Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
File:                     hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json)
Hash identifier:          m7ZrgtbnQytP2djJlE4NfN+14jsIRsuPYyAnknPKDYU=
Subject key identifier:   2F:18:6F:BD:D9:59:55:9B:05:89:A2:32:2F:4B:46:31:FD:AF:E7:4A
Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33
Certificate issuer:       /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
Certificate serial:       0199FE46AC0EFB8D60629AE441CF436FA76A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
Manifest number:          0A8A
Signing time:             Sun 19 Oct 2025 21:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:08 +0000
Files and hashes:         1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: sHUYOE/w4uKaqb32i0HGC8p5YPVVtO6Azq9Iw8bmNgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:ac:0e:fb:8d:60:62:9a:e4:41:cf:43:6f:a7:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33
        Validity
            Not Before: Oct 19 21:01:08 2025 GMT
            Not After : Oct 20 21:01:08 2025 GMT
        Subject: CN=2f186fbdd959559b0589a2322f4b4631fdafe74a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:75:0a:7c:50:6e:c5:a4:ea:4e:4e:fe:a4:49:
                    c6:60:a4:1a:0a:af:ca:8d:83:15:27:4f:a7:8c:c5:
                    1a:93:fd:06:86:73:b9:ba:5c:4c:a8:d8:f0:e3:f7:
                    aa:7e:1e:db:86:d2:c6:e1:6a:71:cf:69:a8:3d:24:
                    79:3c:ff:7a:4e:ab:68:3d:a2:75:cb:71:ac:bb:ba:
                    ff:fb:8d:18:29:83:ed:81:cf:93:8d:a7:03:66:e8:
                    b4:60:a0:cd:d5:a7:95:4c:ec:69:04:c9:f6:bb:83:
                    cf:89:06:90:55:75:83:ab:8e:25:2c:a9:b7:4f:fd:
                    9b:e6:58:77:90:d1:99:33:bf:56:85:be:7f:b3:06:
                    08:8e:b2:3c:8c:41:29:eb:1a:30:8d:60:ca:f0:80:
                    c3:50:f1:49:6e:59:fc:5f:8c:f2:72:b1:09:5a:57:
                    1c:51:85:11:f9:d0:26:f8:f4:82:8d:26:77:50:ef:
                    af:aa:5a:b8:6a:44:63:bb:23:4f:4d:63:ca:2f:d7:
                    de:5b:b1:57:5a:73:dc:22:f2:a3:82:c9:28:62:c8:
                    a6:f5:b2:79:e7:74:d4:4f:c4:22:e2:d8:40:a8:af:
                    31:45:6c:fd:9e:34:4d:31:e4:46:00:e3:46:04:8a:
                    7c:fe:c2:2f:33:39:aa:01:b8:70:f6:f0:bb:f0:29:
                    c2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:18:6F:BD:D9:59:55:9B:05:89:A2:32:2F:4B:46:31:FD:AF:E7:4A
            X509v3 Authority Key Identifier:
                keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:0c:db:18:9c:66:92:56:3f:6a:7f:da:b5:e7:4f:eb:38:cd:
         d6:aa:c8:dc:95:b0:81:60:3b:ce:a0:9c:1c:2f:b6:80:90:b7:
         cb:c6:35:14:45:aa:d3:2d:bf:1f:69:1d:3a:4e:5c:4a:3c:30:
         09:b1:7c:9a:1d:ac:4d:db:e2:76:b6:1b:08:35:18:74:d2:6c:
         50:61:82:6c:19:84:46:fb:72:48:87:97:63:70:12:ba:53:73:
         90:6a:7c:a7:e8:9f:81:ac:3e:9d:4d:dc:17:e2:55:0f:14:14:
         e8:e7:72:a7:fd:3b:51:f8:00:d3:cb:ea:be:ad:c9:14:aa:30:
         28:87:6e:0b:85:3e:d1:5e:6f:dc:8c:ff:a0:48:c6:8f:58:d1:
         08:0d:eb:2e:e0:52:f4:18:b0:99:0c:f7:cf:e3:29:ab:14:05:
         96:f8:fa:91:c2:86:64:34:70:b0:f7:1a:35:c4:97:17:20:eb:
         b1:85:aa:e1:e9:b9:45:92:50:66:62:76:1b:9e:0c:e2:eb:08:
         37:b8:47:c0:48:ad:78:e0:15:0d:0f:08:47:f2:08:3f:b9:64:
         0a:db:3d:f6:a1:fa:fb:09:ed:6d:b3:5c:f9:41:fa:b5:fc:1f:
         15:10:fc:f6:63:e7:73:47:58:2d:ff:d0:12:b8:1d:2d:1d:12:
         99:b4:b2:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RqwO+41gYprkQc9Db6dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx
YmZlMzMwHhcNMjUxMDE5MjEwMTA4WhcNMjUxMDIwMjEwMTA4WjAzMTEwLwYDVQQD
EygyZjE4NmZiZGQ5NTk1NTliMDU4OWEyMzIyZjRiNDYzMWZkYWZlNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nUKfFBuxaTqTk7+pEnGYKQaCq/K
jYMVJ0+njMUak/0GhnO5ulxMqNjw4/eqfh7bhtLG4Wpxz2moPSR5PP96TqtoPaJ1
y3Gsu7r/+40YKYPtgc+TjacDZui0YKDN1aeVTOxpBMn2u4PPiQaQVXWDq44lLKm3
T/2b5lh3kNGZM79Whb5/swYIjrI8jEEp6xowjWDK8IDDUPFJbln8X4zycrEJWlcc
UYUR+dAm+PSCjSZ3UO+vqlq4akRjuyNPTWPKL9feW7FXWnPcIvKjgskoYsim9bJ5
53TUT8Qi4thAqK8xRWz9njRNMeRGAONGBIp8/sIvMzmqAbhw9vC78CnCXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8Yb73ZWVWbBYmiMi9LRjH9r+dKMB8GA1UdIwQY
MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt
MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx
LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2gzbGJxm
klY/an/atedP6zjN1qrI3JWwgWA7zqCcHC+2gJC3y8Y1FEWq0y2/H2kdOk5cSjww
CbF8mh2sTdvidrYbCDUYdNJsUGGCbBmERvtySIeXY3ASulNzkGp8p+ifgaw+nU3c
F+JVDxQU6Odyp/07UfgA08vqvq3JFKowKIduC4U+0V5v3Iz/oEjGj1jRCA3rLuBS
9BiwmQz3z+MpqxQFlvj6kcKGZDRwsPcaNcSXFyDrsYWq4em5RZJQZmJ2G54M4usI
N7hHwEiteOAVDQ8IR/IIP7lkCts99qH6+wntbbNc+UH6tfwfFRD89mPnc0dYLf/Q
ErgdLR0SmbSydg==
-----END CERTIFICATE-----