Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          Z8Ui/sGHLiuRwHid27ewWV76CfxcvCMKfvVNE48kK7o=
Subject key identifier:   22:A6:E3:05:F0:DF:0B:0E:2F:84:AA:85:D8:F6:71:9A:C5:E2:9E:CD
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019A4F62E7771F89D172B42A8E4569EE3824
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 15:01:13 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:13 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:13 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: uMbSq34IxJbJdc9+wyiVspn6LjPx6GCo7/SjvfeN0Oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:e7:77:1f:89:d1:72:b4:2a:8e:45:69:ee:38:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Nov  4 15:01:13 2025 GMT
            Not After : Nov  5 15:01:13 2025 GMT
        Subject: CN=22a6e305f0df0b0e2f84aa85d8f6719ac5e29ecd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:65:07:ce:6e:25:ed:a0:8d:76:08:b8:21:9c:
                    df:08:db:1f:04:63:21:d0:2f:d5:40:11:20:17:ad:
                    cc:2c:8c:b7:6a:3a:c8:a5:30:b6:f2:58:cc:c4:f6:
                    05:18:0a:ac:3e:61:ff:92:39:8c:ff:c9:87:48:a3:
                    d3:6e:d8:fc:86:2c:55:cb:f3:d1:cc:3d:20:fe:0d:
                    1e:f4:20:3b:6e:ee:07:8a:ea:52:5b:da:bc:1e:24:
                    66:b0:7d:2c:e0:4a:d0:39:69:ee:6b:a0:7d:79:39:
                    dc:91:29:44:de:ca:3d:2d:da:ca:62:c5:42:a5:ad:
                    80:38:27:c5:69:47:37:dd:c1:8b:40:fd:a6:5b:29:
                    1d:64:df:40:11:70:e2:64:72:37:a6:67:44:91:fa:
                    a6:be:10:0d:3d:71:7e:a4:b8:45:05:cb:b9:f9:b3:
                    ac:62:54:71:9a:6f:35:56:ac:0e:b8:82:9c:93:3b:
                    ba:d0:c3:78:f5:92:9e:b8:8d:5f:f5:ba:40:c0:01:
                    b0:ea:9a:b9:5a:f0:a0:ea:41:78:5a:93:43:4d:aa:
                    4a:03:be:21:5b:7d:d0:69:42:fb:fc:e1:8d:a6:c2:
                    cf:56:d2:ae:fa:d6:0b:bc:9b:f9:82:55:38:32:16:
                    5b:00:85:14:f0:d2:63:6c:5c:74:c5:18:31:c5:b7:
                    e9:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:A6:E3:05:F0:DF:0B:0E:2F:84:AA:85:D8:F6:71:9A:C5:E2:9E:CD
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:ac:e5:c9:7c:d7:f0:e4:18:46:b7:39:65:f6:4a:13:10:7d:
         18:06:cc:d3:3e:04:1c:81:55:aa:b2:e8:53:f3:6c:be:4b:bd:
         a0:de:6d:00:de:0f:ea:68:13:79:19:08:96:01:67:c3:8c:4c:
         47:79:3d:7a:8b:af:dc:46:75:21:af:d0:2c:11:9f:dd:6f:10:
         4c:bb:56:6e:c2:f5:27:25:26:d4:3f:4d:8f:d1:53:7e:c0:8c:
         df:34:42:a7:c7:a3:ea:92:43:d7:2f:83:5e:d1:5b:9a:50:01:
         b3:b0:f5:8f:f3:a1:ca:e5:cd:b9:6a:a8:19:72:7d:d0:be:19:
         92:5b:6f:1c:7d:fe:8d:42:bd:44:04:c1:53:2f:f2:7a:f2:5f:
         03:c5:98:42:d1:f2:4c:30:55:d6:ea:99:ff:fe:0b:5c:cb:55:
         00:7c:5c:b7:e3:ec:43:09:50:aa:15:94:4e:65:3d:76:1e:b3:
         8a:d1:70:13:bb:26:ae:d8:24:48:80:9c:1a:20:eb:27:8a:bc:
         20:89:a3:33:6f:a1:ed:4b:66:c1:2f:86:8f:26:83:8a:42:0e:
         13:cc:54:1e:23:86:ad:7c:bc:b2:de:79:77:79:9e:7a:e7:1c:
         50:fe:42:b6:79:54:ae:0d:71:82:86:de:c4:33:fa:db:56:a8:
         5f:c4:86:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYud3H4nRcrQqjkVp7jgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUxMTA0MTUwMTEzWhcNMjUxMTA1MTUwMTEzWjAzMTEwLwYDVQQD
EygyMmE2ZTMwNWYwZGYwYjBlMmY4NGFhODVkOGY2NzE5YWM1ZTI5ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2UHzm4l7aCNdgi4IZzfCNsfBGMh
0C/VQBEgF63MLIy3ajrIpTC28ljMxPYFGAqsPmH/kjmM/8mHSKPTbtj8hixVy/PR
zD0g/g0e9CA7bu4HiupSW9q8HiRmsH0s4ErQOWnua6B9eTnckSlE3so9LdrKYsVC
pa2AOCfFaUc33cGLQP2mWykdZN9AEXDiZHI3pmdEkfqmvhANPXF+pLhFBcu5+bOs
YlRxmm81VqwOuIKckzu60MN49ZKeuI1f9bpAwAGw6pq5WvCg6kF4WpNDTapKA74h
W33QaUL7/OGNpsLPVtKu+tYLvJv5glU4MhZbAIUU8NJjbFx0xRgxxbfphwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCKm4wXw3wsOL4Sqhdj2cZrF4p7NMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqzlyXzX
8OQYRrc5ZfZKExB9GAbM0z4EHIFVqrLoU/Nsvku9oN5tAN4P6mgTeRkIlgFnw4xM
R3k9eouv3EZ1Ia/QLBGf3W8QTLtWbsL1JyUm1D9Nj9FTfsCM3zRCp8ej6pJD1y+D
XtFbmlABs7D1j/OhyuXNuWqoGXJ90L4ZkltvHH3+jUK9RATBUy/yevJfA8WYQtHy
TDBV1uqZ//4LXMtVAHxct+PsQwlQqhWUTmU9dh6zitFwE7smrtgkSICcGiDrJ4q8
IImjM2+h7UtmwS+GjyaDikIOE8xUHiOGrXy8st55d3meeuccUP5CtnlUrg1xgobe
xDP621aoX8SGIg==
-----END CERTIFICATE-----