Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          d/MGVtwGOoB4Q5ELjgO3MeCc+EczlfBvZSkP9WdFXiA=
Subject key identifier:   17:C5:BB:72:D7:CC:AD:4A:F5:69:89:95:8F:BB:15:A1:4D:A6:96:0D
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019A4E4FECDD507C7F00C635535E192DA60A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0DEC
Signing time:             Tue 04 Nov 2025 10:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:52 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: HBPiaCMTV5CgwXy6HW2Q3nrJeUV98WEXU803Yr1CeJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:ec:dd:50:7c:7f:00:c6:35:53:5e:19:2d:a6:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Nov  4 10:00:52 2025 GMT
            Not After : Nov  5 10:00:52 2025 GMT
        Subject: CN=17c5bb72d7ccad4af56989958fbb15a14da6960d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:87:d8:9e:d6:13:38:cf:7e:cc:79:94:89:07:
                    7f:4f:a8:01:d7:fa:72:50:dc:bd:96:84:32:72:f1:
                    bc:68:b8:ed:cc:58:64:5a:7e:a1:d8:62:14:0d:3f:
                    f0:e8:d3:ad:3b:2a:87:38:4b:f7:d2:5f:1b:37:4d:
                    d7:9d:1f:82:d4:b7:c2:ce:61:02:9c:eb:1f:b4:03:
                    9c:0b:96:3e:82:ab:82:da:27:ee:41:10:c0:ff:3d:
                    94:a9:27:70:d2:4a:54:1b:10:c0:23:f7:a4:a0:ad:
                    79:36:b8:62:5a:47:59:4c:f7:05:59:8e:33:19:b1:
                    ae:e3:84:5e:21:fa:a9:dc:9f:d5:3e:b2:a8:86:a6:
                    8c:9e:1a:55:53:8b:a6:e9:14:c1:f1:82:8e:8c:39:
                    87:25:f1:47:5c:67:2a:73:44:e3:65:95:5b:ac:25:
                    a9:46:a8:50:7d:03:04:3b:11:5d:4c:b1:25:04:66:
                    7b:e1:8a:56:a1:e3:87:8d:05:b7:cc:4e:8c:1a:2d:
                    df:92:81:85:92:01:18:05:84:cf:73:d5:77:35:f6:
                    ee:65:66:cb:1d:9f:e5:b1:da:ef:ef:67:02:a7:5a:
                    e8:7b:8b:d7:d1:5b:7f:2b:29:8d:53:d1:0b:56:89:
                    f0:1c:37:94:6a:e2:c4:ed:da:70:dd:a7:c4:7e:ee:
                    06:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C5:BB:72:D7:CC:AD:4A:F5:69:89:95:8F:BB:15:A1:4D:A6:96:0D
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:02:9a:ba:d0:1c:c9:46:64:f0:36:5f:4a:66:c1:40:33:6e:
         eb:12:a7:1e:92:de:5b:f9:c1:20:63:4b:a1:68:a5:30:62:4d:
         b3:92:8f:ee:fe:fd:c5:96:8f:7a:37:eb:be:bf:f7:44:06:e0:
         d3:c5:8d:d5:cd:9b:94:ed:5f:e3:9f:43:50:88:4d:8a:37:8e:
         e2:be:d5:48:1c:d6:f9:d7:c2:bb:18:b5:00:71:fe:6f:f0:36:
         5a:44:27:9d:59:bf:6b:97:59:01:f1:29:4a:a5:d0:42:1c:82:
         3a:b8:95:87:e9:e4:73:8c:c2:06:39:5d:3d:7d:bd:fd:ab:c4:
         37:ce:cd:83:c1:49:bb:b2:9d:2b:f5:11:f7:de:a8:d9:ac:5b:
         33:7d:04:94:7d:fb:f2:c9:32:c6:48:29:36:dc:5c:0f:a9:93:
         ff:91:54:41:9d:c8:7f:85:fc:9b:c1:76:e1:c2:13:69:b1:64:
         88:69:57:de:a1:9c:71:cb:ea:ca:72:85:97:16:03:95:79:b2:
         0a:e0:64:30:13:50:eb:d2:10:be:e7:eb:c4:d3:e2:31:d3:73:
         aa:8c:80:53:7f:3b:5a:1a:2c:c4:c4:e6:95:c8:35:2b:e5:ec:
         e9:3a:dc:ec:51:24:c1:d4:4b:50:92:30:5c:2f:70:31:d4:26:
         30:0a:38:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT+zdUHx/AMY1U14ZLaYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUxMTA0MTAwMDUyWhcNMjUxMTA1MTAwMDUyWjAzMTEwLwYDVQQD
EygxN2M1YmI3MmQ3Y2NhZDRhZjU2OTg5OTU4ZmJiMTVhMTRkYTY5NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjofYntYTOM9+zHmUiQd/T6gB1/py
UNy9loQycvG8aLjtzFhkWn6h2GIUDT/w6NOtOyqHOEv30l8bN03XnR+C1LfCzmEC
nOsftAOcC5Y+gquC2ifuQRDA/z2UqSdw0kpUGxDAI/ekoK15NrhiWkdZTPcFWY4z
GbGu44ReIfqp3J/VPrKohqaMnhpVU4um6RTB8YKOjDmHJfFHXGcqc0TjZZVbrCWp
RqhQfQMEOxFdTLElBGZ74YpWoeOHjQW3zE6MGi3fkoGFkgEYBYTPc9V3NfbuZWbL
HZ/lsdrv72cCp1roe4vX0Vt/KymNU9ELVonwHDeUauLE7dpw3afEfu4G0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfFu3LXzK1K9WmJlY+7FaFNppYNMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANgKautAc
yUZk8DZfSmbBQDNu6xKnHpLeW/nBIGNLoWilMGJNs5KP7v79xZaPejfrvr/3RAbg
08WN1c2blO1f459DUIhNijeO4r7VSBzW+dfCuxi1AHH+b/A2WkQnnVm/a5dZAfEp
SqXQQhyCOriVh+nkc4zCBjldPX29/avEN87Ng8FJu7KdK/UR996o2axbM30ElH37
8skyxkgpNtxcD6mT/5FUQZ3If4X8m8F24cITabFkiGlX3qGcccvqynKFlxYDlXmy
CuBkMBNQ69IQvufrxNPiMdNzqoyAU387WhosxMTmlcg1K+Xs6Trc7FEkwdRLUJIw
XC9wMdQmMAo4DA==
-----END CERTIFICATE-----