Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File:                     hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier:          HieMrEEXE72eBGZxtVDX1iPNhtsE5wS5Bsmz1Sr3Q+s=
Subject key identifier:   BB:B2:12:3D:0A:B6:B8:98:B7:E0:97:47:43:9E:9D:4C:53:AA:EA:CD
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer:       /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial:       019A4DE16510AA7ED0A116D03E5CBBE99A5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number:          0518
Signing time:             Tue 04 Nov 2025 08:00:08 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:08 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:08 +0000
Files and hashes:         1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: xE60kpVW69HVfTIpW6nAqZH+deh8mYXmRKgY0nGga04=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:65:10:aa:7e:d0:a1:16:d0:3e:5c:bb:e9:9a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
        Validity
            Not Before: Nov  4 08:00:08 2025 GMT
            Not After : Nov  5 08:00:08 2025 GMT
        Subject: CN=bbb2123d0ab6b898b7e09747439e9d4c53aaeacd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:76:5f:be:b7:60:66:bb:a2:e4:bf:81:fb:39:
                    17:c2:f2:45:77:ce:ea:78:36:4a:07:92:0c:1c:0e:
                    9d:85:bf:02:39:37:47:6b:4d:8f:62:5c:b4:b2:5a:
                    76:3e:5b:ce:1a:c7:d2:1a:9a:c5:a5:d2:f4:40:89:
                    9c:72:f3:92:8d:38:ec:27:8b:30:5a:81:d0:e1:a2:
                    2e:40:24:63:57:88:41:0b:d5:30:3f:d4:6e:75:8c:
                    61:25:b2:2a:f0:dd:0d:e5:62:c4:cb:ad:93:f9:d9:
                    ec:a0:47:c4:74:a9:22:df:45:61:ab:59:68:58:53:
                    58:de:f8:2c:25:31:91:de:fd:0a:d2:aa:eb:4b:06:
                    03:25:5f:a4:1e:de:41:6f:ef:5e:a1:26:3e:8a:43:
                    26:9b:e8:d3:a3:5c:60:a9:25:90:05:b1:39:0f:dc:
                    c7:f9:23:0e:52:01:c5:ec:8d:ce:f8:c2:2d:d8:82:
                    90:67:b2:69:13:21:f3:00:8a:65:c4:51:2d:16:a7:
                    da:2b:5a:ea:6b:32:ee:d8:2c:8a:94:d9:75:ea:1e:
                    52:d7:ce:52:f8:1d:46:84:a0:36:a2:81:b8:d3:01:
                    ce:3b:a4:97:59:02:e6:44:a7:0c:cf:a0:d1:4d:98:
                    13:41:bf:f2:45:69:8f:29:8d:06:fa:fd:d0:df:11:
                    eb:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B2:12:3D:0A:B6:B8:98:B7:E0:97:47:43:9E:9D:4C:53:AA:EA:CD
            X509v3 Authority Key Identifier:
                keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:01:40:4b:41:cf:46:2e:41:23:8b:34:2c:74:a0:60:fe:34:
         87:4a:a5:56:f3:df:da:07:ab:27:6e:6c:70:97:24:2b:fa:54:
         9b:94:60:9a:4c:ee:4a:05:54:32:f1:ab:a8:13:21:ae:6e:29:
         25:18:d0:04:44:71:8d:d3:f1:9c:5e:3f:31:b9:76:72:0e:cd:
         9d:7c:65:d3:11:2f:46:1f:d6:ce:43:83:f4:ef:1a:56:57:23:
         21:a3:e4:11:cb:02:34:52:7b:95:8c:2f:56:3a:8f:4d:01:59:
         29:95:4c:74:ab:eb:21:da:2d:bc:a2:d4:fd:e3:d5:54:d9:75:
         d5:ad:40:6e:e7:10:45:22:e9:1a:be:50:1c:77:aa:a3:83:5a:
         44:85:eb:91:96:f4:bb:dc:29:48:c6:43:e0:db:50:75:05:55:
         0c:e9:49:c9:4f:c3:81:91:b3:32:e7:4e:f8:41:48:65:26:91:
         31:ef:eb:fb:ca:bc:6b:f3:4f:9f:c5:2e:21:a7:98:7d:69:65:
         ca:48:f8:d9:fc:37:3d:78:0e:d6:da:6d:1a:04:94:0c:51:b4:
         57:e2:ce:9d:31:ed:f6:f0:63:ca:3f:88:79:a4:6a:77:11:81:
         d7:8f:a1:cc:75:2c:38:0a:1b:d6:a7:38:f7:cd:03:7d:7f:53:
         21:9f:4a:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4WUQqn7QoRbQPly76ZpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjUxMTA0MDgwMDA4WhcNMjUxMTA1MDgwMDA4WjAzMTEwLwYDVQQD
EyhiYmIyMTIzZDBhYjZiODk4YjdlMDk3NDc0MzllOWQ0YzUzYWFlYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHZfvrdgZrui5L+B+zkXwvJFd87q
eDZKB5IMHA6dhb8COTdHa02PYly0slp2PlvOGsfSGprFpdL0QImccvOSjTjsJ4sw
WoHQ4aIuQCRjV4hBC9UwP9RudYxhJbIq8N0N5WLEy62T+dnsoEfEdKki30Vhq1lo
WFNY3vgsJTGR3v0K0qrrSwYDJV+kHt5Bb+9eoSY+ikMmm+jTo1xgqSWQBbE5D9zH
+SMOUgHF7I3O+MIt2IKQZ7JpEyHzAIplxFEtFqfaK1rqazLu2CyKlNl16h5S185S
+B1GhKA2ooG40wHOO6SXWQLmRKcMz6DRTZgTQb/yRWmPKY0G+v3Q3xHrGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuyEj0KtriYt+CXR0OenUxTqurNMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwFAS0HP
Ri5BI4s0LHSgYP40h0qlVvPf2gerJ25scJckK/pUm5RgmkzuSgVUMvGrqBMhrm4p
JRjQBERxjdPxnF4/Mbl2cg7NnXxl0xEvRh/WzkOD9O8aVlcjIaPkEcsCNFJ7lYwv
VjqPTQFZKZVMdKvrIdotvKLU/ePVVNl11a1AbucQRSLpGr5QHHeqo4NaRIXrkZb0
u9wpSMZD4NtQdQVVDOlJyU/DgZGzMudO+EFIZSaRMe/r+8q8a/NPn8UuIaeYfWll
ykj42fw3PXgO1tptGgSUDFG0V+LOnTHt9vBjyj+IeaRqdxGB14+hzHUsOAob1qc4
980DfX9TIZ9KlA==
-----END CERTIFICATE-----