Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File:                     HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier:          IOZPUmRV/8KGzzKbOp4y/w7VnlmM6UUDIJEvocEkOwE=
Subject key identifier:   05:BB:EF:5B:B5:A5:56:47:20:A6:B1:AB:95:44:C8:72:25:A8:8E:F2
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer:       /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial:       019A4F62351B6FB9C962099649CF947F9657
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number:          1324
Signing time:             Tue 04 Nov 2025 15:00:27 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:27 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:27 +0000
Files and hashes:         1: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: /mdYA2JVWOSsn+mHoQ1naB3h+0VQ0TU+cp2Q5jik/58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:35:1b:6f:b9:c9:62:09:96:49:cf:94:7f:96:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
        Validity
            Not Before: Nov  4 15:00:27 2025 GMT
            Not After : Nov  5 15:00:27 2025 GMT
        Subject: CN=05bbef5bb5a5564720a6b1ab9544c87225a88ef2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:34:99:a6:d8:88:a0:1c:40:94:49:98:d3:59:
                    da:0e:4b:52:aa:5a:56:a1:b4:2b:42:25:e9:33:10:
                    ca:b5:4e:a7:3b:0a:1e:2c:b6:6d:74:a1:95:7a:10:
                    75:17:ab:e0:f8:8a:7e:9e:2e:8e:f0:78:6b:d6:1c:
                    81:d1:2d:ea:30:b7:6a:2b:6f:6a:9b:2a:4e:7c:c8:
                    85:70:51:bb:d2:9b:d0:69:ad:e7:69:73:56:c5:83:
                    e1:54:6c:bd:40:29:72:76:7a:a3:53:d3:e1:dd:64:
                    36:40:82:32:27:a1:77:69:49:86:d6:43:88:c3:13:
                    4d:fb:6d:0a:23:e4:91:6f:60:f8:cb:75:2f:64:3e:
                    ea:d2:2a:2d:ea:55:e0:77:6e:ef:9c:25:ba:a9:de:
                    25:2b:ec:8e:84:14:d8:df:fd:22:b9:16:e5:74:c7:
                    47:d1:0f:d8:cf:88:8a:06:b1:86:1c:e4:ab:d0:f2:
                    0a:e8:e6:9c:75:69:85:3c:e6:30:7c:85:64:17:20:
                    1b:25:20:0a:8b:5b:80:78:90:f6:b8:59:4a:fb:60:
                    d7:fa:62:f7:07:aa:dc:4c:31:46:12:6a:70:90:e4:
                    03:88:c8:04:30:27:8e:94:16:8f:b8:32:9b:4b:28:
                    96:e2:cd:da:d8:29:55:f6:96:64:4d:32:ee:77:c1:
                    a5:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:BB:EF:5B:B5:A5:56:47:20:A6:B1:AB:95:44:C8:72:25:A8:8E:F2
            X509v3 Authority Key Identifier:
                keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:82:94:5a:e1:a1:c2:ac:02:d0:c7:2f:00:d3:e6:06:c3:fc:
         d6:1a:b0:b5:30:2c:14:46:6a:5e:eb:fd:bf:1a:13:e9:6d:92:
         fd:3d:e1:6e:db:df:e8:1c:63:56:16:32:77:ac:ac:47:3f:f8:
         53:b1:1b:4a:86:b0:ee:dc:3c:59:ac:03:92:fa:77:e9:bb:1e:
         db:ed:63:2d:4e:00:19:a0:61:96:9f:ae:bd:d3:77:57:db:05:
         73:a8:73:7b:d1:78:95:82:bc:22:13:e3:bb:6e:d0:bb:46:e2:
         72:f3:63:f5:15:bd:1f:84:c0:64:59:1e:c4:95:b6:93:09:3a:
         ea:cd:60:a6:a9:8e:68:aa:8a:40:06:c5:b6:1a:40:51:80:d6:
         c4:a6:ec:b1:5a:54:b3:c9:cf:ff:a8:07:57:bd:ec:4e:15:a3:
         e8:85:24:09:6b:85:47:58:39:e6:f7:0c:47:40:dc:ed:c0:0c:
         6a:c8:b0:37:84:c9:30:d9:69:3a:7b:e4:a5:fa:53:52:aa:87:
         da:4d:32:5b:24:76:fa:af:12:bf:f8:76:79:a8:30:23:cc:c3:
         b0:97:d5:64:98:fd:2c:4b:7c:e5:85:62:c8:3d:f5:9c:13:76:
         23:20:a7:ce:f2:34:dd:91:4d:86:9f:30:ac:0a:26:ba:43:e7:
         cd:0e:64:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYjUbb7nJYgmWSc+Uf5ZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjUxMTA0MTUwMDI3WhcNMjUxMTA1MTUwMDI3WjAzMTEwLwYDVQQD
EygwNWJiZWY1YmI1YTU1NjQ3MjBhNmIxYWI5NTQ0Yzg3MjI1YTg4ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzSZptiIoBxAlEmY01naDktSqlpW
obQrQiXpMxDKtU6nOwoeLLZtdKGVehB1F6vg+Ip+ni6O8Hhr1hyB0S3qMLdqK29q
mypOfMiFcFG70pvQaa3naXNWxYPhVGy9QClydnqjU9Ph3WQ2QIIyJ6F3aUmG1kOI
wxNN+20KI+SRb2D4y3UvZD7q0iot6lXgd27vnCW6qd4lK+yOhBTY3/0iuRbldMdH
0Q/Yz4iKBrGGHOSr0PIK6OacdWmFPOYwfIVkFyAbJSAKi1uAeJD2uFlK+2DX+mL3
B6rcTDFGEmpwkOQDiMgEMCeOlBaPuDKbSyiW4s3a2ClV9pZkTTLud8GlhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAW771u1pVZHIKaxq5VEyHIlqI7yMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMoKUWuGh
wqwC0McvANPmBsP81hqwtTAsFEZqXuv9vxoT6W2S/T3hbtvf6BxjVhYyd6ysRz/4
U7EbSoaw7tw8WawDkvp36bse2+1jLU4AGaBhlp+uvdN3V9sFc6hze9F4lYK8IhPj
u27Qu0bicvNj9RW9H4TAZFkexJW2kwk66s1gpqmOaKqKQAbFthpAUYDWxKbssVpU
s8nP/6gHV73sThWj6IUkCWuFR1g55vcMR0Dc7cAMasiwN4TJMNlpOnvkpfpTUqqH
2k0yWyR2+q8Sv/h2eagwI8zDsJfVZJj9LEt85YViyD31nBN2IyCnzvI03ZFNhp8w
rAomukPnzQ5kDg==
-----END CERTIFICATE-----