Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
File:                     hVLmDnmh3nUzQ9eBW4cMloDArn8.mft (raw, json)
Hash identifier:          20+1+wliMvOfrW2cWg+fyLzmhTtPJVmjmAXynEMgh1A=
Subject key identifier:   E6:07:55:69:9C:3A:EA:8D:B8:28:04:3B:A6:1D:AA:DA:9D:4B:ED:75
Authority key identifier: 85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F
Certificate issuer:       /CN=8552e60e79a1de753343d7815b870c9680c0ae7f
Certificate serial:       019A54BFF3D0A1FF3ECEA2271E6D6F56CC29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
Manifest number:          0CE1
Signing time:             Wed 05 Nov 2025 16:00:57 +0000
Manifest this update:     Wed 05 Nov 2025 16:00:57 +0000
Manifest next update:     Thu 06 Nov 2025 16:00:57 +0000
Files and hashes:         1: hVLmDnmh3nUzQ9eBW4cMloDArn8.crl (hash: d70GIeEMnbzX+91tD8f7IRHnYlRCDD/1CCN482RLJjg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 16:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:54:bf:f3:d0:a1:ff:3e:ce:a2:27:1e:6d:6f:56:cc:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8552e60e79a1de753343d7815b870c9680c0ae7f
        Validity
            Not Before: Nov  5 16:00:57 2025 GMT
            Not After : Nov  6 16:00:57 2025 GMT
        Subject: CN=e60755699c3aea8db828043ba61daada9d4bed75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:be:3e:15:57:9b:63:1d:bd:72:b1:62:05:41:
                    b0:99:26:4b:17:c1:98:15:5b:f0:ad:62:f5:7f:fd:
                    80:8c:92:14:80:ec:ca:ce:5e:76:12:8e:7a:b4:ec:
                    3b:ff:b3:c1:b1:c8:5c:3f:6f:8c:e8:af:5e:5a:4e:
                    91:8f:76:22:4f:55:aa:6c:54:24:e3:ea:44:95:b6:
                    c3:6e:89:f6:b2:6f:7d:ae:66:68:da:bc:17:c8:ee:
                    8a:df:94:cf:20:e2:c2:74:9f:83:50:9d:c8:29:d6:
                    8a:dc:9d:12:2d:60:2c:e9:11:0e:94:40:50:52:af:
                    da:0c:68:60:9c:a1:73:eb:1a:9b:69:b6:b1:bb:09:
                    1c:c8:78:e8:5d:31:8d:fd:d0:91:6b:87:35:17:4f:
                    a3:1d:cf:c5:ba:cb:cd:d7:00:fe:9d:41:86:cd:5d:
                    cc:9d:6f:b2:7c:51:ed:7a:75:0c:6e:7c:dc:b6:0c:
                    13:69:8b:89:5f:7a:f8:30:de:42:33:fa:77:0a:e6:
                    7e:9d:b0:7b:84:e7:a7:fe:ed:13:63:62:de:5f:bf:
                    9d:45:1d:0b:99:0f:9f:b1:dc:0d:3d:9c:e3:b8:90:
                    0d:20:3e:90:7f:8d:85:f8:6e:8a:14:c2:c6:c7:6c:
                    5a:c3:38:81:3e:2c:0e:00:fb:b3:ff:32:70:88:de:
                    b0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:07:55:69:9C:3A:EA:8D:B8:28:04:3B:A6:1D:AA:DA:9D:4B:ED:75
            X509v3 Authority Key Identifier:
