Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
File:                     hheg4tbmBy6I03dN18z78HochjI.mft (raw, json)
Hash identifier:          XlXulF0lSklhN3d2PNuXvXkLkJ7VHa0nncz3mXkXBEE=
Subject key identifier:   B3:02:93:A6:6C:E5:8F:37:AF:B4:D4:79:DE:0A:53:97:0B:31:91:28
Authority key identifier: 86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32
Certificate issuer:       /CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
Certificate serial:       0199FD34253B584C360A917EC69C6CAB9D92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
Manifest number:          12D4
Signing time:             Sun 19 Oct 2025 16:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:16 +0000
Files and hashes:         1: hheg4tbmBy6I03dN18z78HochjI.crl (hash: 6G3DiK1mNPl81P6pA1hWmKS4yoH9EqMXgUfR2QOehfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:25:3b:58:4c:36:0a:91:7e:c6:9c:6c:ab:9d:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632
        Validity
            Not Before: Oct 19 16:01:16 2025 GMT
            Not After : Oct 20 16:01:16 2025 GMT
        Subject: CN=b30293a66ce58f37afb4d479de0a53970b319128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:da:01:68:e0:4a:d9:ef:84:c7:0c:da:1b:95:
                    94:93:30:c1:d0:ba:86:37:ec:5d:20:2b:c7:64:d9:
                    fa:21:db:94:f8:3a:fc:33:24:b8:39:40:59:9f:74:
                    31:29:fc:25:81:1f:27:11:ec:21:96:89:18:0d:15:
                    a6:9b:83:11:74:9c:56:e5:58:34:b6:27:f2:bb:73:
                    b1:60:65:46:51:22:93:a0:11:42:32:33:10:d8:13:
                    35:68:30:38:85:56:49:a8:b0:a5:42:9d:43:92:fe:
                    6f:b8:a9:5d:16:50:9e:bd:67:a2:06:4a:f3:61:f2:
                    d6:3e:a6:85:4a:6c:76:d4:69:ca:ca:f2:a5:04:ea:
                    2b:8c:43:2f:78:36:dd:56:52:52:09:a6:f2:85:f4:
                    b4:b2:29:6b:fe:92:6f:aa:a9:63:09:1c:8b:00:01:
                    3d:e2:61:33:2e:e5:47:df:1a:77:84:35:f4:8e:aa:
                    09:43:b2:5f:fe:a3:93:a8:62:0a:50:8d:d5:bd:b8:
                    e2:9c:a8:cb:22:83:b2:ef:e5:b4:2f:84:de:8c:57:
                    0f:ec:8d:ff:e5:07:2c:32:c6:49:11:76:39:e8:f1:
                    d5:06:69:7e:74:34:06:34:42:df:0d:1e:50:87:0a:
                    29:a9:f6:b4:22:bd:2f:c8:71:33:11:1e:dd:fd:20:
                    32:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:02:93:A6:6C:E5:8F:37:AF:B4:D4:79:DE:0A:53:97:0B:31:91:28
            X509v3 Authority Key Identifier:
                keyid:86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:9a:a6:bc:f0:c7:8c:ea:92:28:c4:16:f7:b1:64:e5:74:9b:
         a1:a4:58:ba:33:c1:b8:2b:43:b2:a4:5e:09:5b:03:69:f2:b7:
         17:a5:77:7d:e1:be:0f:7f:07:79:bb:dd:cc:ed:1b:14:7e:35:
         bc:69:f3:93:d1:d7:72:c7:2f:15:be:d4:59:80:2a:74:60:3d:
         80:7a:00:1f:4e:87:56:77:b9:f8:7c:69:b5:6f:00:8d:73:34:
         2c:73:5b:ce:22:7c:d2:b9:99:aa:74:6c:98:ca:37:80:a9:9c:
         4e:82:79:88:77:a5:88:83:4a:9c:8e:99:2b:dd:2b:96:53:6c:
         bd:78:ac:92:09:87:bd:f5:63:a3:37:b3:c4:f0:31:6a:10:b1:
         c0:4f:6e:38:63:a7:47:e0:77:db:83:95:29:8b:6f:b7:b9:89:
         ab:24:dd:24:74:4b:b6:72:00:6e:21:a5:a7:88:5d:4e:7f:c9:
         81:1d:38:b4:5f:f9:85:d6:63:ce:21:7d:2a:0a:5a:e8:73:46:
         4d:a3:a5:5d:14:ce:9e:67:dc:2e:8c:ba:f3:1d:a9:3d:13:ec:
         04:15:80:9c:49:d6:7c:b0:fd:5d:f1:39:ac:dd:a4:f9:3a:d6:
         e4:f3:0b:64:63:bf:01:97:24:b0:66:e0:c8:b5:ae:6a:99:56:
         e7:f6:bc:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NCU7WEw2CpF+xpxsq52SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MTdhMGUyZDZlNjA3MmU4OGQzNzc0ZGQ3Y2NmYmYwN2Ex
Yzg2MzIwHhcNMjUxMDE5MTYwMTE2WhcNMjUxMDIwMTYwMTE2WjAzMTEwLwYDVQQD
EyhiMzAyOTNhNjZjZTU4ZjM3YWZiNGQ0NzlkZTBhNTM5NzBiMzE5MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdoBaOBK2e+ExwzaG5WUkzDB0LqG
N+xdICvHZNn6IduU+Dr8MyS4OUBZn3QxKfwlgR8nEewhlokYDRWmm4MRdJxW5Vg0
tifyu3OxYGVGUSKToBFCMjMQ2BM1aDA4hVZJqLClQp1Dkv5vuKldFlCevWeiBkrz
YfLWPqaFSmx21GnKyvKlBOorjEMveDbdVlJSCabyhfS0silr/pJvqqljCRyLAAE9
4mEzLuVH3xp3hDX0jqoJQ7Jf/qOTqGIKUI3VvbjinKjLIoOy7+W0L4TejFcP7I3/
5QcsMsZJEXY56PHVBml+dDQGNELfDR5Qhwopqfa0Ir0vyHEzER7d/SAy9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMCk6Zs5Y83r7TUed4KU5cLMZEoMB8GA1UdIwQY
MBaAFIYXoOLW5gcuiNN3TdfM+/B6HIYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5Njgt
ZWJkYzMyYTZhYjI3LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5NjgtZWJkYzMyYTZhYjI3
LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZqmvPDH
jOqSKMQW97Fk5XSboaRYujPBuCtDsqReCVsDafK3F6V3feG+D38HebvdzO0bFH41
vGnzk9HXcscvFb7UWYAqdGA9gHoAH06HVne5+HxptW8AjXM0LHNbziJ80rmZqnRs
mMo3gKmcToJ5iHeliINKnI6ZK90rllNsvXiskgmHvfVjozezxPAxahCxwE9uOGOn
R+B324OVKYtvt7mJqyTdJHRLtnIAbiGlp4hdTn/JgR04tF/5hdZjziF9Kgpa6HNG
TaOlXRTOnmfcLoy68x2pPRPsBBWAnEnWfLD9XfE5rN2k+TrW5PMLZGO/AZcksGbg
yLWuaplW5/a8IA==
-----END CERTIFICATE-----