Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
File:                     hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json)
Hash identifier:          wn8Wy3/2Xlk6jaZcVbybn8xXuZB9SlO29VN/Yb6SGqg=
Subject key identifier:   FE:5F:08:0B:79:D7:08:2B:02:7B:C0:53:67:6C:B2:72:06:8D:12:49
Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C
Certificate issuer:       /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
Certificate serial:       019A4EF501DE63F964034BA8ED82AF665231
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
Manifest number:          09F2
Signing time:             Tue 04 Nov 2025 13:01:10 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:10 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:10 +0000
Files and hashes:         1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: ladilGPEqpAnj52powp9oo4NuaVQi/Ie/l7gaxTpAAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:01:de:63:f9:64:03:4b:a8:ed:82:af:66:52:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c
        Validity
            Not Before: Nov  4 13:01:10 2025 GMT
            Not After : Nov  5 13:01:10 2025 GMT
        Subject: CN=fe5f080b79d7082b027bc053676cb272068d1249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:5c:fe:55:ec:25:b0:0d:2e:8d:98:7a:7c:d9:
                    4a:bf:b8:c9:22:c0:2b:be:80:0f:4e:71:92:d6:bb:
                    60:f2:e6:f7:d6:ba:c2:1a:47:b6:bb:23:b5:84:03:
                    1f:06:be:86:f1:73:2c:c3:d7:65:c1:18:da:8c:d2:
                    5f:7e:f2:fb:0d:d2:57:26:36:8d:35:6b:33:16:46:
                    f9:e8:0b:7d:27:ea:e8:62:3f:20:04:fa:f8:fb:1a:
                    03:d5:cf:2d:e4:06:cb:19:be:8d:de:b4:1b:89:0c:
                    5c:52:04:34:bd:cd:64:dc:bf:e3:e4:2f:5c:b6:c3:
                    79:5a:de:51:9a:51:8b:b6:58:3e:27:d7:9d:cf:32:
                    aa:50:d1:15:55:76:48:74:05:c6:32:c9:97:07:57:
                    e8:f8:c0:59:b5:ef:67:f7:17:4c:a2:a0:89:b6:25:
                    af:16:5f:f9:05:8e:54:7d:70:81:5a:56:96:fd:ce:
                    26:75:eb:fd:bd:9b:91:ae:fc:93:0f:64:2b:62:da:
                    0b:81:04:34:bd:cb:47:21:65:26:8f:61:5e:cc:c4:
                    47:3f:dd:46:de:e5:3e:f9:1d:b9:1f:d1:8f:bc:dc:
                    e6:2c:14:a4:99:17:c6:e5:77:dc:4c:f0:88:05:66:
                    68:bb:3c:b4:cc:b6:02:cd:84:d4:68:92:2e:18:46:
                    64:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:5F:08:0B:79:D7:08:2B:02:7B:C0:53:67:6C:B2:72:06:8D:12:49
            X509v3 Authority Key Identifier:
                keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:40:cc:37:a8:29:23:05:43:70:7f:aa:08:7b:70:15:20:29:
         eb:46:9a:8e:8f:31:51:bc:96:5d:13:63:62:ae:c9:96:b4:a5:
         7d:35:5d:2b:92:a0:2e:40:93:51:ce:56:48:8f:55:da:3a:51:
         55:61:56:82:9d:de:de:37:bc:ab:07:f3:5b:0b:e4:5f:29:f9:
         b2:41:b8:ad:a8:2d:b3:0b:70:21:0e:f9:df:83:f3:3c:60:a4:
         ba:bc:9c:c9:91:f2:6f:a7:06:7a:fb:af:d5:6c:19:ef:15:ff:
         8c:cb:9a:02:c8:2f:8d:af:5d:34:dd:21:08:29:32:df:53:70:
         2b:7e:86:f3:76:fa:75:76:90:b4:05:63:49:2b:12:f8:39:1a:
         41:fb:fd:db:96:f8:77:af:06:3f:61:47:01:f9:fc:66:3a:82:
         eb:58:74:3f:8a:43:2c:7e:cd:e0:3e:1e:8d:fd:ec:f9:24:b2:
         09:81:b3:de:d1:ad:09:ce:a5:18:df:1a:f7:f1:74:c5:14:8e:
         75:30:6c:c9:52:10:e9:00:0a:08:15:94:23:79:39:2d:c8:2b:
         ad:2f:06:ad:39:41:a7:2a:8f:29:d5:2a:7d:6a:9e:60:2b:f7:
         1a:29:21:62:cf:cd:45:ed:1a:6b:f9:f7:0d:e8:b0:9f:9c:f3:
         53:d0:b4:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9QHeY/lkA0uo7YKvZlIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx
YmQ1MGMwHhcNMjUxMTA0MTMwMTEwWhcNMjUxMTA1MTMwMTEwWjAzMTEwLwYDVQQD
EyhmZTVmMDgwYjc5ZDcwODJiMDI3YmMwNTM2NzZjYjI3MjA2OGQxMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fz+VewlsA0ujZh6fNlKv7jJIsAr
voAPTnGS1rtg8ub31rrCGke2uyO1hAMfBr6G8XMsw9dlwRjajNJffvL7DdJXJjaN
NWszFkb56At9J+roYj8gBPr4+xoD1c8t5AbLGb6N3rQbiQxcUgQ0vc1k3L/j5C9c
tsN5Wt5RmlGLtlg+J9edzzKqUNEVVXZIdAXGMsmXB1fo+MBZte9n9xdMoqCJtiWv
Fl/5BY5UfXCBWlaW/c4mdev9vZuRrvyTD2QrYtoLgQQ0vctHIWUmj2FezMRHP91G
3uU++R25H9GPvNzmLBSkmRfG5XfcTPCIBWZouzy0zLYCzYTUaJIuGEZkHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5fCAt51wgrAnvAU2dssnIGjRJJMB8GA1UdIwQY
MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt
MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi
LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUDMN6gp
IwVDcH+qCHtwFSAp60aajo8xUbyWXRNjYq7JlrSlfTVdK5KgLkCTUc5WSI9V2jpR
VWFWgp3e3je8qwfzWwvkXyn5skG4ragtswtwIQ7534PzPGCkurycyZHyb6cGevuv
1WwZ7xX/jMuaAsgvja9dNN0hCCky31NwK36G83b6dXaQtAVjSSsS+DkaQfv925b4
d68GP2FHAfn8ZjqC61h0P4pDLH7N4D4ejf3s+SSyCYGz3tGtCc6lGN8a9/F0xRSO
dTBsyVIQ6QAKCBWUI3k5LcgrrS8GrTlBpyqPKdUqfWqeYCv3GikhYs/NRe0aa/n3
Deiwn5zzU9C0jQ==
-----END CERTIFICATE-----