Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          Rtn2XzfPL2TNNrtmtYW7akmocLTZT+bfXToj2f6J1Ak=
Subject key identifier:   B3:AF:F3:C7:9F:C3:4F:61:3E:91:37:47:99:99:71:D6:39:53:90:0E
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       019A518794DCC47A6735212E62FEBDEEC3B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          07F3
Signing time:             Wed 05 Nov 2025 01:00:31 +0000
Manifest this update:     Wed 05 Nov 2025 01:00:31 +0000
Manifest next update:     Thu 06 Nov 2025 01:00:31 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: GtnuR8HWFyqhJqCcwOOS6Ml1foLpLjnYr3iw6P1TbnU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:87:94:dc:c4:7a:67:35:21:2e:62:fe:bd:ee:c3:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Nov  5 01:00:31 2025 GMT
            Not After : Nov  6 01:00:31 2025 GMT
        Subject: CN=b3aff3c79fc34f613e913747999971d63953900e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:24:5f:13:cd:2e:22:ce:23:9d:5f:3f:26:20:
                    c9:a7:7b:0e:f7:e2:a4:85:74:6b:9e:e8:db:59:5e:
                    28:06:2c:c0:3c:95:dd:4d:4f:c6:07:c4:f4:1a:07:
                    23:61:53:5e:9b:c0:66:8c:8e:dc:2b:89:7a:68:61:
                    92:1e:99:32:5e:5d:25:24:dd:d8:41:0b:0a:34:61:
                    3b:26:c8:48:f0:0f:a4:62:90:b3:84:0b:72:d9:45:
                    65:cc:d4:21:06:bf:e1:c6:d1:43:03:67:3a:a9:be:
                    c2:04:b7:0f:23:e9:8a:08:9a:fb:0b:12:eb:7d:da:
                    bb:74:b7:16:78:ab:fd:eb:bd:a0:01:6f:aa:3e:e9:
                    dc:0a:32:f2:4a:80:77:45:d5:9c:16:f1:fb:90:96:
                    e3:87:7d:26:2b:21:b5:5d:29:4b:b1:49:5a:52:f2:
                    48:ac:7b:42:6d:09:ec:11:ca:9d:99:0e:d8:07:3a:
                    27:0d:dc:ff:0a:21:90:12:78:49:2a:2e:45:5e:13:
                    1b:83:91:93:32:f7:fa:9a:94:2f:6b:7c:05:b8:57:
                    ce:b5:2f:52:ca:b0:9a:36:50:12:cf:e8:b5:76:8c:
                    b9:1e:d9:fc:5b:45:70:ab:e1:a8:10:80:10:e3:05:
                    2b:3e:7f:3c:b8:27:78:25:e5:2d:b9:c0:1f:4c:eb:
                    8a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:AF:F3:C7:9F:C3:4F:61:3E:91:37:47:99:99:71:D6:39:53:90:0E
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:0f:86:a6:e9:c1:0f:15:40:43:40:47:af:72:2f:03:e9:92:
         f6:40:a3:d0:23:4f:31:b2:18:c6:fe:a5:15:64:b2:0f:c7:f4:
         2b:d0:48:12:92:1d:43:2a:87:14:c1:5e:2c:0c:bd:b3:79:6b:
         7c:3d:3a:b2:9f:80:a3:66:cb:0a:18:49:68:59:88:28:8e:e9:
         b3:6e:0b:0c:c4:74:59:e9:46:ee:59:b2:ac:37:a9:c6:08:53:
         2d:db:87:30:f7:0b:b4:5b:ac:cf:2d:57:d5:b0:79:09:bc:d4:
         16:5b:3c:01:ab:69:4e:25:76:3b:5b:7e:21:91:21:20:21:8b:
         a6:44:19:0b:c6:41:ec:24:a3:20:bb:4b:b9:d1:27:b7:2a:47:
         f2:77:5c:eb:8a:3f:8f:1e:be:21:02:75:70:a8:4b:63:a8:64:
         76:75:ae:9e:d1:c6:c2:61:09:d2:b6:1a:9a:c7:99:a7:54:c5:
         35:64:00:c0:03:19:ec:6b:2a:bd:c8:15:4e:96:b3:f3:42:91:
         a9:3b:d0:6b:bd:da:2d:49:f5:5b:92:e5:f3:14:6f:95:d5:0b:
         e1:73:c9:c3:b8:88:e3:4a:49:a3:ce:2e:7b:01:85:1e:f4:9d:
         07:b9:d6:e1:78:d2:d0:a7:74:f6:9d:3d:25:46:d1:81:f5:b4:
         1f:52:4f:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRh5TcxHpnNSEuYv697sOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjUxMTA1MDEwMDMxWhcNMjUxMTA2MDEwMDMxWjAzMTEwLwYDVQQD
EyhiM2FmZjNjNzlmYzM0ZjYxM2U5MTM3NDc5OTk5NzFkNjM5NTM5MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSRfE80uIs4jnV8/JiDJp3sO9+Kk
hXRrnujbWV4oBizAPJXdTU/GB8T0GgcjYVNem8BmjI7cK4l6aGGSHpkyXl0lJN3Y
QQsKNGE7JshI8A+kYpCzhAty2UVlzNQhBr/hxtFDA2c6qb7CBLcPI+mKCJr7CxLr
fdq7dLcWeKv9672gAW+qPuncCjLySoB3RdWcFvH7kJbjh30mKyG1XSlLsUlaUvJI
rHtCbQnsEcqdmQ7YBzonDdz/CiGQEnhJKi5FXhMbg5GTMvf6mpQva3wFuFfOtS9S
yrCaNlASz+i1doy5Htn8W0Vwq+GoEIAQ4wUrPn88uCd4JeUtucAfTOuKjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOv88efw09hPpE3R5mZcdY5U5AOMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASg+GpunB
DxVAQ0BHr3IvA+mS9kCj0CNPMbIYxv6lFWSyD8f0K9BIEpIdQyqHFMFeLAy9s3lr
fD06sp+Ao2bLChhJaFmIKI7ps24LDMR0WelG7lmyrDepxghTLduHMPcLtFuszy1X
1bB5CbzUFls8AatpTiV2O1t+IZEhICGLpkQZC8ZB7CSjILtLudEntypH8ndc64o/
jx6+IQJ1cKhLY6hkdnWuntHGwmEJ0rYamseZp1TFNWQAwAMZ7GsqvcgVTpaz80KR
qTvQa73aLUn1W5Ll8xRvldUL4XPJw7iI40pJo84uewGFHvSdB7nW4XjS0Kd09p09
JUbRgfW0H1JPDA==
-----END CERTIFICATE-----