Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          JoSYktKZ5dfhMXdHX8KIa6u0FP7qJiKVZjbgRRjhK+s=
Subject key identifier:   83:CB:FE:4C:E8:4F:00:2F:A2:D9:8E:E4:4D:74:B0:F9:1D:13:98:6C
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       019A4EF46BC2F44D032EACB99284AABAB483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:00:32 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:32 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:32 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: +m1eEh0S/Nv14OJKoX77MlBGOrVtxh8VXLwHkP3bpng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:6b:c2:f4:4d:03:2e:ac:b9:92:84:aa:ba:b4:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Nov  4 13:00:32 2025 GMT
            Not After : Nov  5 13:00:32 2025 GMT
        Subject: CN=83cbfe4ce84f002fa2d98ee44d74b0f91d13986c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:91:bb:f6:d9:12:f0:05:f1:dd:19:04:8a:fe:
                    36:95:40:70:3e:84:b8:2f:38:d9:6c:37:12:95:32:
                    59:18:e5:b6:94:44:7a:ad:a9:9e:78:d0:01:8f:88:
                    73:eb:be:4a:8e:46:c2:0d:57:a7:49:5f:40:ca:99:
                    d7:c1:0b:7b:41:ed:3b:d2:62:b8:e0:d0:40:a8:ed:
                    1e:97:0a:48:7b:81:0f:ba:9f:a2:bf:a1:99:3e:93:
                    af:98:b3:ea:ba:cb:7b:22:10:60:8d:81:88:51:8c:
                    89:69:26:94:05:4f:51:a1:01:5d:75:07:ac:aa:35:
                    3e:7c:6a:73:04:1c:db:a2:08:18:27:a4:4d:8a:68:
                    6c:8a:2d:cf:e3:73:43:6a:00:0d:09:fd:1e:df:c3:
                    ea:22:be:e0:66:4c:20:53:99:e2:e3:cf:5d:d4:40:
                    80:c6:87:21:c2:52:39:1a:12:72:17:25:b8:13:f0:
                    e2:d0:83:35:42:db:ee:65:17:a0:1d:7e:9e:0b:30:
                    ac:d3:75:e1:77:5d:1f:1b:9f:4f:dc:9d:9b:4d:96:
                    2b:60:95:04:b8:e1:ca:e6:52:5c:f7:f7:cc:d8:ae:
                    15:e1:1b:58:df:ab:4f:c9:49:47:10:bf:48:36:e7:
                    61:71:37:49:80:8f:99:53:02:77:28:cf:0c:01:f0:
                    fc:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:CB:FE:4C:E8:4F:00:2F:A2:D9:8E:E4:4D:74:B0:F9:1D:13:98:6C
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:bb:d9:dd:dc:81:d1:3b:b1:c4:23:b6:25:22:41:7a:87:f2:
         eb:11:2a:63:67:7b:43:73:71:45:5e:a0:2f:19:8a:62:b5:90:
         6a:79:27:31:45:ae:0e:08:a3:d9:09:72:3b:c5:bc:d5:32:15:
         cd:4a:5a:82:8b:f6:82:1e:f4:99:32:03:35:c1:67:3b:a3:af:
         b8:0d:c8:e4:95:89:f9:52:42:31:4a:ad:92:57:bb:11:7d:40:
         97:f0:99:13:82:aa:00:f7:dc:b3:0d:d2:26:71:d5:7e:0c:5f:
         93:c5:ba:b3:c5:0d:7c:1a:c2:9f:fa:76:dc:da:a9:9b:fe:93:
         fa:d6:8c:ff:92:ad:95:9c:a7:fc:c9:a7:40:94:cd:17:2b:3a:
         ee:de:dd:25:3a:31:3e:c8:7b:71:a7:49:f9:06:dd:67:c1:ba:
         0d:bc:b3:b3:e9:78:0f:16:e4:e2:dc:61:4c:36:f6:8f:8f:8b:
         d0:2f:e3:59:17:c2:4c:fd:6c:ac:6a:e9:6c:16:66:d8:88:fa:
         f0:f7:c7:9c:fa:a7:da:43:27:20:02:5c:de:96:4a:89:72:c6:
         fe:97:a4:cd:d3:67:f0:73:3d:9d:32:ad:3b:fa:c2:68:5c:9c:
         e5:d7:bd:99:54:ae:6f:03:ee:6c:b4:84:c1:0a:8d:f6:bb:f6:
         61:ed:73:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9GvC9E0DLqy5koSqurSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUxMTA0MTMwMDMyWhcNMjUxMTA1MTMwMDMyWjAzMTEwLwYDVQQD
Eyg4M2NiZmU0Y2U4NGYwMDJmYTJkOThlZTQ0ZDc0YjBmOTFkMTM5ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZG79tkS8AXx3RkEiv42lUBwPoS4
LzjZbDcSlTJZGOW2lER6rameeNABj4hz675KjkbCDVenSV9AypnXwQt7Qe070mK4
4NBAqO0elwpIe4EPup+iv6GZPpOvmLPqust7IhBgjYGIUYyJaSaUBU9RoQFddQes
qjU+fGpzBBzboggYJ6RNimhsii3P43NDagANCf0e38PqIr7gZkwgU5ni489d1ECA
xochwlI5GhJyFyW4E/Di0IM1QtvuZRegHX6eCzCs03Xhd10fG59P3J2bTZYrYJUE
uOHK5lJc9/fM2K4V4RtY36tPyUlHEL9INudhcTdJgI+ZUwJ3KM8MAfD8awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPL/kzoTwAvotmO5E10sPkdE5hsMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArvZ3dyB
0TuxxCO2JSJBeofy6xEqY2d7Q3NxRV6gLxmKYrWQanknMUWuDgij2QlyO8W81TIV
zUpagov2gh70mTIDNcFnO6OvuA3I5JWJ+VJCMUqtkle7EX1Al/CZE4KqAPfcsw3S
JnHVfgxfk8W6s8UNfBrCn/p23Nqpm/6T+taM/5KtlZyn/MmnQJTNFys67t7dJTox
Psh7cadJ+QbdZ8G6Dbyzs+l4Dxbk4txhTDb2j4+L0C/jWRfCTP1srGrpbBZm2Ij6
8PfHnPqn2kMnIAJc3pZKiXLG/pekzdNn8HM9nTKtO/rCaFyc5de9mVSubwPubLSE
wQqN9rv2Ye1zKw==
-----END CERTIFICATE-----