Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          szkAKB1/QkvijKRWiShkETWxyFDNpIeKnGB/qQMRsOo=
Subject key identifier:   39:3E:B3:1F:59:1E:6C:16:23:D8:E8:C9:AE:32:43:27:B2:D0:AA:C3
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019A5150E6D7365660833A647BAB0DFA42CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          170A
Signing time:             Wed 05 Nov 2025 00:00:47 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:47 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:47 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: uEaWyJB/lx2Ip/TxuHAflxZ+zj5F8OQgCvaIkhWqBj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 00:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:e6:d7:36:56:60:83:3a:64:7b:ab:0d:fa:42:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Nov  5 00:00:47 2025 GMT
            Not After : Nov  6 00:00:47 2025 GMT
        Subject: CN=393eb31f591e6c1623d8e8c9ae324327b2d0aac3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:6e:46:e8:b0:99:74:5e:2e:7b:01:d7:3f:b6:
                    c3:cc:fe:7f:b7:72:45:37:d1:c4:4d:e2:a8:05:64:
                    50:8b:73:5e:a8:bc:b4:dc:4a:51:43:7d:1d:ac:59:
                    89:68:51:5d:85:93:dc:46:91:a5:22:7a:96:3e:49:
                    c4:5b:9a:1f:f7:ab:02:65:36:4a:28:34:48:e6:4d:
                    cd:63:e6:19:56:a8:25:9b:f4:9d:ca:08:d1:cd:3b:
                    b0:0f:bb:77:9d:d7:04:44:2b:45:b1:e5:b4:d7:ee:
                    b5:e6:84:b8:3b:2a:4c:c5:c2:58:cb:4f:fb:49:53:
                    76:6c:77:9e:5e:16:12:29:b0:91:57:90:c5:80:52:
                    c3:26:dc:6a:86:79:cd:67:5b:00:59:9d:cd:90:4d:
                    8c:04:d8:98:4b:4f:09:03:5b:ce:c6:d9:ea:61:1a:
                    09:b1:56:58:f4:14:d0:78:77:d9:d4:0d:3d:da:84:
                    51:86:77:d4:46:96:46:e4:e0:57:9d:e6:48:8e:2f:
                    55:e7:6a:b9:59:ca:e5:46:05:37:95:0e:40:51:83:
                    d6:48:8d:f8:49:5c:db:b7:74:37:0e:6c:1f:a6:ad:
                    d6:36:11:bd:79:fc:54:1c:6f:6f:25:bd:fa:f2:7c:
                    39:bf:23:f3:a1:43:ac:d0:53:a7:4f:3f:f6:b8:ad:
                    a9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:3E:B3:1F:59:1E:6C:16:23:D8:E8:C9:AE:32:43:27:B2:D0:AA:C3
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:42:ef:70:22:30:70:23:b3:3c:aa:9b:00:e3:fb:9d:9f:92:
         76:19:0e:17:dc:7c:d1:06:54:1d:1a:c3:12:75:5d:e7:6a:d7:
         fc:07:98:d5:ce:72:5f:14:c1:c3:c5:42:cb:e7:51:b1:77:5e:
         ad:9a:bc:5d:b0:7a:4c:c2:b4:14:df:4f:9c:6d:8f:ac:48:c6:
         6a:68:5c:39:88:bf:63:d2:0e:21:e5:1c:62:57:65:6d:c0:50:
         d7:f3:ec:c6:e2:24:2c:57:d2:f0:6c:81:ba:b6:6d:6e:2c:98:
         be:2e:70:c4:dc:88:eb:b4:b8:20:a9:af:94:75:5b:ea:39:25:
         86:3e:dc:34:a5:87:d4:de:76:b0:d2:1b:84:33:a9:17:3d:fd:
         4a:83:87:5d:ea:6e:56:49:cb:32:5d:a5:8b:11:e8:b8:5c:9a:
         63:c5:f1:01:65:03:56:6b:55:70:53:bd:9a:3a:b3:43:d9:84:
         dc:b5:0a:3f:93:4a:29:3b:44:d6:11:ba:88:20:24:e9:f0:90:
         11:a7:39:d0:ba:9e:16:f3:22:9d:3d:65:bc:2e:32:ba:72:5e:
         75:6c:6b:a3:03:59:78:96:77:4b:45:b7:c9:3d:29:b1:71:1e:
         7b:c3:0b:21:f6:6c:d1:72:a7:71:0e:e4:b3:bb:49:31:4c:ab:
         66:3e:79:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUObXNlZggzpke6sN+kLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUxMTA1MDAwMDQ3WhcNMjUxMTA2MDAwMDQ3WjAzMTEwLwYDVQQD
EygzOTNlYjMxZjU5MWU2YzE2MjNkOGU4YzlhZTMyNDMyN2IyZDBhYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3G5G6LCZdF4uewHXP7bDzP5/t3JF
N9HETeKoBWRQi3NeqLy03EpRQ30drFmJaFFdhZPcRpGlInqWPknEW5of96sCZTZK
KDRI5k3NY+YZVqglm/SdygjRzTuwD7t3ndcERCtFseW01+615oS4OypMxcJYy0/7
SVN2bHeeXhYSKbCRV5DFgFLDJtxqhnnNZ1sAWZ3NkE2MBNiYS08JA1vOxtnqYRoJ
sVZY9BTQeHfZ1A092oRRhnfURpZG5OBXneZIji9V52q5WcrlRgU3lQ5AUYPWSI34
SVzbt3Q3Dmwfpq3WNhG9efxUHG9vJb368nw5vyPzoUOs0FOnTz/2uK2pzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDk+sx9ZHmwWI9joya4yQyey0KrDMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI0LvcCIw
cCOzPKqbAOP7nZ+SdhkOF9x80QZUHRrDEnVd52rX/AeY1c5yXxTBw8VCy+dRsXde
rZq8XbB6TMK0FN9PnG2PrEjGamhcOYi/Y9IOIeUcYldlbcBQ1/PsxuIkLFfS8GyB
urZtbiyYvi5wxNyI67S4IKmvlHVb6jklhj7cNKWH1N52sNIbhDOpFz39SoOHXepu
VknLMl2lixHouFyaY8XxAWUDVmtVcFO9mjqzQ9mE3LUKP5NKKTtE1hG6iCAk6fCQ
Eac50LqeFvMinT1lvC4yunJedWxrowNZeJZ3S0W3yT0psXEee8MLIfZs0XKncQ7k
s7tJMUyrZj55aA==
-----END CERTIFICATE-----