Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
File:                     hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft (raw, json)
Hash identifier:          0UOleM76iZdzfzUwWokRtmbvoh4BNCu1zVEF1VqcSEo=
Subject key identifier:   37:68:2C:B1:DE:85:BF:25:BC:09:48:FC:38:FA:14:71:9B:6A:F7:67
Authority key identifier: 85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C
Certificate issuer:       /CN=856350305f11387500f03c5a06ff73aa13592f1c
Certificate serial:       019A00359CAFFDF6455FF9E03006F2A59AD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
Manifest number:          16E0
Signing time:             Mon 20 Oct 2025 06:01:44 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:44 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:44 +0000
Files and hashes:         1: hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl (hash: LEkm3by/MUA0ubUrLN6kBUOhH2WPU/kGiEWqAA6mZPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:9c:af:fd:f6:45:5f:f9:e0:30:06:f2:a5:9a:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856350305f11387500f03c5a06ff73aa13592f1c
        Validity
            Not Before: Oct 20 06:01:44 2025 GMT
            Not After : Oct 21 06:01:44 2025 GMT
        Subject: CN=37682cb1de85bf25bc0948fc38fa14719b6af767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:44:9f:47:d2:c8:d9:9e:3c:30:67:21:ac:14:
                    23:25:7e:06:cb:ed:58:79:ab:2d:16:9d:4a:99:3e:
                    75:cf:20:d2:02:78:1a:e4:e8:b8:aa:5f:8b:3e:17:
                    32:ec:f7:a7:70:55:4a:34:16:20:5e:da:55:23:e3:
                    86:dd:7b:e0:35:f4:a5:56:fe:6f:fc:d7:36:3d:b2:
                    d9:0c:86:2f:83:95:e2:b5:d5:31:d1:05:16:93:d3:
                    98:68:60:c5:fd:78:35:e8:b1:95:cd:c5:aa:db:99:
                    16:03:0d:54:68:8a:fd:01:97:4e:5e:c2:d9:8f:b3:
                    39:64:89:1d:e5:ae:86:0f:bd:dd:d8:c6:8e:5c:8b:
                    c9:81:4e:5c:65:ab:08:75:52:d6:4f:94:f9:c8:17:
                    45:90:55:ad:1d:2f:d5:11:4c:f1:bb:fc:5c:a4:b3:
                    36:dc:3c:19:cf:15:f4:79:b9:84:61:f5:62:03:f0:
                    c4:14:15:7c:10:74:c3:a6:f9:9f:ab:57:dd:e5:7f:
                    3f:3a:49:14:ab:07:37:a2:5f:14:8c:6d:07:82:f3:
                    05:ce:5f:70:0b:6d:95:d7:27:fe:5c:27:96:70:92:
                    f4:85:47:5f:0b:44:60:0a:35:c3:89:ec:94:28:e9:
                    2b:57:41:86:fe:77:76:08:6f:c3:8f:cf:c2:9d:ab:
                    25:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:68:2C:B1:DE:85:BF:25:BC:09:48:FC:38:FA:14:71:9B:6A:F7:67
            X509v3 Authority Key Identifier:
