Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File:                     HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier:          ah3TFFLG6XnGEjUgz4oeANKON1OjPjDQ0lB6pnxAOds=
Subject key identifier:   7D:5F:78:03:7A:8C:DA:93:BC:D5:6C:47:94:4B:F9:04:73:75:90:A4
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer:       /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial:       019A4E4FD5EEE3168E4A161233CF3CFFA848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number:          0BD8
Signing time:             Tue 04 Nov 2025 10:00:46 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:46 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:46 +0000
Files and hashes:         1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: bFnqiGclA7EOvb8q3sQ5FbXvcyg8Z2GrayGtFIBfQ0M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:d5:ee:e3:16:8e:4a:16:12:33:cf:3c:ff:a8:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
        Validity
            Not Before: Nov  4 10:00:46 2025 GMT
            Not After : Nov  5 10:00:46 2025 GMT
        Subject: CN=7d5f78037a8cda93bcd56c47944bf904737590a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:aa:ce:0f:b7:af:00:a5:97:27:4d:ed:65:c4:
                    dd:d6:e4:f9:ec:36:74:42:36:17:56:c1:2e:3a:07:
                    48:77:24:ea:3d:12:30:70:1a:fc:30:ae:4b:01:b6:
                    c9:c8:63:cb:d1:6e:a5:82:27:61:0b:c6:41:a8:77:
                    32:fe:42:75:96:ff:20:d3:9c:02:96:fd:63:73:a8:
                    c0:59:6e:59:46:63:59:d2:32:8e:fd:7c:56:a3:fd:
                    81:03:9b:64:28:af:4f:cd:c1:bd:85:a4:69:f8:38:
                    1e:13:7d:19:a2:0e:e9:0d:24:49:91:eb:a3:9b:5f:
                    0d:67:d0:aa:be:a0:b5:aa:95:35:2c:37:91:59:6e:
                    6a:3f:38:bb:a5:41:8d:2b:31:03:c5:60:f3:ac:e7:
                    b5:60:54:fe:4b:ff:d6:fe:ca:fe:c2:66:70:0c:c9:
                    5b:32:77:95:8e:dc:be:36:ce:76:c3:6f:94:83:68:
                    5b:6b:72:66:a0:f3:38:21:1f:40:e2:d5:ca:35:01:
                    f5:b0:65:72:55:4d:be:b6:82:9e:01:6b:74:b1:ca:
                    20:21:ee:44:23:0e:7c:83:15:be:4f:82:a8:66:53:
                    f0:db:0e:47:1c:70:85:dd:a3:a0:98:28:7f:0e:ef:
                    b1:f0:8f:ad:18:f2:04:ff:66:10:62:c0:be:63:47:
                    17:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:5F:78:03:7A:8C:DA:93:BC:D5:6C:47:94:4B:F9:04:73:75:90:A4
            X509v3 Authority Key Identifier:
                keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:eb:3d:ad:3d:56:88:c6:62:69:30:73:57:08:0a:ec:42:aa:
         7a:0e:3f:c1:63:31:e0:53:87:bf:6e:da:06:06:e8:5f:9f:29:
         3e:f6:79:e4:de:b9:2d:b5:d3:42:d6:19:b6:9e:67:f9:18:3c:
         c2:9c:f1:db:67:d4:2c:ef:21:d0:ab:46:aa:6c:d2:6f:a6:b5:
         20:12:0f:01:d5:e8:b1:10:e0:50:37:69:03:bd:67:c4:e5:95:
         37:ca:21:d9:68:eb:6b:d6:20:94:25:7e:eb:02:e2:d3:85:c9:
         1c:1c:3c:55:a0:ed:76:68:3d:82:19:bc:f9:53:47:50:9c:76:
         a8:7b:ac:07:ca:5b:b3:20:56:9d:e7:f0:98:c2:99:88:e8:b9:
         11:e1:c0:04:6d:cd:c7:18:bb:25:58:b3:c3:db:e7:0b:63:b4:
         ba:68:32:89:b6:ad:e6:5c:ec:4e:ac:50:c5:e3:28:61:90:be:
         79:68:75:1a:95:9e:11:4d:ac:cf:d4:be:61:bd:bb:8f:62:1e:
         3a:f3:06:8c:d5:6c:34:9d:a2:00:4c:9f:08:72:ca:75:2b:2b:
         df:a3:3e:fb:2c:a9:f3:86:3e:33:e3:1e:64:39:18:f8:ef:bb:
         b5:6e:ce:6e:01:a0:05:2c:b6:fd:71:8f:99:cd:81:0b:73:99:
         8f:51:8d:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT9Xu4xaOShYSM888/6hIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjUxMTA0MTAwMDQ2WhcNMjUxMTA1MTAwMDQ2WjAzMTEwLwYDVQQD
Eyg3ZDVmNzgwMzdhOGNkYTkzYmNkNTZjNDc5NDRiZjkwNDczNzU5MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1arOD7evAKWXJ03tZcTd1uT57DZ0
QjYXVsEuOgdIdyTqPRIwcBr8MK5LAbbJyGPL0W6lgidhC8ZBqHcy/kJ1lv8g05wC
lv1jc6jAWW5ZRmNZ0jKO/XxWo/2BA5tkKK9PzcG9haRp+DgeE30Zog7pDSRJkeuj
m18NZ9CqvqC1qpU1LDeRWW5qPzi7pUGNKzEDxWDzrOe1YFT+S//W/sr+wmZwDMlb
MneVjty+Ns52w2+Ug2hba3JmoPM4IR9A4tXKNQH1sGVyVU2+toKeAWt0scogIe5E
Iw58gxW+T4KoZlPw2w5HHHCF3aOgmCh/Du+x8I+tGPIE/2YQYsC+Y0cXbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1feAN6jNqTvNVsR5RL+QRzdZCkMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+s9rT1W
iMZiaTBzVwgK7EKqeg4/wWMx4FOHv27aBgboX58pPvZ55N65LbXTQtYZtp5n+Rg8
wpzx22fULO8h0KtGqmzSb6a1IBIPAdXosRDgUDdpA71nxOWVN8oh2Wjra9YglCV+
6wLi04XJHBw8VaDtdmg9ghm8+VNHUJx2qHusB8pbsyBWnefwmMKZiOi5EeHABG3N
xxi7JVizw9vnC2O0umgyibat5lzsTqxQxeMoYZC+eWh1GpWeEU2sz9S+Yb27j2Ie
OvMGjNVsNJ2iAEyfCHLKdSsr36M++yyp84Y+M+MeZDkY+O+7tW7ObgGgBSy2/XGP
mc2BC3OZj1GN+w==
-----END CERTIFICATE-----