Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
File:                     h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json)
Hash identifier:          /OvQBSkdTxd9hbXL3GrgsEu13n5vJxa2EdVU6gJb7ys=
Subject key identifier:   0C:45:81:90:1F:32:09:A3:ED:3A:7F:AA:6C:EF:7D:FE:47:58:96:0D
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Certificate issuer:       /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial:       0199FB7CD1B85D23236CCB9FD670DBE32854
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
Manifest number:          11C4
Signing time:             Sun 19 Oct 2025 08:01:25 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:25 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:25 +0000
Files and hashes:         1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: KQsu9aumGdeK4xdPJaY3ZTf1x9sWDHDqJSMUrXU0G6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 08:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:d1:b8:5d:23:23:6c:cb:9f:d6:70:db:e3:28:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
        Validity
            Not Before: Oct 19 08:01:25 2025 GMT
            Not After : Oct 20 08:01:25 2025 GMT
        Subject: CN=0c4581901f3209a3ed3a7faa6cef7dfe4758960d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f0:d5:9f:02:b1:75:6f:3a:3f:c5:72:7d:ef:
                    99:1b:8e:49:78:f2:dc:b5:42:b8:a6:1b:4c:a9:f7:
                    6c:a1:40:dc:36:8c:55:5c:21:39:12:fd:82:ad:35:
                    c2:c9:4b:2d:c7:40:70:41:48:7e:d2:67:88:d7:3a:
                    d9:95:2d:1d:5d:50:81:43:a8:5c:8c:e6:fc:6e:41:
                    fb:7c:a1:46:fa:f1:08:7a:cc:5a:71:8c:bd:52:cf:
                    89:13:0e:4b:65:1c:39:d1:ac:44:cf:29:cf:86:46:
                    df:c9:48:48:f8:7e:8c:11:b7:d9:29:ed:ff:2b:4b:
                    f6:aa:25:95:a9:cb:ce:4d:27:96:0c:42:7a:7a:ac:
                    d8:fa:06:94:a5:a9:a0:30:8c:2c:be:04:fe:a6:5e:
                    da:6e:8d:75:42:3f:d6:ec:6d:aa:33:e5:71:20:7a:
                    f7:ea:16:df:1c:d9:be:5c:3e:7b:63:0f:ab:59:20:
                    3a:b1:0f:f3:e6:b7:9a:2e:c7:86:b5:4d:58:08:94:
                    83:0c:87:59:a2:b9:e5:35:6c:f8:43:fd:97:36:8f:
                    04:b6:95:b8:a1:75:3a:4f:0a:d5:31:c9:b0:d9:99:
                    b3:64:64:85:6a:d9:19:4b:78:49:2b:36:64:4d:76:
                    5f:8a:c7:42:bc:1c:d5:0e:89:1e:1a:ff:0e:e7:9c:
                    69:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:45:81:90:1F:32:09:A3:ED:3A:7F:AA:6C:EF:7D:FE:47:58:96:0D
            X509v3 Authority Key Identifier:
                keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:6e:5b:46:51:49:ec:68:21:0d:99:52:8d:f3:62:8c:1c:e8:
         9b:c0:e0:c5:35:9f:54:8b:af:27:29:85:5f:f6:84:75:22:5b:
         9a:04:a2:f6:07:1f:a4:c3:6e:29:16:9f:5f:98:c8:fd:a2:68:
         a4:70:d5:d0:c2:e7:5a:5e:62:be:90:93:50:5d:e7:57:f4:9b:
         f9:ee:73:d1:8c:89:7e:ce:e2:09:7e:c2:0f:18:d7:ee:d8:48:
         50:21:88:e2:8d:a3:6a:bc:c9:f0:ed:62:f7:25:ae:f4:72:30:
         f0:f3:56:48:be:5b:fe:0c:ae:f8:a6:8c:76:71:03:42:77:85:
         6d:e1:89:75:0b:3d:ae:c1:61:01:f7:17:96:54:fd:d5:6e:a2:
         5f:f7:d8:f8:78:b6:fd:9a:63:61:9a:1b:b8:20:11:1f:7e:4e:
         f9:ba:7c:9a:6c:54:ee:1a:ec:67:a0:8a:b2:12:6f:57:3f:ee:
         cd:6e:c7:76:25:f2:6c:cd:30:66:6f:ce:a6:2e:80:f6:e3:b2:
         bb:50:a2:05:9e:74:ee:e2:c6:c5:19:03:3c:27:29:8f:6d:79:
         4d:e9:0e:57:c9:84:2b:73:de:a3:70:8a:b8:85:52:d8:43:ba:
         29:08:9a:f6:f2:73:bc:c3:ac:8e:d4:8a:72:85:7e:d8:30:6b:
         c4:4a:0b:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fNG4XSMjbMuf1nDb4yhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjUxMDE5MDgwMTI1WhcNMjUxMDIwMDgwMTI1WjAzMTEwLwYDVQQD
EygwYzQ1ODE5MDFmMzIwOWEzZWQzYTdmYWE2Y2VmN2RmZTQ3NTg5NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/DVnwKxdW86P8Vyfe+ZG45JePLc
tUK4phtMqfdsoUDcNoxVXCE5Ev2CrTXCyUstx0BwQUh+0meI1zrZlS0dXVCBQ6hc
jOb8bkH7fKFG+vEIesxacYy9Us+JEw5LZRw50axEzynPhkbfyUhI+H6MEbfZKe3/
K0v2qiWVqcvOTSeWDEJ6eqzY+gaUpamgMIwsvgT+pl7abo11Qj/W7G2qM+VxIHr3
6hbfHNm+XD57Yw+rWSA6sQ/z5reaLseGtU1YCJSDDIdZornlNWz4Q/2XNo8EtpW4
oXU6TwrVMcmw2ZmzZGSFatkZS3hJKzZkTXZfisdCvBzVDokeGv8O55xpTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxFgZAfMgmj7Tp/qmzvff5HWJYNMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACW5bRlFJ
7GghDZlSjfNijBzom8DgxTWfVIuvJymFX/aEdSJbmgSi9gcfpMNuKRafX5jI/aJo
pHDV0MLnWl5ivpCTUF3nV/Sb+e5z0YyJfs7iCX7CDxjX7thIUCGI4o2jarzJ8O1i
9yWu9HIw8PNWSL5b/gyu+KaMdnEDQneFbeGJdQs9rsFhAfcXllT91W6iX/fY+Hi2
/ZpjYZobuCARH35O+bp8mmxU7hrsZ6CKshJvVz/uzW7HdiXybM0wZm/Opi6A9uOy
u1CiBZ507uLGxRkDPCcpj215TekOV8mEK3Peo3CKuIVS2EO6KQia9vJzvMOsjtSK
coV+2DBrxEoLnw==
-----END CERTIFICATE-----