Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
File:                     0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft (raw, json)
Hash identifier:          11S8u47+hZxK8fxTP2/MuZTe3tV02VKJZw8JhI4Kt8M=
Subject key identifier:   52:9B:F2:52:98:5B:FD:09:D3:5B:8A:5D:94:D6:2A:0D:46:C1:61:1C
Authority key identifier: D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
Certificate issuer:       /CN=d217978586bff3a6777d55a9a9635841516d43b4
Certificate serial:       019A50077A5B2A64883A2A919FF04679ACE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
Manifest number:          0CA1
Signing time:             Tue 04 Nov 2025 18:00:58 +0000
Manifest this update:     Tue 04 Nov 2025 18:00:58 +0000
Manifest next update:     Wed 05 Nov 2025 18:00:58 +0000
Files and hashes:         1: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl (hash: s7nbEhPftPSSXMtQ4XQ1Oc6TZ0qi13J1qj3VIBa2SdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:07:7a:5b:2a:64:88:3a:2a:91:9f:f0:46:79:ac:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217978586bff3a6777d55a9a9635841516d43b4
        Validity
            Not Before: Nov  4 18:00:58 2025 GMT
            Not After : Nov  5 18:00:58 2025 GMT
        Subject: CN=529bf252985bfd09d35b8a5d94d62a0d46c1611c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:31:a0:f7:7d:22:c1:ea:09:9b:d0:d8:cf:a1:
                    3e:e2:a5:eb:96:8d:b9:07:8e:f9:3e:cd:48:b7:6a:
                    6e:21:7a:74:3a:37:6e:4a:e1:e5:c4:30:5e:fe:a1:
                    36:99:1b:73:7e:5f:bf:71:76:19:08:e0:e0:df:8b:
                    e8:df:21:91:93:bd:2c:b4:a5:00:c5:86:9e:d3:8d:
                    00:53:d7:31:de:3b:14:fe:88:72:40:52:6f:a2:ff:
                    a7:89:6a:cb:cf:c4:d0:50:dd:00:3a:ef:b3:d9:da:
                    0d:9b:53:02:05:2d:ef:33:44:55:1f:86:28:bf:bd:
                    0f:39:dc:04:c2:dd:d4:ca:17:d3:d8:1b:c1:19:a5:
                    31:cd:a0:e7:06:ec:43:d7:36:c9:33:03:bd:c0:57:
                    c4:4a:e0:e9:fb:74:e4:39:5c:bf:af:80:95:d0:bf:
                    be:c4:25:fa:33:4d:ed:86:67:ed:b0:24:97:2e:49:
                    f7:a1:52:da:80:1b:62:c5:79:38:2c:95:58:82:4f:
                    dd:f3:2b:26:0c:80:91:e5:61:d0:e1:9b:2e:d5:f4:
                    e9:2c:38:04:dc:40:f5:0d:a1:fc:64:4a:6e:c3:df:
                    36:80:c7:69:0f:8b:56:4d:51:a7:27:0d:d3:5d:fb:
                    82:22:5e:1d:1d:b6:f2:ec:7e:de:c9:cc:db:17:61:
                    e4:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:9B:F2:52:98:5B:FD:09:D3:5B:8A:5D:94:D6:2A:0D:46:C1:61:1C
            X509v3 Authority Key Identifier:
                keyid:D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:01:b3:e0:55:a4:d8:c8:96:20:82:35:d2:1e:19:7d:f2:78:
         fc:12:99:3e:2c:e8:53:a3:c2:45:f4:27:ca:d2:ba:3d:d8:f6:
         bb:7c:c5:21:36:f9:62:4e:c1:d9:ea:b7:ae:c2:95:ae:39:d0:
         24:fc:13:0c:4e:05:ca:0c:d5:99:2a:1e:77:c9:1a:e8:d5:d6:
         25:cf:f9:b9:71:14:0e:a8:02:1e:4c:8d:c1:5f:a8:51:c6:91:
         df:85:5a:3f:ab:9f:89:e5:71:f1:a3:91:14:28:25:be:64:d4:
         fc:df:8b:f9:b4:9c:0d:89:71:11:f5:b3:16:79:29:d0:07:2a:
         62:42:80:37:3d:ab:6e:71:43:64:74:87:f2:30:3d:b6:2e:44:
         d9:53:31:d7:aa:e6:6b:39:1e:18:64:65:d4:d0:6e:dd:bc:b4:
         14:7c:e9:de:ca:00:60:9b:f2:53:2b:2e:16:10:32:12:67:37:
         3f:24:34:9b:c7:5b:8f:19:b4:04:ce:59:3a:6c:c0:ec:0f:bd:
         27:4c:24:2f:af:8f:0e:21:82:32:9d:d2:8d:08:55:ad:b4:a4:
         85:1f:ea:23:42:8d:bf:7d:25:19:53:13:a6:bb:5c:47:bc:e3:
         88:a9:0e:58:43:fe:b0:10:2d:03:01:86:fa:a2:9c:b8:60:13:
         76:5e:34:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQB3pbKmSIOiqRn/BGeaznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTc5Nzg1ODZiZmYzYTY3NzdkNTVhOWE5NjM1ODQxNTE2
ZDQzYjQwHhcNMjUxMTA0MTgwMDU4WhcNMjUxMTA1MTgwMDU4WjAzMTEwLwYDVQQD
Eyg1MjliZjI1Mjk4NWJmZDA5ZDM1YjhhNWQ5NGQ2MmEwZDQ2YzE2MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjGg930iweoJm9DYz6E+4qXrlo25
B475Ps1It2puIXp0OjduSuHlxDBe/qE2mRtzfl+/cXYZCODg34vo3yGRk70stKUA
xYae040AU9cx3jsU/ohyQFJvov+niWrLz8TQUN0AOu+z2doNm1MCBS3vM0RVH4Yo
v70POdwEwt3UyhfT2BvBGaUxzaDnBuxD1zbJMwO9wFfESuDp+3TkOVy/r4CV0L++
xCX6M03thmftsCSXLkn3oVLagBtixXk4LJVYgk/d8ysmDICR5WHQ4Zsu1fTpLDgE
3ED1DaH8ZEpuw982gMdpD4tWTVGnJw3TXfuCIl4dHbby7H7eyczbF2HkbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKb8lKYW/0J01uKXZTWKg1GwWEcMB8GA1UdIwQY
MBaAFNIXl4WGv/Omd31VqaljWEFRbUO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEt
NGNlNGQzYjE5N2Q4LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEtNGNlNGQzYjE5N2Q4
LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQGz4FWk
2MiWIII10h4ZffJ4/BKZPizoU6PCRfQnytK6Pdj2u3zFITb5Yk7B2eq3rsKVrjnQ
JPwTDE4FygzVmSoed8ka6NXWJc/5uXEUDqgCHkyNwV+oUcaR34VaP6ufieVx8aOR
FCglvmTU/N+L+bScDYlxEfWzFnkp0AcqYkKANz2rbnFDZHSH8jA9ti5E2VMx16rm
azkeGGRl1NBu3by0FHzp3soAYJvyUysuFhAyEmc3PyQ0m8dbjxm0BM5ZOmzA7A+9
J0wkL6+PDiGCMp3SjQhVrbSkhR/qI0KNv30lGVMTprtcR7zjiKkOWEP+sBAtAwGG
+qKcuGATdl40ZQ==
-----END CERTIFICATE-----