Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
File:                     HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json)
Hash identifier:          UhGhL3fcNAWmk3dXnKNhr2nlKmZZitjd/PmqVUEAlVI=
Subject key identifier:   54:F2:C0:C0:7C:F2:9F:4A:0A:6D:88:AF:23:26:9C:00:5C:19:2D:81
Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43
Certificate issuer:       /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
Certificate serial:       0199FCC62510DDF0BA999F31E8B1598FCD33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
Manifest number:          0B8C
Signing time:             Sun 19 Oct 2025 14:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:08 +0000
Files and hashes:         1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: KMgb6tATEzTcdNkxk4jl7B7llP84T7fPB874CP4raNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:25:10:dd:f0:ba:99:9f:31:e8:b1:59:8f:cd:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643
        Validity
            Not Before: Oct 19 14:01:08 2025 GMT
            Not After : Oct 20 14:01:08 2025 GMT
        Subject: CN=54f2c0c07cf29f4a0a6d88af23269c005c192d81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c8:75:66:77:97:c5:10:a3:82:a1:3e:63:e4:
                    4e:51:5a:6a:06:68:bf:aa:54:a1:05:52:9d:e2:68:
                    b3:06:14:f7:a6:30:fe:35:db:e0:d8:da:cc:f5:fd:
                    fd:4b:83:31:9a:6d:b7:85:93:c9:a6:24:a7:cd:2b:
                    73:c2:cb:8b:f9:dd:3b:07:c3:95:d2:cd:82:45:28:
                    93:92:33:cd:ea:f7:b7:17:ee:c3:b7:ad:1e:f1:25:
                    86:35:14:d4:ac:bb:e8:4b:6c:6d:47:ed:5a:c7:b0:
                    5f:b4:9d:32:7d:36:77:7c:7d:f1:c2:db:4a:cd:5f:
                    a5:87:fe:e9:b8:75:eb:65:2f:7e:f6:ad:1d:20:a9:
                    43:74:f7:0c:37:a4:12:da:e1:67:3e:a3:7c:0c:04:
                    f3:47:e2:e8:ba:61:39:1a:3d:8c:98:ae:05:37:38:
                    76:c5:b1:51:ed:b3:02:85:28:4a:0d:e7:e0:47:9c:
                    ce:ad:cc:33:6b:7f:4e:da:7e:eb:21:01:7d:ac:b6:
                    6c:45:7a:72:49:63:af:a6:2d:8d:f8:23:d3:28:da:
                    3e:10:67:39:9b:28:63:b5:f4:96:cf:6e:07:67:46:
                    16:3f:2d:a5:48:11:83:0d:8a:74:d5:89:24:3d:6d:
                    1d:5e:c2:76:dc:68:a2:30:04:79:99:eb:0c:6f:0b:
                    3b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:F2:C0:C0:7C:F2:9F:4A:0A:6D:88:AF:23:26:9C:00:5C:19:2D:81
            X509v3 Authority Key Identifier:
                keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d7:07:6b:47:15:01:11:89:85:8b:41:22:f2:96:39:73:d1:
         d7:b0:2a:27:b4:de:95:47:20:e3:99:13:2f:39:49:e0:39:95:
         1d:33:4d:c5:92:fc:18:63:7a:78:dd:67:1e:5b:c3:20:9b:47:
         08:93:3c:d6:9e:39:1d:b1:93:16:9c:f7:26:1a:73:cf:d5:c7:
         7a:f8:8c:60:b9:ea:89:51:3e:a5:bd:1d:1d:e6:3d:4e:89:92:
         9f:b3:6a:6c:5b:cf:df:4b:35:be:5c:a6:86:8c:35:0e:af:41:
         5a:6c:00:8c:9c:7c:fe:1b:4f:da:61:b6:f0:0c:ee:69:5b:a5:
         3d:3d:50:aa:03:91:76:c8:0e:d0:c0:2c:b5:08:bd:43:5a:1b:
         3a:c0:a3:50:bd:68:c0:c7:0c:0f:42:0c:c0:f1:ae:e5:b7:ff:
         39:cb:ad:55:de:8c:61:5f:ef:63:b5:d2:3c:39:58:46:7d:08:
         8d:03:a9:49:64:56:06:4d:41:af:58:f4:9a:a5:9e:2f:59:ac:
         e9:4e:30:4a:48:9b:79:74:0a:ce:36:c6:85:d1:77:36:2e:73:
         53:8c:3f:1e:68:9a:98:a7:d6:37:58:37:71:b7:ac:d4:03:71:
         bf:72:ca:73:28:d7:3a:12:ec:04:c7:40:0e:af:fd:39:c0:e2:
         87:ff:3c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xiUQ3fC6mZ8x6LFZj80zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl
NGU2NDMwHhcNMjUxMDE5MTQwMTA4WhcNMjUxMDIwMTQwMTA4WjAzMTEwLwYDVQQD
Eyg1NGYyYzBjMDdjZjI5ZjRhMGE2ZDg4YWYyMzI2OWMwMDVjMTkyZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMh1ZneXxRCjgqE+Y+ROUVpqBmi/
qlShBVKd4mizBhT3pjD+Ndvg2NrM9f39S4Mxmm23hZPJpiSnzStzwsuL+d07B8OV
0s2CRSiTkjPN6ve3F+7Dt60e8SWGNRTUrLvoS2xtR+1ax7BftJ0yfTZ3fH3xwttK
zV+lh/7puHXrZS9+9q0dIKlDdPcMN6QS2uFnPqN8DATzR+LoumE5Gj2MmK4FNzh2
xbFR7bMChShKDefgR5zOrcwza39O2n7rIQF9rLZsRXpySWOvpi2N+CPTKNo+EGc5
myhjtfSWz24HZ0YWPy2lSBGDDYp01YkkPW0dXsJ23GiiMAR5mesMbws7GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTywMB88p9KCm2IryMmnABcGS2BMB8GA1UdIwQY
MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt
NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz
LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNcHa0cV
ARGJhYtBIvKWOXPR17AqJ7TelUcg45kTLzlJ4DmVHTNNxZL8GGN6eN1nHlvDIJtH
CJM81p45HbGTFpz3Jhpzz9XHeviMYLnqiVE+pb0dHeY9TomSn7NqbFvP30s1vlym
how1Dq9BWmwAjJx8/htP2mG28AzuaVulPT1QqgORdsgO0MAstQi9Q1obOsCjUL1o
wMcMD0IMwPGu5bf/OcutVd6MYV/vY7XSPDlYRn0IjQOpSWRWBk1Br1j0mqWeL1ms
6U4wSkibeXQKzjbGhdF3Ni5zU4w/HmiamKfWN1g3cbes1ANxv3LKcyjXOhLsBMdA
Dq/9OcDih/88zA==
-----END CERTIFICATE-----