Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          gdQOXRHJh/iSbXrFcP4zx5iQYA7SC87fmrjhEADgxDM=
Subject key identifier:   EB:E0:DB:1A:41:55:58:D3:54:F0:6B:EE:2F:3E:2C:2B:65:7F:D4:5D
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       019A5150F2EC79B0ABB9780D5432EFF4C1BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          170B
Signing time:             Wed 05 Nov 2025 00:00:50 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:50 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:50 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: YKtekkZm/fyRa7xVA/LLu1MWvWBZG6SmpKWXWvJFa4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:f2:ec:79:b0:ab:b9:78:0d:54:32:ef:f4:c1:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Nov  5 00:00:50 2025 GMT
            Not After : Nov  6 00:00:50 2025 GMT
        Subject: CN=ebe0db1a415558d354f06bee2f3e2c2b657fd45d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:94:6d:f1:63:fe:a2:6c:63:40:bc:ef:cb:c8:
                    96:45:5a:8f:47:fe:1e:d3:59:23:72:0f:08:c1:5b:
                    48:c4:44:0b:2c:c2:13:4f:be:e4:f4:8c:19:3a:f9:
                    e5:00:b5:8f:91:e1:1e:77:d6:52:c0:1d:66:34:40:
                    1b:10:08:95:e4:33:32:3f:76:14:43:84:86:92:c3:
                    71:7f:c8:44:a5:fb:cd:27:c3:2b:f7:fd:16:fb:14:
                    a6:53:f6:ba:c7:3f:62:44:46:8c:9f:0c:b2:3b:23:
                    6b:db:91:f5:c1:50:7a:94:e8:47:a8:1c:bc:3c:9d:
                    1f:c4:a6:be:1a:b6:06:af:5e:d2:92:de:56:29:79:
                    38:3c:21:97:83:57:fa:43:23:42:c2:a7:91:e4:dd:
                    1d:8f:b8:f0:71:50:0b:66:05:b6:78:4b:01:45:4e:
                    bc:20:32:6b:d0:17:26:bf:6f:40:ad:be:eb:7b:b1:
                    a8:2a:9d:6a:4b:46:22:9f:75:a9:c9:33:63:9f:d0:
                    e7:47:e9:ab:29:98:fc:79:35:fa:7a:83:d6:47:c1:
                    a0:11:ec:23:09:d4:fd:2f:8e:b9:22:25:39:bc:76:
                    5b:9b:87:bf:3c:52:f8:8b:a9:4a:85:79:37:95:ce:
                    8f:30:4e:46:4a:80:57:2c:bd:59:10:93:ce:0c:b1:
                    37:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:E0:DB:1A:41:55:58:D3:54:F0:6B:EE:2F:3E:2C:2B:65:7F:D4:5D
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:0c:ff:ee:e6:3b:22:31:99:86:b7:d0:28:49:eb:b9:7a:6e:
         22:1c:e6:00:b3:c8:48:ef:78:14:bf:a3:1e:da:fe:53:08:11:
         ad:fd:83:40:33:bc:84:22:9a:69:14:a0:4c:6b:77:e9:97:59:
         ad:23:77:a1:5d:07:38:f4:e4:fb:15:d1:bc:18:1a:96:4f:65:
         dc:ad:fb:09:5b:1c:1b:39:0c:9f:64:63:c7:55:c8:81:0a:d8:
         e8:28:02:32:9b:d7:ab:57:c6:57:06:0b:89:a8:7c:55:bd:20:
         a5:8a:9d:55:17:7e:a5:c2:78:b1:7a:1a:7a:a1:fb:a9:70:79:
         b7:0a:96:6b:9d:2f:2c:ec:d8:d2:81:2b:b6:b6:f5:24:8e:a7:
         ea:fc:47:02:60:d1:4f:9c:02:ae:fc:a4:8e:bd:e2:d0:ff:ca:
         97:0f:68:c5:0a:a8:47:91:f0:2c:99:05:12:a4:94:d4:38:f8:
         41:fa:01:41:0f:07:61:f7:d2:49:72:2d:59:19:27:93:ad:be:
         fd:0b:c2:4b:3d:0c:26:cf:54:e1:0e:94:32:5c:46:ef:67:ad:
         06:f0:fb:8b:41:5a:6d:79:0c:52:17:4a:52:eb:f7:95:18:55:
         2c:1f:5a:24:89:a5:14:de:d5:12:87:a6:85:12:b0:06:bd:04:
         65:06:10:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUPLsebCruXgNVDLv9MG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjUxMTA1MDAwMDUwWhcNMjUxMTA2MDAwMDUwWjAzMTEwLwYDVQQD
EyhlYmUwZGIxYTQxNTU1OGQzNTRmMDZiZWUyZjNlMmMyYjY1N2ZkNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Rt8WP+omxjQLzvy8iWRVqPR/4e
01kjcg8IwVtIxEQLLMITT77k9IwZOvnlALWPkeEed9ZSwB1mNEAbEAiV5DMyP3YU
Q4SGksNxf8hEpfvNJ8Mr9/0W+xSmU/a6xz9iREaMnwyyOyNr25H1wVB6lOhHqBy8
PJ0fxKa+GrYGr17Skt5WKXk4PCGXg1f6QyNCwqeR5N0dj7jwcVALZgW2eEsBRU68
IDJr0Bcmv29Arb7re7GoKp1qS0Yin3WpyTNjn9DnR+mrKZj8eTX6eoPWR8GgEewj
CdT9L465IiU5vHZbm4e/PFL4i6lKhXk3lc6PME5GSoBXLL1ZEJPODLE38QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvg2xpBVVjTVPBr7i8+LCtlf9RdMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsQz/7uY7
IjGZhrfQKEnruXpuIhzmALPISO94FL+jHtr+UwgRrf2DQDO8hCKaaRSgTGt36ZdZ
rSN3oV0HOPTk+xXRvBgalk9l3K37CVscGzkMn2Rjx1XIgQrY6CgCMpvXq1fGVwYL
iah8Vb0gpYqdVRd+pcJ4sXoaeqH7qXB5twqWa50vLOzY0oErtrb1JI6n6vxHAmDR
T5wCrvykjr3i0P/Klw9oxQqoR5HwLJkFEqSU1Dj4QfoBQQ8HYffSSXItWRknk62+
/QvCSz0MJs9U4Q6UMlxG72etBvD7i0FabXkMUhdKUuv3lRhVLB9aJImlFN7VEoem
hRKwBr0EZQYQKQ==
-----END CERTIFICATE-----