                keyid:85:52:E6:0E:79:A1:DE:75:33:43:D7:81:5B:87:0C:96:80:C0:AE:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVLmDnmh3nUzQ9eBW4cMloDArn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3724d3-212f-48bf-a2c1-9ffa60db8f71/1/hVLmDnmh3nUzQ9eBW4cMloDArn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:71:d7:10:f4:9f:37:1a:be:1f:6e:c5:e4:40:23:e1:c1:68:
         71:3b:3e:18:e9:cb:97:ff:0b:45:49:2e:fd:55:04:a4:ad:ee:
         3f:b3:46:52:25:9b:00:01:26:20:3d:50:51:ae:d4:33:02:9f:
         51:76:c3:98:89:3d:a3:69:ba:b1:8c:c7:4d:cd:03:33:c8:de:
         94:b8:01:b2:d4:4c:c5:3e:6c:7a:c2:65:a7:43:7f:71:3f:b3:
         3d:53:83:44:18:62:a6:c2:ed:4d:ff:68:8b:9d:dc:d9:36:4b:
         43:89:1d:7a:7d:60:29:a3:6b:d4:7a:e2:7d:74:49:dd:b5:db:
         08:e2:21:fc:70:8b:fe:94:d2:6e:2e:25:d4:76:41:51:4a:2d:
         2a:f2:04:a3:6d:b2:a5:09:45:77:4c:5d:f1:3f:ec:b1:31:2e:
         4c:48:57:50:99:db:8b:dd:6a:94:3d:b0:8b:89:c3:f7:8c:f8:
         3d:10:dd:71:11:2b:9d:4e:da:aa:74:ab:ad:8e:10:bd:8e:1b:
         e4:4f:61:b4:07:74:01:e2:e7:c9:26:e3:67:36:07:cc:22:5c:
         6f:63:57:8d:9b:87:7e:5d:50:e2:f3:78:93:48:5a:18:67:d0:
         bc:9c:8d:f1:f9:fa:49:db:9c:f3:69:64:d0:f3:57:cb:05:99:
         9e:70:e6:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv/PQof8+zqInHm1vVswpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTJlNjBlNzlhMWRlNzUzMzQzZDc4MTViODcwYzk2ODBj
MGFlN2YwHhcNMjUxMTA1MTYwMDU3WhcNMjUxMTA2MTYwMDU3WjAzMTEwLwYDVQQD
EyhlNjA3NTU2OTljM2FlYThkYjgyODA0M2JhNjFkYWFkYTlkNGJlZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL4+FVebYx29crFiBUGwmSZLF8GY
FVvwrWL1f/2AjJIUgOzKzl52Eo56tOw7/7PBschcP2+M6K9eWk6Rj3YiT1WqbFQk
4+pElbbDbon2sm99rmZo2rwXyO6K35TPIOLCdJ+DUJ3IKdaK3J0SLWAs6REOlEBQ
Uq/aDGhgnKFz6xqbabaxuwkcyHjoXTGN/dCRa4c1F0+jHc/FusvN1wD+nUGGzV3M
nW+yfFHtenUMbnzctgwTaYuJX3r4MN5CM/p3CuZ+nbB7hOen/u0TY2LeX7+dRR0L
mQ+fsdwNPZzjuJANID6Qf42F+G6KFMLGx2xawziBPiwOAPuz/zJwiN6wDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYHVWmcOuqNuCgEO6YdqtqdS+11MB8GA1UdIwQY
MBaAFIVS5g55od51M0PXgVuHDJaAwK5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEt
OWZmYTYwZGI4ZjcxLzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zNzI0ZDMtMjEyZi00OGJmLWEyYzEtOWZmYTYwZGI4Zjcx
LzEvaFZMbURubWgzblV6UTllQlc0Y01sb0RBcm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqHHXEPSf
Nxq+H27F5EAj4cFocTs+GOnLl/8LRUku/VUEpK3uP7NGUiWbAAEmID1QUa7UMwKf
UXbDmIk9o2m6sYzHTc0DM8jelLgBstRMxT5sesJlp0N/cT+zPVODRBhipsLtTf9o
i53c2TZLQ4kden1gKaNr1HrifXRJ3bXbCOIh/HCL/pTSbi4l1HZBUUotKvIEo22y
pQlFd0xd8T/ssTEuTEhXUJnbi91qlD2wi4nD94z4PRDdcRErnU7aqnSrrY4QvY4b
5E9htAd0AeLnySbjZzYHzCJcb2NXjZuHfl1Q4vN4k0haGGfQvJyN8fn6Sduc82lk
0PNXywWZnnDmqA==
-----END CERTIFICATE-----