Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
File:                     H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft (raw, json)
Hash identifier:          dFn046uyjKZK2N0tuW9bjfyxMXVQTjF4G+bpkinyq5w=
Subject key identifier:   3E:AB:3B:28:30:65:56:29:75:9F:FE:54:B5:6E:30:FB:7B:E3:14:2E
Authority key identifier: 1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F
Certificate issuer:       /CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
Certificate serial:       019A4F62123FA998624472EE10C501DD978A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
Manifest number:          15DC
Signing time:             Tue 04 Nov 2025 15:00:18 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:18 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:18 +0000
Files and hashes:         1: H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl (hash: g6LZkEo0UV3k2Jiw6jO7IQ6EdUa92gXXPxl6v/rKHF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:12:3f:a9:98:62:44:72:ee:10:c5:01:dd:97:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
        Validity
            Not Before: Nov  4 15:00:18 2025 GMT
            Not After : Nov  5 15:00:18 2025 GMT
        Subject: CN=3eab3b2830655629759ffe54b56e30fb7be3142e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:90:b1:6e:2d:3f:99:93:b9:40:09:e4:5d:0e:
                    82:a2:01:a5:d8:1d:a0:b1:c7:86:f3:2f:a1:4c:7c:
                    8c:99:4c:a8:c3:f3:4b:ea:2b:77:d8:4f:32:5f:e3:
                    67:29:74:fd:d3:66:42:39:ad:48:93:20:0c:48:4d:
                    90:7f:64:62:d0:b5:20:bd:bb:8c:3c:7a:38:3f:0f:
                    7c:81:e3:4e:97:e1:c8:bd:93:9b:1a:88:9d:c7:f1:
                    12:fc:0a:c1:c5:be:03:9c:f5:bd:b2:f5:51:43:9b:
                    b6:c6:a1:17:39:16:e0:0a:25:6c:09:20:db:e5:2a:
                    81:aa:22:6b:8d:0e:9a:ad:8d:a3:67:0e:c8:ad:ae:
                    ee:eb:59:0c:7f:b2:2d:2d:89:49:b3:89:07:c1:d9:
                    f2:69:cc:26:96:41:63:f7:5f:af:24:b2:cd:73:5a:
                    48:9a:56:19:28:51:ec:75:aa:0c:d6:76:26:bc:68:
                    1a:2b:f0:c5:c3:ed:d4:37:01:e4:60:d8:ef:c9:f8:
                    23:3c:86:d6:94:1b:1e:ec:2d:fd:8f:67:85:a1:02:
                    b3:78:64:26:0b:1b:ee:68:6a:a1:4e:f6:91:0a:58:
                    a5:21:3d:53:4f:5f:b2:5f:9a:31:50:57:3e:fb:ce:
                    04:3d:f5:ec:39:f2:83:95:0d:db:16:1c:74:76:be:
                    36:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AB:3B:28:30:65:56:29:75:9F:FE:54:B5:6E:30:FB:7B:E3:14:2E
            X509v3 Authority Key Identifier:
                keyid:1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:53:42:51:34:45:f0:b4:88:2e:34:f8:c5:7e:99:f8:68:d4:
         24:18:1a:ba:cb:76:1a:5a:0c:3a:77:9d:0c:55:14:8b:c4:36:
         a4:22:a0:34:fb:d2:3e:ae:35:1a:fe:06:f4:51:3d:de:67:0f:
         72:92:38:6b:58:34:15:3b:d3:77:96:d9:01:0f:24:62:2e:6e:
         9f:2f:7b:bd:4b:76:7e:29:35:44:23:95:88:df:7b:25:62:3e:
         d7:dd:90:6c:47:58:37:ef:52:32:f1:92:1a:56:ec:9e:ee:e7:
         77:5f:12:7c:42:ea:a2:f0:78:88:94:55:13:45:78:30:27:34:
         f2:23:1b:cc:48:d7:66:2c:01:2a:85:4d:d2:90:4a:2a:c3:d2:
         52:ff:ff:26:58:3b:61:b7:8c:d2:b4:d5:61:09:3b:4f:a3:12:
         80:bb:d5:ec:da:c3:94:0f:09:53:4e:61:16:14:cc:6c:03:56:
         ad:79:87:b6:f0:b2:ec:ee:e6:d1:0a:be:11:a1:9d:49:c0:62:
         52:b5:cf:f6:e9:57:79:d8:dd:8c:44:52:d6:18:3d:48:b8:e0:
         c6:37:50:ef:25:bd:00:2e:fa:b1:df:18:1d:2c:eb:02:41:1d:
         1b:66:b0:f7:3b:63:74:24:53:2e:dc:a3:87:ef:8f:b2:d0:18:
         00:f8:6a:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYhI/qZhiRHLuEMUB3ZeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOGNkNWJkYTM0NjEwYWRhZmVkMWZlZDQzYTIyMzQ1ZjA3
NjdlN2YwHhcNMjUxMTA0MTUwMDE4WhcNMjUxMTA1MTUwMDE4WjAzMTEwLwYDVQQD
EygzZWFiM2IyODMwNjU1NjI5NzU5ZmZlNTRiNTZlMzBmYjdiZTMxNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5Cxbi0/mZO5QAnkXQ6CogGl2B2g
sceG8y+hTHyMmUyow/NL6it32E8yX+NnKXT902ZCOa1IkyAMSE2Qf2Ri0LUgvbuM
PHo4Pw98geNOl+HIvZObGoidx/ES/ArBxb4DnPW9svVRQ5u2xqEXORbgCiVsCSDb
5SqBqiJrjQ6arY2jZw7Ira7u61kMf7ItLYlJs4kHwdnyacwmlkFj91+vJLLNc1pI
mlYZKFHsdaoM1nYmvGgaK/DFw+3UNwHkYNjvyfgjPIbWlBse7C39j2eFoQKzeGQm
CxvuaGqhTvaRClilIT1TT1+yX5oxUFc++84EPfXsOfKDlQ3bFhx0dr42rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6rOygwZVYpdZ/+VLVuMPt74xQuMB8GA1UdIwQY
MBaAFB+M1b2jRhCtr+0f7UOiI0Xwdn5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUt
ZWU2ZGJmYTk4ZDJlLzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUtZWU2ZGJmYTk4ZDJl
LzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclNCUTRF
8LSILjT4xX6Z+GjUJBgaust2GloMOnedDFUUi8Q2pCKgNPvSPq41Gv4G9FE93mcP
cpI4a1g0FTvTd5bZAQ8kYi5uny97vUt2fik1RCOViN97JWI+192QbEdYN+9SMvGS
Glbsnu7nd18SfELqovB4iJRVE0V4MCc08iMbzEjXZiwBKoVN0pBKKsPSUv//Jlg7
YbeM0rTVYQk7T6MSgLvV7NrDlA8JU05hFhTMbANWrXmHtvCy7O7m0Qq+EaGdScBi
UrXP9ulXedjdjERS1hg9SLjgxjdQ7yW9AC76sd8YHSzrAkEdG2aw9ztjdCRTLtyj
h++PstAYAPhqHw==
-----END CERTIFICATE-----