                keyid:85:63:50:30:5F:11:38:75:00:F0:3C:5A:06:FF:73:AA:13:59:2F:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWNQMF8ROHUA8DxaBv9zqhNZLxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7129e7-8247-4bbd-b017-ecec1b2edb59/1/hWNQMF8ROHUA8DxaBv9zqhNZLxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:c6:9b:8f:a1:d3:66:d1:74:cc:e9:fb:92:41:93:d0:34:cd:
         6a:81:17:a3:f9:a1:1e:d1:1c:be:47:3f:4a:32:b1:f9:98:3f:
         80:40:50:0a:dc:5a:1c:a8:8a:3e:a6:05:5c:0b:b4:41:50:78:
         5c:70:cd:c7:dd:98:2c:51:36:ce:e3:04:d2:86:fa:a5:44:e0:
         96:5e:f8:92:73:5f:44:e7:46:45:cd:dc:36:ec:25:44:bc:58:
         f4:72:dc:47:c0:b3:10:88:0a:bf:84:e1:24:83:41:18:bc:1b:
         1e:49:b9:00:51:b5:7d:13:fd:9c:8e:ee:dc:fa:dd:5d:60:ed:
         87:f6:ff:8f:51:b1:50:47:a8:3d:b6:f6:fd:ed:e3:48:83:a3:
         01:25:63:27:ca:a3:aa:59:19:bf:71:97:bf:12:20:93:8c:c0:
         35:5c:b8:17:b1:6b:46:e1:27:f0:dc:4e:3f:37:6f:9e:89:a7:
         fe:7f:69:59:62:2c:5c:82:a4:dc:6c:7a:6a:c7:60:a3:7e:6d:
         f5:c4:98:6d:59:d2:b5:03:cf:ca:b6:c0:b0:6d:65:6b:71:31:
         26:42:fd:69:2b:c4:a9:da:78:79:56:71:88:de:7e:f5:26:97:
         e5:38:2e:91:c4:96:b6:ad:22:72:0f:cd:ac:ac:8a:b3:c8:aa:
         aa:b6:30:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANZyv/fZFX/ngMAbypZrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjM1MDMwNWYxMTM4NzUwMGYwM2M1YTA2ZmY3M2FhMTM1
OTJmMWMwHhcNMjUxMDIwMDYwMTQ0WhcNMjUxMDIxMDYwMTQ0WjAzMTEwLwYDVQQD
EygzNzY4MmNiMWRlODViZjI1YmMwOTQ4ZmMzOGZhMTQ3MTliNmFmNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkSfR9LI2Z48MGchrBQjJX4Gy+1Y
eastFp1KmT51zyDSAnga5Oi4ql+LPhcy7PencFVKNBYgXtpVI+OG3XvgNfSlVv5v
/Nc2PbLZDIYvg5XitdUx0QUWk9OYaGDF/Xg16LGVzcWq25kWAw1UaIr9AZdOXsLZ
j7M5ZIkd5a6GD73d2MaOXIvJgU5cZasIdVLWT5T5yBdFkFWtHS/VEUzxu/xcpLM2
3DwZzxX0ebmEYfViA/DEFBV8EHTDpvmfq1fd5X8/OkkUqwc3ol8UjG0HgvMFzl9w
C22V1yf+XCeWcJL0hUdfC0RgCjXDieyUKOkrV0GG/nd2CG/Dj8/CnasluwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdoLLHehb8lvAlI/Dj6FHGbavdnMB8GA1UdIwQY
MBaAFIVjUDBfETh1APA8Wgb/c6oTWS8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTct
ZWNlYzFiMmVkYjU5LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83MTI5ZTctODI0Ny00YmJkLWIwMTctZWNlYzFiMmVkYjU5
LzEvaFdOUU1GOFJPSFVBOER4YUJ2OXpxaE5aTHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8abj6HT
ZtF0zOn7kkGT0DTNaoEXo/mhHtEcvkc/SjKx+Zg/gEBQCtxaHKiKPqYFXAu0QVB4
XHDNx92YLFE2zuME0ob6pUTgll74knNfROdGRc3cNuwlRLxY9HLcR8CzEIgKv4Th
JINBGLwbHkm5AFG1fRP9nI7u3PrdXWDth/b/j1GxUEeoPbb2/e3jSIOjASVjJ8qj
qlkZv3GXvxIgk4zANVy4F7FrRuEn8NxOPzdvnomn/n9pWWIsXIKk3Gx6asdgo35t
9cSYbVnStQPPyrbAsG1la3ExJkL9aSvEqdp4eVZxiN5+9SaX5TgukcSWtq0icg/N
rKyKs8iqqrYw3w==
-----END CERTIFICATE-----