Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File:                     hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier:          4l2b0apES5xZi6NIuVjv2pJfUaG7+qkBaSNzJDqTIaU=
Subject key identifier:   AB:D9:C3:8A:9E:10:E1:6C:DF:C9:48:63:4E:FC:DF:04:81:81:92:A3
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer:       /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial:       019A4EF40ED23E4B5E38840D10CC06C0546D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number:          0A7D
Signing time:             Tue 04 Nov 2025 13:00:08 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:08 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:08 +0000
Files and hashes:         1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: PTICVl++L8LtOlzepQP5x9DOl+w31q3xNp26JDERztg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:0e:d2:3e:4b:5e:38:84:0d:10:cc:06:c0:54:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86985bae0d938de24385c4053cda391b74450267
        Validity
            Not Before: Nov  4 13:00:08 2025 GMT
            Not After : Nov  5 13:00:08 2025 GMT
        Subject: CN=abd9c38a9e10e16cdfc948634efcdf04818192a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:32:00:15:25:a1:84:66:c7:40:9c:14:92:70:
                    21:2a:50:9e:14:87:25:4b:4e:7e:df:b8:a3:66:70:
                    8d:d4:5a:38:00:42:a3:2e:5b:58:04:99:38:89:88:
                    cb:b7:da:2c:68:d8:50:40:36:d9:e1:4f:f0:16:26:
                    07:2a:9f:5f:46:9b:64:24:d7:9b:da:1b:04:2a:0f:
                    d8:8b:1b:0c:0d:c3:eb:58:3c:71:b6:0d:02:c9:b2:
                    6d:ba:94:c4:b7:ae:08:8b:99:12:1c:f0:9b:64:d0:
                    f4:da:ca:eb:6e:c3:a8:c7:50:55:9e:75:d9:68:41:
                    6e:6d:8f:97:49:08:19:d9:d3:58:4d:8f:a0:08:e7:
                    19:58:e5:e9:02:a4:d5:57:50:ca:96:71:09:46:5f:
                    25:54:7a:82:8b:aa:9c:48:42:8b:92:8c:29:71:15:
                    02:7b:16:c7:2a:39:83:6a:c2:84:22:f8:a7:e2:d9:
                    d7:47:e6:fd:d9:fc:69:d9:1e:1d:d7:fc:3a:84:02:
                    a5:0f:ff:c1:83:d1:86:52:c2:f2:0a:89:6b:b6:a1:
                    82:74:55:fd:2a:65:9c:bf:88:b4:13:bf:97:a4:81:
                    c9:21:90:f3:6b:97:b1:82:dd:7f:b9:70:0d:a3:2a:
                    ba:3d:07:c0:95:db:a2:8c:dd:1f:4c:e0:e8:7f:73:
                    82:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D9:C3:8A:9E:10:E1:6C:DF:C9:48:63:4E:FC:DF:04:81:81:92:A3
            X509v3 Authority Key Identifier:
                keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:6c:d1:02:cd:73:92:ea:d3:06:51:f0:ab:17:3e:d1:1d:58:
         05:9a:33:84:08:d6:3d:19:0e:cd:33:a9:a2:ec:f0:77:88:c5:
         1a:52:eb:dc:15:f0:ab:26:84:d5:71:fe:40:de:81:40:c6:b5:
         f0:f1:56:4e:96:1b:ae:ff:70:37:3f:41:9d:59:27:05:33:64:
         e7:ef:e5:5d:ea:32:56:d7:82:64:1b:45:f4:1b:4f:07:d4:49:
         79:87:d0:00:d6:9d:ae:09:63:47:2e:17:4c:5d:f7:89:5a:34:
         ac:ee:81:3e:5e:1f:48:a8:bb:41:ae:35:2b:c6:7c:54:c2:a3:
         91:8f:7b:65:8b:6c:9a:60:8b:44:70:d6:f9:2c:4d:d7:0e:df:
         01:09:08:23:1c:bd:df:41:df:de:e5:82:9e:e4:82:0c:4f:55:
         ad:6d:98:64:3e:13:20:79:5e:74:56:53:3b:ff:16:fe:c7:97:
         5d:c6:1f:65:0e:67:90:f3:cf:3a:9b:17:68:e5:94:9c:ef:79:
         20:e6:a8:57:56:ce:ca:a1:10:c6:65:31:e3:72:e7:ca:df:e8:
         48:3e:cd:9c:ad:34:10:2b:5c:60:32:00:c0:a6:62:75:ed:92:
         41:5f:d6:2c:eb:93:65:9e:c7:7b:57:2e:62:b4:57:22:7d:e2:
         79:b3:7b:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9A7SPkteOIQNEMwGwFRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjUxMTA0MTMwMDA4WhcNMjUxMTA1MTMwMDA4WjAzMTEwLwYDVQQD
EyhhYmQ5YzM4YTllMTBlMTZjZGZjOTQ4NjM0ZWZjZGYwNDgxODE5MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjIAFSWhhGbHQJwUknAhKlCeFIcl
S05+37ijZnCN1Fo4AEKjLltYBJk4iYjLt9osaNhQQDbZ4U/wFiYHKp9fRptkJNeb
2hsEKg/YixsMDcPrWDxxtg0CybJtupTEt64Ii5kSHPCbZND02srrbsOox1BVnnXZ
aEFubY+XSQgZ2dNYTY+gCOcZWOXpAqTVV1DKlnEJRl8lVHqCi6qcSEKLkowpcRUC
exbHKjmDasKEIvin4tnXR+b92fxp2R4d1/w6hAKlD//Bg9GGUsLyColrtqGCdFX9
KmWcv4i0E7+XpIHJIZDza5exgt1/uXANoyq6PQfAlduijN0fTODof3OCaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvZw4qeEOFs38lIY0783wSBgZKjMB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmzRAs1z
kurTBlHwqxc+0R1YBZozhAjWPRkOzTOpouzwd4jFGlLr3BXwqyaE1XH+QN6BQMa1
8PFWTpYbrv9wNz9BnVknBTNk5+/lXeoyVteCZBtF9BtPB9RJeYfQANadrgljRy4X
TF33iVo0rO6BPl4fSKi7Qa41K8Z8VMKjkY97ZYtsmmCLRHDW+SxN1w7fAQkIIxy9
30Hf3uWCnuSCDE9VrW2YZD4TIHledFZTO/8W/seXXcYfZQ5nkPPPOpsXaOWUnO95
IOaoV1bOyqEQxmUx43Lnyt/oSD7NnK00ECtcYDIAwKZide2SQV/WLOuTZZ7He1cu
YrRXIn3iebN7zQ==
-----END CERTIFICATE-----