Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
File:                     _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json)
Hash identifier:          T/JkfHOJREU2dJtl5Td4LReSVa1l0qSkaT5tud9ypTg=
Subject key identifier:   90:37:7E:A2:E5:D6:D1:C3:FD:57:89:85:03:31:D3:2B:E6:5E:C2:F5
Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B
Certificate issuer:       /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
Certificate serial:       019A50E2F335D97ACA1D8E642E18A35A3E03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 22:00:41 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:41 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:41 +0000
Files and hashes:         1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: QcM6ezqxWTp42esFkYrz0J/5NuqQpea5Pt2Tc2xh5Hg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:f3:35:d9:7a:ca:1d:8e:64:2e:18:a3:5a:3e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b
        Validity
            Not Before: Nov  4 22:00:41 2025 GMT
            Not After : Nov  5 22:00:41 2025 GMT
        Subject: CN=90377ea2e5d6d1c3fd5789850331d32be65ec2f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:a0:96:7f:bb:9d:80:c1:b5:1d:ae:fa:2a:54:
                    e4:ae:5b:c5:d4:97:bc:eb:35:3b:64:50:7c:c9:41:
                    fa:ad:f0:82:c5:05:f9:7a:12:a5:d9:86:a7:3c:f0:
                    39:b1:23:bb:87:2c:13:0c:b7:c4:77:f9:39:c6:2d:
                    c2:73:9f:14:b8:ac:bc:19:93:95:73:4c:dd:fb:00:
                    8a:5a:1f:20:71:04:e2:42:3f:1c:37:26:da:02:11:
                    ab:9a:f5:37:4d:7d:18:d9:a4:17:58:32:6d:18:e9:
                    de:21:5a:1d:6f:8a:bf:9a:38:6a:ee:ab:f2:e4:7b:
                    f5:53:96:d8:3a:a4:e2:2a:f0:14:91:41:51:b3:d7:
                    cd:71:46:38:12:3e:88:30:c3:2a:a4:54:d5:b2:75:
                    d8:57:8d:c9:58:fd:59:66:1b:e6:a4:6c:da:ed:de:
                    31:a6:d8:a7:46:3d:7e:6b:87:5d:65:f5:56:28:be:
                    c5:ae:e6:1e:29:85:ef:a6:d1:4a:df:1f:b3:39:46:
                    04:ae:07:0b:4a:40:6c:1c:88:58:d9:fb:93:c1:05:
                    58:80:c9:cb:40:8f:c1:23:65:3f:30:84:2f:0f:93:
                    9c:8d:fa:e6:c6:c2:84:cf:5f:b9:8b:5e:dc:03:0b:
                    a2:3a:a6:42:74:26:43:8d:2d:86:62:4b:5b:22:37:
                    ba:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:37:7E:A2:E5:D6:D1:C3:FD:57:89:85:03:31:D3:2B:E6:5E:C2:F5
            X509v3 Authority Key Identifier:
                keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:4c:02:7b:b5:79:43:8d:e7:b3:f3:75:ac:51:14:d0:e3:33:
         b7:21:ec:6c:15:4a:d7:ef:a5:4b:8c:74:10:7b:fc:7d:c3:87:
         f7:ad:b2:e0:69:80:29:ce:f5:bb:8c:23:cd:fc:6a:de:4b:0f:
         18:d4:24:d9:bb:7a:15:de:8d:ea:a3:7a:4a:7c:0e:9c:21:b7:
         6a:bf:da:a8:b6:39:2f:56:24:30:7d:5a:33:a9:96:a2:5a:f9:
         05:60:12:a4:d8:75:16:69:6a:7d:27:77:eb:5c:89:7d:40:17:
         3d:0f:85:6c:96:1f:41:39:14:49:1d:dc:91:47:b5:6b:a1:38:
         89:c8:2c:5c:0e:1e:15:a2:17:cf:75:f3:b1:1c:a5:53:13:22:
         2a:73:76:af:5c:10:5f:47:7b:f7:29:bc:bc:80:9e:5a:f9:32:
         6c:4f:95:bd:79:71:f2:14:65:e8:ad:d6:4c:e0:0f:04:b6:b8:
         ac:8a:32:3e:39:80:b7:1d:06:c2:09:0a:5e:54:ab:0a:96:ef:
         39:a9:c9:de:8d:a0:e1:b7:b2:71:8a:01:78:5f:da:19:f5:be:
         e1:26:c4:6e:02:e8:6e:b7:ff:f6:ad:ed:50:11:a5:a2:a9:bd:
         2b:79:38:04:92:09:f9:5d:e8:dd:fc:1b:13:40:7c:85:0f:28:
         40:54:b8:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4vM12XrKHY5kLhijWj4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx
ZGFmNmIwHhcNMjUxMTA0MjIwMDQxWhcNMjUxMTA1MjIwMDQxWjAzMTEwLwYDVQQD
Eyg5MDM3N2VhMmU1ZDZkMWMzZmQ1Nzg5ODUwMzMxZDMyYmU2NWVjMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qCWf7udgMG1Ha76KlTkrlvF1Je8
6zU7ZFB8yUH6rfCCxQX5ehKl2YanPPA5sSO7hywTDLfEd/k5xi3Cc58UuKy8GZOV
c0zd+wCKWh8gcQTiQj8cNybaAhGrmvU3TX0Y2aQXWDJtGOneIVodb4q/mjhq7qvy
5Hv1U5bYOqTiKvAUkUFRs9fNcUY4Ej6IMMMqpFTVsnXYV43JWP1ZZhvmpGza7d4x
ptinRj1+a4ddZfVWKL7FruYeKYXvptFK3x+zOUYErgcLSkBsHIhY2fuTwQVYgMnL
QI/BI2U/MIQvD5OcjfrmxsKEz1+5i17cAwuiOqZCdCZDjS2GYktbIje6tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJA3fqLl1tHD/VeJhQMx0yvmXsL1MB8GA1UdIwQY
MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt
ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4
LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0wCe7V5
Q43ns/N1rFEU0OMztyHsbBVK1++lS4x0EHv8fcOH962y4GmAKc71u4wjzfxq3ksP
GNQk2bt6Fd6N6qN6SnwOnCG3ar/aqLY5L1YkMH1aM6mWolr5BWASpNh1FmlqfSd3
61yJfUAXPQ+FbJYfQTkUSR3ckUe1a6E4icgsXA4eFaIXz3XzsRylUxMiKnN2r1wQ
X0d79ym8vICeWvkybE+VvXlx8hRl6K3WTOAPBLa4rIoyPjmAtx0GwgkKXlSrCpbv
OanJ3o2g4beycYoBeF/aGfW+4SbEbgLobrf/9q3tUBGloqm9K3k4BJIJ+V3o3fwb
E0B8hQ8oQFS4aQ==
-----END CERTIFICATE-----