Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
File:                     H83UEOElAi3gfKWWP5L3jo-JSG4.mft (raw, json)
Hash identifier:          ZsnzGnqr8WrVrIWnvL3u8UpzKsw4TDRWBxfgbvt6djM=
Subject key identifier:   9E:7C:B9:23:EB:44:F4:DE:EF:75:FF:20:2A:14:77:E7:3A:0B:80:D7
Authority key identifier: 1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E
Certificate issuer:       /CN=1fcdd410e125022de07ca5963f92f78e8f89486e
Certificate serial:       019A4D7421C8B9E22CE7DD26E2D697CC9643
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 06:00:47 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:47 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:47 +0000
Files and hashes:         1: H83UEOElAi3gfKWWP5L3jo-JSG4.crl (hash: 1fujRKgnJ32CBvZzDNolYkHoHgEWYlzz6lWGHcWkmOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:21:c8:b9:e2:2c:e7:dd:26:e2:d6:97:cc:96:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fcdd410e125022de07ca5963f92f78e8f89486e
        Validity
            Not Before: Nov  4 06:00:47 2025 GMT
            Not After : Nov  5 06:00:47 2025 GMT
        Subject: CN=9e7cb923eb44f4deef75ff202a1477e73a0b80d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:38:77:62:39:40:c9:2e:de:dd:33:10:c5:34:
                    e2:d9:22:db:56:bc:c1:4a:c8:32:8f:9e:2d:87:f1:
                    62:21:80:75:a7:0d:12:b7:b4:03:c9:6a:99:fe:8c:
                    36:d2:e7:ac:ed:f4:86:89:9e:0d:a5:65:b4:75:cb:
                    eb:13:96:36:a6:39:52:7d:58:9a:e0:4a:ce:35:7f:
                    d2:0b:cb:fa:20:ea:11:17:62:1d:27:64:6c:19:0d:
                    06:68:4c:c6:fc:16:4d:e6:b5:f1:87:ba:ff:9e:6a:
                    7b:2c:61:04:1f:c1:19:7f:ce:31:57:d9:51:5d:b5:
                    63:50:66:0b:be:d2:bf:b8:45:27:ff:c2:a2:6d:39:
                    bb:90:7e:22:80:21:10:c3:75:cc:66:6a:d5:9e:79:
                    98:ce:40:bc:b1:d1:87:28:9e:ac:23:82:f4:e3:d8:
                    75:47:df:c9:1c:4c:f7:7d:ff:c4:e6:a7:5c:60:fd:
                    47:de:66:6f:47:ce:ed:a6:db:13:26:36:f6:db:a6:
                    2c:15:9b:fe:34:68:52:84:2d:18:fa:57:a5:5f:e8:
                    40:36:44:cf:20:ea:b9:76:60:f0:10:d3:52:f5:6e:
                    c5:da:8c:e0:cc:e5:1c:01:15:d4:94:3c:c8:64:1d:
                    e4:f1:0b:2c:7a:b5:88:c6:09:a7:9d:98:ff:4b:6a:
                    52:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:7C:B9:23:EB:44:F4:DE:EF:75:FF:20:2A:14:77:E7:3A:0B:80:D7
            X509v3 Authority Key Identifier:
                keyid:1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:89:ae:0a:75:8f:2b:08:ee:04:21:8c:88:26:a3:1e:5e:bd:
         9d:f7:91:5d:cf:d2:d0:ef:50:12:80:77:f5:39:67:cb:53:90:
         1e:9e:06:3e:c1:e5:55:26:0f:5b:90:28:d1:62:83:c8:2f:a9:
         c0:5a:b1:72:cb:b7:52:bc:9a:25:7b:88:1b:ce:e7:bf:61:87:
         06:3f:28:86:8c:53:33:fc:a2:18:fd:3a:97:aa:f2:2a:39:8d:
         74:32:fe:4b:36:c9:a8:c5:e4:22:40:06:a7:47:1e:a9:1c:be:
         89:27:35:9e:47:89:75:20:61:3f:3b:75:08:83:32:5f:fd:86:
         7e:c8:c7:0c:9b:74:87:26:27:57:49:54:c8:e8:6f:ec:66:a5:
         42:5f:24:74:41:68:e7:05:83:cd:f2:fc:ac:1a:88:83:83:35:
         a8:ee:7a:fe:94:8d:58:40:44:01:22:32:7b:06:25:e4:06:52:
         91:ae:30:0a:73:7e:5f:e7:1f:9e:25:3a:06:28:16:36:6a:a4:
         85:07:35:f4:86:c2:96:a9:00:04:0a:b6:01:27:4e:d9:be:f6:
         ca:ae:45:76:46:aa:17:c5:a0:7b:a2:61:eb:d3:57:51:8c:f9:
         f2:1a:be:80:99:51:f7:1d:a6:1a:d8:85:b5:1f:25:b0:00:50:
         de:fe:b3:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdCHIueIs590m4taXzJZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmY2RkNDEwZTEyNTAyMmRlMDdjYTU5NjNmOTJmNzhlOGY4
OTQ4NmUwHhcNMjUxMTA0MDYwMDQ3WhcNMjUxMTA1MDYwMDQ3WjAzMTEwLwYDVQQD
Eyg5ZTdjYjkyM2ViNDRmNGRlZWY3NWZmMjAyYTE0NzdlNzNhMGI4MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDh3YjlAyS7e3TMQxTTi2SLbVrzB
Ssgyj54th/FiIYB1pw0St7QDyWqZ/ow20ues7fSGiZ4NpWW0dcvrE5Y2pjlSfVia
4ErONX/SC8v6IOoRF2IdJ2RsGQ0GaEzG/BZN5rXxh7r/nmp7LGEEH8EZf84xV9lR
XbVjUGYLvtK/uEUn/8KibTm7kH4igCEQw3XMZmrVnnmYzkC8sdGHKJ6sI4L049h1
R9/JHEz3ff/E5qdcYP1H3mZvR87tptsTJjb226YsFZv+NGhShC0Y+lelX+hANkTP
IOq5dmDwENNS9W7F2ozgzOUcARXUlDzIZB3k8QsserWIxgmnnZj/S2pSUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ58uSPrRPTe73X/ICoUd+c6C4DXMB8GA1UdIwQY
MBaAFB/N1BDhJQIt4Hyllj+S946PiUhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUt
YWI2OWRhOGYzN2VjLzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUtYWI2OWRhOGYzN2Vj
LzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABYmuCnWP
KwjuBCGMiCajHl69nfeRXc/S0O9QEoB39Tlny1OQHp4GPsHlVSYPW5Ao0WKDyC+p
wFqxcsu3UryaJXuIG87nv2GHBj8ohoxTM/yiGP06l6ryKjmNdDL+SzbJqMXkIkAG
p0ceqRy+iSc1nkeJdSBhPzt1CIMyX/2GfsjHDJt0hyYnV0lUyOhv7GalQl8kdEFo
5wWDzfL8rBqIg4M1qO56/pSNWEBEASIyewYl5AZSka4wCnN+X+cfniU6BigWNmqk
hQc19IbClqkABAq2ASdO2b72yq5FdkaqF8Wge6Jh69NXUYz58hq+gJlR9x2mGtiF
tR8lsABQ3v6z8w==
-----END CERTIFICATE-----