Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          072hefc4fVZZTzJUlfMmUvkhUqz1jUKp87mzxTOLw7M=
Subject key identifier:   7C:3F:BD:F4:AD:FE:84:F2:B1:1C:7E:8B:6F:0A:5E:B6:93:46:BF:51
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       019A4E5000F375B2CB6172059C630447E78E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 10:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:56 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: VZ1OmbdKUyaVELHTwaS5GDC7+88T/Ke2rrnr6B/C+Kg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:50:00:f3:75:b2:cb:61:72:05:9c:63:04:47:e7:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Nov  4 10:00:56 2025 GMT
            Not After : Nov  5 10:00:56 2025 GMT
        Subject: CN=7c3fbdf4adfe84f2b11c7e8b6f0a5eb69346bf51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b1:fd:28:c9:ae:01:97:af:4c:49:1b:02:bd:
                    a6:56:be:4d:ed:7c:f6:c5:47:f2:24:5e:b1:c0:7a:
                    9a:6e:a4:18:47:3f:42:63:f6:ed:3b:d6:86:24:9c:
                    3f:76:e1:67:c2:1a:37:5e:9b:7d:1a:f2:97:60:90:
                    78:b7:5a:41:22:e9:99:60:63:80:0c:fc:0e:c4:cb:
                    11:96:5d:ee:fe:af:0e:88:33:d4:87:80:95:d9:74:
                    80:e1:b2:ee:47:b8:e7:21:98:02:e2:b2:44:32:c1:
                    aa:6c:4b:9d:a2:0a:a0:49:76:3d:8b:62:6a:77:8e:
                    50:ba:56:81:b9:c7:92:0e:99:a4:c2:6c:a0:9b:42:
                    af:df:83:93:94:25:ad:20:a2:06:c1:9d:2b:d4:25:
                    7c:4f:db:49:ad:43:92:05:97:48:fa:39:8f:5f:43:
                    f4:a8:a6:61:8b:60:72:c3:ae:42:b6:b2:35:2d:61:
                    f8:3f:5f:0b:77:fe:2c:a4:5c:7f:45:2c:0b:ac:4d:
                    02:c4:84:c7:78:60:ff:ce:9c:bf:95:9f:5e:f4:f3:
                    18:09:30:68:00:6d:47:ce:54:c9:43:87:5d:11:6b:
                    f4:a0:ea:15:13:5c:ff:06:0e:78:d8:2f:0e:e9:d7:
                    24:4c:e9:99:8c:03:42:e9:35:ae:62:e2:05:cb:aa:
                    4e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3F:BD:F4:AD:FE:84:F2:B1:1C:7E:8B:6F:0A:5E:B6:93:46:BF:51
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:43:1d:20:2d:72:5a:3d:45:e2:8e:a9:4c:0e:99:cd:ca:9b:
         f0:73:ed:7f:f7:92:03:9a:d4:74:3f:9b:bd:f7:d4:6f:64:76:
         68:ba:2d:cd:40:97:8a:8d:d3:38:4c:cb:1f:94:65:a1:c9:b8:
         a7:56:41:8c:4d:12:83:ca:33:70:57:74:c1:e1:6d:00:be:8e:
         82:7e:f3:1b:d0:dc:a1:1e:c2:d2:60:7d:ad:b3:a8:e7:08:83:
         8e:53:76:25:28:86:9f:ed:81:a1:50:1e:7a:62:73:9c:44:0c:
         ed:6e:13:ef:3e:8e:57:7c:c8:1b:00:2a:57:e7:8a:98:7a:9e:
         c2:3f:28:1a:4a:e7:b3:18:28:f7:bf:29:1e:0a:11:60:8e:24:
         d4:13:74:db:40:73:13:42:ac:fd:83:f0:48:14:06:23:e2:d3:
         4d:d5:ba:82:16:a2:ee:02:2f:ab:79:0c:6b:8e:73:26:f3:f9:
         fc:31:a4:08:32:25:4c:37:8a:24:c9:ea:79:5d:aa:ae:77:50:
         eb:50:54:a8:9c:43:0a:2c:ab:99:a0:75:5c:d7:3e:6d:35:1b:
         15:7e:3e:5c:49:41:cf:7a:21:5f:ec:16:b7:02:c2:69:ff:91:
         3d:df:ea:90:fc:0a:88:d6:81:8e:47:b8:11:29:3d:53:73:9d:
         c1:9d:3f:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOUADzdbLLYXIFnGMER+eOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUxMTA0MTAwMDU2WhcNMjUxMTA1MTAwMDU2WjAzMTEwLwYDVQQD
Eyg3YzNmYmRmNGFkZmU4NGYyYjExYzdlOGI2ZjBhNWViNjkzNDZiZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7H9KMmuAZevTEkbAr2mVr5N7Xz2
xUfyJF6xwHqabqQYRz9CY/btO9aGJJw/duFnwho3Xpt9GvKXYJB4t1pBIumZYGOA
DPwOxMsRll3u/q8OiDPUh4CV2XSA4bLuR7jnIZgC4rJEMsGqbEudogqgSXY9i2Jq
d45QulaBuceSDpmkwmygm0Kv34OTlCWtIKIGwZ0r1CV8T9tJrUOSBZdI+jmPX0P0
qKZhi2Byw65CtrI1LWH4P18Ld/4spFx/RSwLrE0CxITHeGD/zpy/lZ9e9PMYCTBo
AG1HzlTJQ4ddEWv0oOoVE1z/Bg542C8O6dckTOmZjANC6TWuYuIFy6pOgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHw/vfSt/oTysRx+i28KXraTRr9RMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0MdIC1y
Wj1F4o6pTA6Zzcqb8HPtf/eSA5rUdD+bvffUb2R2aLotzUCXio3TOEzLH5Rlocm4
p1ZBjE0Sg8ozcFd0weFtAL6Ogn7zG9DcoR7C0mB9rbOo5wiDjlN2JSiGn+2BoVAe
emJznEQM7W4T7z6OV3zIGwAqV+eKmHqewj8oGkrnsxgo978pHgoRYI4k1BN020Bz
E0Ks/YPwSBQGI+LTTdW6ghai7gIvq3kMa45zJvP5/DGkCDIlTDeKJMnqeV2qrndQ
61BUqJxDCiyrmaB1XNc+bTUbFX4+XElBz3ohX+wWtwLCaf+RPd/qkPwKiNaBjke4
ESk9U3OdwZ0/hA==
-----END CERTIFICATE-----