Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          XqEozv7dY46EM+iIT1woxLFQeYXOJOHd4P6ki0faGuo=
Subject key identifier:   31:FC:88:9D:3E:15:BE:30:69:A5:8A:D3:3A:FD:C9:4F:55:B8:F7:1D
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       019A4E86A78D79723DAAF424868BE1753B58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          11EF
Signing time:             Tue 04 Nov 2025 11:00:38 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:38 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:38 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: LLvGXUgjRWUIdQupBcp701wE0pkMICiErwrU/5lJ9jY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:a7:8d:79:72:3d:aa:f4:24:86:8b:e1:75:3b:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Nov  4 11:00:38 2025 GMT
            Not After : Nov  5 11:00:38 2025 GMT
        Subject: CN=31fc889d3e15be3069a58ad33afdc94f55b8f71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d1:3b:aa:e3:62:76:84:51:b2:2a:35:9c:6d:
                    95:41:3b:c8:07:b4:03:91:be:bc:47:6f:4b:89:30:
                    8e:17:37:e9:19:a3:34:b8:92:9c:61:55:5b:95:64:
                    52:d9:91:01:c1:ee:dc:c7:4a:7a:e3:71:1d:ba:9b:
                    20:45:7e:16:52:38:20:cc:5c:42:eb:65:31:dd:6a:
                    9a:e8:74:ac:9c:16:a1:d4:48:f4:a3:98:09:8c:28:
                    e3:20:df:c7:0b:48:37:93:70:98:73:60:af:71:65:
                    6a:1a:ef:c1:8c:af:f2:df:07:c1:fc:21:45:b2:fe:
                    5e:6b:93:9f:11:2a:d1:c3:87:4d:41:82:f9:74:f3:
                    c8:ec:9f:19:e6:ef:39:c2:fd:ce:5b:51:b3:f5:99:
                    dc:0e:e6:f0:91:57:5b:0c:cc:a1:19:20:57:15:fc:
                    d9:b0:19:d0:14:2c:0f:ec:0c:21:ce:90:89:dc:82:
                    57:36:44:f1:d2:4c:e4:79:45:07:56:9a:87:f0:3a:
                    d5:67:07:ba:c1:cf:85:78:80:57:76:0f:31:77:3e:
                    d9:70:53:86:45:42:21:f6:94:c6:db:b8:5a:dd:19:
                    cc:53:03:31:57:b4:7c:88:6f:2d:57:42:b5:08:0e:
                    ae:4b:8f:a7:48:02:f1:c7:45:29:a0:ed:d3:c6:fa:
                    66:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:FC:88:9D:3E:15:BE:30:69:A5:8A:D3:3A:FD:C9:4F:55:B8:F7:1D
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:b8:1b:e3:fc:ff:a7:06:25:d3:e3:a9:f4:44:e4:9e:4e:9d:
         9b:65:35:33:dc:b4:a6:22:a7:29:ed:45:58:a5:b3:9b:ee:99:
         1b:e9:47:2c:16:86:56:46:98:97:dc:c7:1f:a0:c2:d1:d8:1a:
         00:b0:24:98:ef:79:45:3e:53:86:6f:e0:df:35:26:bd:11:e3:
         83:35:dd:46:43:fa:98:10:4c:19:0e:b7:34:7a:91:5a:09:ab:
         26:34:8f:cb:de:5f:29:51:9a:6f:dc:74:73:57:e2:9e:62:85:
         82:99:6e:90:73:9d:b5:94:3c:bb:b5:c2:8f:46:c2:54:0c:08:
         ff:fd:b8:35:e0:ad:bd:54:bc:31:32:e0:ce:ae:e4:51:03:71:
         63:de:73:fd:2e:09:1c:21:66:c6:f4:53:b9:f8:ad:29:db:7b:
         0d:fb:6e:2f:63:a5:29:69:91:05:99:30:44:c0:58:e5:f3:27:
         6e:7c:14:b2:18:8f:cf:83:71:f2:b9:a6:8a:f4:84:39:0d:a1:
         9f:be:cf:19:8d:0d:6f:2f:d5:d8:59:c3:9f:24:fe:ea:72:a4:
         97:ae:36:ad:9a:c6:20:95:dd:a1:cc:24:ec:5c:ab:dd:80:94:
         b2:ca:e3:a1:5e:65:64:ce:a8:ab:f7:69:ca:b9:18:6f:cd:e5:
         56:38:14:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhqeNeXI9qvQkhovhdTtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUxMTA0MTEwMDM4WhcNMjUxMTA1MTEwMDM4WjAzMTEwLwYDVQQD
EygzMWZjODg5ZDNlMTViZTMwNjlhNThhZDMzYWZkYzk0ZjU1YjhmNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29E7quNidoRRsio1nG2VQTvIB7QD
kb68R29LiTCOFzfpGaM0uJKcYVVblWRS2ZEBwe7cx0p643EdupsgRX4WUjggzFxC
62Ux3Wqa6HSsnBah1Ej0o5gJjCjjIN/HC0g3k3CYc2CvcWVqGu/BjK/y3wfB/CFF
sv5ea5OfESrRw4dNQYL5dPPI7J8Z5u85wv3OW1Gz9ZncDubwkVdbDMyhGSBXFfzZ
sBnQFCwP7AwhzpCJ3IJXNkTx0kzkeUUHVpqH8DrVZwe6wc+FeIBXdg8xdz7ZcFOG
RUIh9pTG27ha3RnMUwMxV7R8iG8tV0K1CA6uS4+nSALxx0UpoO3TxvpmywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH8iJ0+Fb4waaWK0zr9yU9VuPcdMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkrgb4/z/
pwYl0+Op9ETknk6dm2U1M9y0piKnKe1FWKWzm+6ZG+lHLBaGVkaYl9zHH6DC0dga
ALAkmO95RT5Thm/g3zUmvRHjgzXdRkP6mBBMGQ63NHqRWgmrJjSPy95fKVGab9x0
c1finmKFgplukHOdtZQ8u7XCj0bCVAwI//24NeCtvVS8MTLgzq7kUQNxY95z/S4J
HCFmxvRTufitKdt7DftuL2OlKWmRBZkwRMBY5fMnbnwUshiPz4Nx8rmmivSEOQ2h
n77PGY0Nby/V2FnDnyT+6nKkl642rZrGIJXdocwk7Fyr3YCUssrjoV5lZM6oq/dp
yrkYb83lVjgUOQ==
-----END CERTIFICATE-----