Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          ENCzthKlaBROjFC0Azn9HE4wwTbiSzcFSqThJyF4bTk=
Subject key identifier:   21:C9:13:BE:4C:0B:1F:17:6A:28:58:F0:35:CE:C7:85:A8:56:92:7C
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019A4D073B45BC7C6D7E90EBEE136109A99E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0B82
Signing time:             Tue 04 Nov 2025 04:01:50 +0000
Manifest this update:     Tue 04 Nov 2025 04:01:50 +0000
Manifest next update:     Wed 05 Nov 2025 04:01:50 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: WV5kvSwalDEJQGO63EYcscUAEhhU8x8jbKP2VYVQJ8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 04:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:07:3b:45:bc:7c:6d:7e:90:eb:ee:13:61:09:a9:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Nov  4 04:01:50 2025 GMT
            Not After : Nov  5 04:01:50 2025 GMT
        Subject: CN=21c913be4c0b1f176a2858f035cec785a856927c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:4c:49:d4:04:85:0d:b2:fa:3c:ad:75:cf:14:
                    7e:48:cf:86:06:9a:09:b8:57:0e:5f:ea:ce:f0:f5:
                    58:a9:71:a0:1c:a4:c6:83:40:6e:47:5e:42:1d:16:
                    ba:fc:a4:2c:e0:6c:ae:73:2f:ec:89:c6:57:9a:ef:
                    3e:99:12:07:bc:28:dc:84:d9:de:b8:b5:1c:35:4d:
                    bb:47:55:f3:62:de:3a:52:c8:21:f2:90:ed:48:03:
                    3c:03:33:f0:07:95:49:e6:23:96:42:be:c2:52:f9:
                    ea:64:b6:a9:34:7e:31:22:e4:4e:a3:c9:7e:11:75:
                    f7:b8:62:92:db:b4:b5:cc:1b:e5:fe:25:88:a7:3b:
                    45:61:52:41:ee:d2:a5:f1:85:e6:8b:70:a8:8d:97:
                    84:ce:3f:7a:2d:9b:db:be:68:ba:b8:c2:b4:98:e4:
                    a6:83:ba:3e:7d:67:ed:a1:b6:cd:37:54:9b:f5:81:
                    32:14:70:14:37:f0:fb:03:06:d4:b9:f4:9d:dd:31:
                    0b:a9:ce:6f:5a:2f:21:7b:7c:6e:24:64:80:cd:a2:
                    6c:00:17:68:0a:98:97:ea:64:2b:59:f2:45:ea:d2:
                    99:1d:07:22:a2:2b:3a:51:c9:f6:68:17:e7:05:08:
                    25:54:c0:0c:a4:64:73:b8:0e:88:f1:12:b1:b7:eb:
                    a1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C9:13:BE:4C:0B:1F:17:6A:28:58:F0:35:CE:C7:85:A8:56:92:7C
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:7c:78:a0:8d:07:1d:fc:8e:43:21:5a:5e:3d:32:09:9f:2f:
         93:7b:02:3f:33:d2:ce:d8:65:19:b2:83:4a:94:e9:38:ef:d9:
         06:cd:b1:43:65:31:14:7f:91:c6:40:91:16:83:f6:c6:ec:3e:
         d7:32:e1:5e:bc:5d:79:56:7a:40:ed:e3:fe:cc:32:fe:42:68:
         a4:24:f7:fe:26:0c:ca:8a:60:4f:aa:88:21:d5:dc:91:01:41:
         0d:84:3a:a0:41:1d:0e:5e:72:55:65:ec:3f:e1:20:9e:c1:36:
         69:c5:f0:ff:fb:b0:e3:84:3c:d2:fd:91:0a:5f:ae:fe:b1:6c:
         d1:0a:64:82:58:83:c7:d1:1e:d3:d1:e9:85:66:4e:1a:38:4c:
         e2:df:8f:5f:43:18:cf:cb:88:af:c9:22:eb:a2:84:1f:23:24:
         33:36:86:92:f5:34:b1:35:b4:bb:46:af:28:74:bf:ac:3b:0b:
         13:14:ff:bf:f4:fe:51:39:c8:69:16:a3:4b:14:94:d9:eb:e9:
         c3:5a:e4:05:74:95:5e:cd:1c:fc:f9:d6:c2:5e:fb:6c:24:b1:
         c0:22:ef:31:2a:da:23:bf:3d:af:e6:af:e2:73:d1:c4:60:75:
         ed:7c:ac:1c:79:9b:69:ae:53:36:89:dd:72:ae:41:bf:b2:ef:
         50:72:07:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBztFvHxtfpDr7hNhCameMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjUxMTA0MDQwMTUwWhcNMjUxMTA1MDQwMTUwWjAzMTEwLwYDVQQD
EygyMWM5MTNiZTRjMGIxZjE3NmEyODU4ZjAzNWNlYzc4NWE4NTY5MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuExJ1ASFDbL6PK11zxR+SM+GBpoJ
uFcOX+rO8PVYqXGgHKTGg0BuR15CHRa6/KQs4Gyucy/sicZXmu8+mRIHvCjchNne
uLUcNU27R1XzYt46Usgh8pDtSAM8AzPwB5VJ5iOWQr7CUvnqZLapNH4xIuROo8l+
EXX3uGKS27S1zBvl/iWIpztFYVJB7tKl8YXmi3CojZeEzj96LZvbvmi6uMK0mOSm
g7o+fWftobbNN1Sb9YEyFHAUN/D7AwbUufSd3TELqc5vWi8he3xuJGSAzaJsABdo
CpiX6mQrWfJF6tKZHQciois6Ucn2aBfnBQglVMAMpGRzuA6I8RKxt+uhkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHJE75MCx8XaihY8DXOx4WoVpJ8MB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN3x4oI0H
HfyOQyFaXj0yCZ8vk3sCPzPSzthlGbKDSpTpOO/ZBs2xQ2UxFH+RxkCRFoP2xuw+
1zLhXrxdeVZ6QO3j/swy/kJopCT3/iYMyopgT6qIIdXckQFBDYQ6oEEdDl5yVWXs
P+EgnsE2acXw//uw44Q80v2RCl+u/rFs0QpkgliDx9Ee09HphWZOGjhM4t+PX0MY
z8uIr8ki66KEHyMkMzaGkvU0sTW0u0avKHS/rDsLExT/v/T+UTnIaRajSxSU2evp
w1rkBXSVXs0c/PnWwl77bCSxwCLvMSraI789r+av4nPRxGB17XysHHmbaa5TNond
cq5Bv7LvUHIHmg==
-----END CERTIFICATE-----