Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          tfj6lLH4LNkqRJajRjS8CAgBe1UJ6C7/4HARXORpRhw=
Subject key identifier:   14:73:3D:F3:75:AC:63:E2:52:E6:03:99:35:61:0A:7E:02:29:1D:B5
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019A4D738638C6C6EC06701E5CFCD3C53C30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          06DD
Signing time:             Tue 04 Nov 2025 06:00:07 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:07 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:07 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: YOW+SNqObwE337ilUxhS3rilIIGNddrT8lJQeE+voAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:73:86:38:c6:c6:ec:06:70:1e:5c:fc:d3:c5:3c:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Nov  4 06:00:07 2025 GMT
            Not After : Nov  5 06:00:07 2025 GMT
        Subject: CN=14733df375ac63e252e6039935610a7e02291db5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d7:4b:ab:41:88:cf:d7:25:36:63:75:f4:67:
                    c0:d1:04:e4:ac:5b:4b:de:2e:3e:26:90:a2:a6:e3:
                    68:a4:d3:6f:69:7d:25:1a:55:86:dd:24:8e:44:71:
                    72:c3:cc:a4:8a:6c:32:8f:42:41:e1:12:00:10:3b:
                    24:63:c0:9b:30:6b:47:33:e2:94:d1:20:21:a4:b6:
                    40:f7:f3:f6:5f:7c:98:e3:0e:e6:39:e3:a6:64:8b:
                    b9:e5:87:e9:62:92:8f:14:d4:e5:f2:cb:6d:d0:2e:
                    3b:ca:4b:95:70:a1:fb:2e:49:4e:b8:b0:26:fc:8f:
                    7d:0d:7a:2e:9f:55:af:e4:8c:7f:2f:ab:99:99:13:
                    7c:e5:be:01:80:81:6a:6a:f3:4b:f1:1b:f5:71:65:
                    2e:9c:86:4d:2b:65:cd:1e:e9:89:a3:36:93:c3:a7:
                    d6:5f:c2:ca:fe:77:40:b6:7d:b9:c7:77:6c:f4:c9:
                    5b:1b:09:a8:40:ea:e0:c0:4d:d9:d2:df:36:b1:0b:
                    6a:67:e9:b6:dd:bf:52:42:21:d1:65:0a:3a:b6:c1:
                    f6:a4:7f:cc:b3:ec:94:d5:e5:85:08:95:5f:b4:26:
                    97:09:38:6d:93:80:2a:8c:cc:fb:83:4b:ff:f5:62:
                    39:80:d7:b5:92:be:d6:5f:c8:6c:7e:b7:b3:1d:c8:
                    40:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:73:3D:F3:75:AC:63:E2:52:E6:03:99:35:61:0A:7E:02:29:1D:B5
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:a1:e0:d9:09:6c:18:4f:cc:25:51:c0:71:5e:fc:ed:30:e6:
         4a:9e:1e:d1:1a:2d:a1:d0:1c:42:ee:90:87:06:8a:e3:1f:6f:
         1b:98:a2:93:0c:5d:5c:3b:ad:b5:a3:a6:a3:f3:6f:3d:83:b4:
         cd:17:0e:38:0a:64:e4:d2:f6:64:ed:0f:15:58:3e:ef:34:c9:
         c5:37:d2:aa:32:62:49:38:05:d8:c0:da:de:62:02:a4:bb:f8:
         50:3d:5f:d7:16:ee:de:62:74:39:54:0a:c6:5d:a1:30:21:77:
         7c:09:c0:ed:99:8f:d6:0c:f6:84:88:f1:c7:f4:92:ef:49:26:
         33:92:85:57:d6:a9:46:75:79:11:0e:f7:03:e8:9b:94:3a:8c:
         6b:f6:02:81:09:35:c0:63:22:ae:2f:7a:3b:fe:a6:36:48:3b:
         0b:21:0e:80:10:f4:bc:fc:02:21:94:df:63:54:6a:eb:73:ca:
         71:59:6f:ac:6d:c4:d0:86:dd:eb:9b:2b:54:19:50:b1:0d:0d:
         37:12:44:ad:f0:62:46:39:8d:9e:af:ac:87:45:40:50:af:ff:
         ba:32:ed:7a:91:c9:5d:65:c0:29:f2:a3:1f:2b:c4:37:78:78:
         b3:20:e2:5c:27:d3:4f:0c:54:52:17:d2:ab:c3:a0:7c:e6:8c:
         8a:7f:5a:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc4Y4xsbsBnAeXPzTxTwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUxMTA0MDYwMDA3WhcNMjUxMTA1MDYwMDA3WjAzMTEwLwYDVQQD
EygxNDczM2RmMzc1YWM2M2UyNTJlNjAzOTkzNTYxMGE3ZTAyMjkxZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsddLq0GIz9clNmN19GfA0QTkrFtL
3i4+JpCipuNopNNvaX0lGlWG3SSORHFyw8ykimwyj0JB4RIAEDskY8CbMGtHM+KU
0SAhpLZA9/P2X3yY4w7mOeOmZIu55YfpYpKPFNTl8stt0C47ykuVcKH7LklOuLAm
/I99DXoun1Wv5Ix/L6uZmRN85b4BgIFqavNL8Rv1cWUunIZNK2XNHumJozaTw6fW
X8LK/ndAtn25x3ds9MlbGwmoQOrgwE3Z0t82sQtqZ+m23b9SQiHRZQo6tsH2pH/M
s+yU1eWFCJVftCaXCThtk4AqjMz7g0v/9WI5gNe1kr7WX8hsfrezHchA4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRzPfN1rGPiUuYDmTVhCn4CKR21MB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMaHg2Qls
GE/MJVHAcV787TDmSp4e0RotodAcQu6QhwaK4x9vG5iikwxdXDuttaOmo/NvPYO0
zRcOOApk5NL2ZO0PFVg+7zTJxTfSqjJiSTgF2MDa3mICpLv4UD1f1xbu3mJ0OVQK
xl2hMCF3fAnA7ZmP1gz2hIjxx/SS70kmM5KFV9apRnV5EQ73A+iblDqMa/YCgQk1
wGMiri96O/6mNkg7CyEOgBD0vPwCIZTfY1Rq63PKcVlvrG3E0Ibd65srVBlQsQ0N
NxJErfBiRjmNnq+sh0VAUK//ujLtepHJXWXAKfKjHyvEN3h4syDiXCfTTwxUUhfS
q8OgfOaMin9a/A==
-----END CERTIFICATE-----