbV
0/MfRz1alIKElESZgQjgerR6IWo/MzibmlxYgX4fKW1S+Hb66ZkqZcjFATpFL7z9
fFfTmtQH5mECag==
-----END CERTIFICATE-----