Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
File:                     HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json)
Hash identifier:          +ErAnz3t4MPPO8Hv70+L3AR3JFdHOtsbGqPr8vAm0QM=
Subject key identifier:   FD:F1:30:A3:1D:66:54:51:13:2B:1B:35:4F:48:DE:72:5A:DE:14:83
Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71
Certificate issuer:       /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
Certificate serial:       019A4EF4559EA5995F30DD38B0441B8CC6F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
Manifest number:          0541
Signing time:             Tue 04 Nov 2025 13:00:26 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:26 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:26 +0000
Files and hashes:         1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: Wq285QXwtK0x5BHWC66Z7ANRJJxKSWxEz1ViQZUt86w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:55:9e:a5:99:5f:30:dd:38:b0:44:1b:8c:c6:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871
        Validity
            Not Before: Nov  4 13:00:26 2025 GMT
            Not After : Nov  5 13:00:26 2025 GMT
        Subject: CN=fdf130a31d665451132b1b354f48de725ade1483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f7:cd:56:f2:3d:29:7b:3a:3a:02:4b:d9:7f:
                    39:32:d3:75:2c:3c:75:91:ca:a2:c3:b2:e4:fc:bb:
                    82:d2:f0:bd:e9:f4:cf:58:14:9a:2c:15:29:d6:1f:
                    50:fa:7d:ce:3e:96:2e:a5:86:4a:81:4a:0c:3a:87:
                    fe:ee:83:12:32:6f:74:14:58:15:a6:1c:e1:5b:c1:
                    9d:ad:b5:31:dc:09:35:ca:35:12:8b:4a:9b:21:67:
                    9d:83:7b:03:17:92:3e:a5:da:2d:b9:02:58:e3:d0:
                    54:75:2f:3e:5e:7f:cd:c4:ab:f7:33:2e:ba:d6:49:
                    68:fe:f2:f4:d2:1f:52:ca:19:63:03:4e:59:1c:da:
                    d9:c5:7b:e8:0a:61:86:20:bd:69:10:25:7d:96:51:
                    af:ce:bf:e8:35:0b:67:88:3e:b0:19:4f:e3:49:17:
                    43:3b:70:72:3f:9d:5a:a4:3c:1c:8b:4f:67:5f:61:
                    f2:64:e2:33:08:f9:61:b5:90:04:bc:ae:80:0b:ee:
                    28:b3:d8:48:81:9b:76:5a:94:a3:dc:28:20:56:27:
                    f9:ad:59:eb:9c:6d:c5:19:de:b5:87:51:b1:e4:62:
                    71:bd:36:4d:b0:2f:94:12:50:28:10:38:24:4a:0c:
                    8f:0b:e0:75:3f:4a:40:68:b9:b4:22:3d:a6:6a:4a:
                    25:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:F1:30:A3:1D:66:54:51:13:2B:1B:35:4F:48:DE:72:5A:DE:14:83
            X509v3 Authority Key Identifier:
                keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:13:5d:72:ba:f7:63:cb:86:18:15:ce:3a:29:18:9b:ee:12:
         5b:85:14:68:fd:e0:f4:c2:67:f9:b3:e3:60:d3:45:cc:42:87:
         0f:f0:16:79:5e:2a:7e:11:4f:a5:46:b4:62:b9:b8:72:20:95:
         27:28:c8:d0:ae:1d:2c:5c:61:1d:80:6d:2b:f7:4a:4d:a6:a9:
         a1:53:e4:3f:4b:5e:b0:fb:7b:a9:1a:87:be:c5:37:da:a7:ba:
         3d:af:dc:85:1a:ed:8e:88:c3:1a:0c:8a:81:6f:54:24:f4:18:
         8b:f2:f4:dd:32:a1:ca:30:a0:96:20:7f:78:41:7f:c3:05:7b:
         f2:99:13:d5:40:a4:46:f9:24:ee:45:bd:77:06:ce:9f:5f:8c:
         a5:9b:26:b1:b9:e8:5b:f7:34:8e:f8:ca:69:2e:62:ce:c6:78:
         ba:11:ba:38:92:b1:87:ca:7d:20:7d:0f:5c:90:75:d7:a5:cc:
         06:a3:07:47:b4:64:df:3f:99:ac:96:ca:62:c6:30:3c:ef:a9:
         bf:b7:95:d1:e5:81:0e:c7:89:ce:df:db:39:fd:c8:a2:09:4b:
         fc:8c:65:0b:eb:9f:8a:29:c1:60:e2:c5:bd:e1:68:cd:9f:38:
         60:60:b6:f6:a3:bf:dd:e4:9d:46:9c:de:46:d3:63:28:aa:69:
         09:b8:51:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9FWepZlfMN04sEQbjMb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx
MzI4NzEwHhcNMjUxMTA0MTMwMDI2WhcNMjUxMTA1MTMwMDI2WjAzMTEwLwYDVQQD
EyhmZGYxMzBhMzFkNjY1NDUxMTMyYjFiMzU0ZjQ4ZGU3MjVhZGUxNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPfNVvI9KXs6OgJL2X85MtN1LDx1
kcqiw7Lk/LuC0vC96fTPWBSaLBUp1h9Q+n3OPpYupYZKgUoMOof+7oMSMm90FFgV
phzhW8GdrbUx3Ak1yjUSi0qbIWedg3sDF5I+pdotuQJY49BUdS8+Xn/NxKv3My66
1klo/vL00h9SyhljA05ZHNrZxXvoCmGGIL1pECV9llGvzr/oNQtniD6wGU/jSRdD
O3ByP51apDwci09nX2HyZOIzCPlhtZAEvK6AC+4os9hIgZt2WpSj3CggVif5rVnr
nG3FGd61h1Gx5GJxvTZNsC+UElAoEDgkSgyPC+B1P0pAaLm0Ij2makolvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3xMKMdZlRREysbNU9I3nJa3hSDMB8GA1UdIwQY
MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt
NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl
LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlhNdcrr3
Y8uGGBXOOikYm+4SW4UUaP3g9MJn+bPjYNNFzEKHD/AWeV4qfhFPpUa0Yrm4ciCV
JyjI0K4dLFxhHYBtK/dKTaapoVPkP0tesPt7qRqHvsU32qe6Pa/chRrtjojDGgyK
gW9UJPQYi/L03TKhyjCgliB/eEF/wwV78pkT1UCkRvkk7kW9dwbOn1+MpZsmsbno
W/c0jvjKaS5izsZ4uhG6OJKxh8p9IH0PXJB116XMBqMHR7Rk3z+ZrJbKYsYwPO+p
v7eV0eWBDseJzt/bOf3IoglL/IxlC+ufiinBYOLFveFozZ84YGC29qO/3eSdRpze
RtNjKKppCbhRgQ==
-----END CERTIFICATE-----