Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft
File:                     Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft (raw, json)
Hash identifier:          0JEXPb04ls7c+tepocPUK5O+xqrNn6Hw7W3PxMgdmCk=
Subject key identifier:   AF:BA:C6:A3:42:B8:B1:62:10:6C:4A:2F:5C:62:FA:7D:D6:2D:FF:B8
Authority key identifier: 1E:98:BB:48:B5:93:06:A7:30:C9:B9:BD:8D:77:34:67:CF:1C:54:E0
Certificate issuer:       /CN=1e98bb48b59306a730c9b9bd8d773467cf1c54e0
Certificate serial:       0199FFC7871A4B77F66531A47FFCA5364D7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft
Manifest number:          0CE9
Signing time:             Mon 20 Oct 2025 04:01:30 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:30 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:30 +0000
Files and hashes:         1: Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl (hash: HJoZpWLW7R+8Czpx6up4v2zniFlFVMCBtEWu26nHxG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:87:1a:4b:77:f6:65:31:a4:7f:fc:a5:36:4d:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e98bb48b59306a730c9b9bd8d773467cf1c54e0
        Validity
            Not Before: Oct 20 04:01:30 2025 GMT
            Not After : Oct 21 04:01:30 2025 GMT
        Subject: CN=afbac6a342b8b162106c4a2f5c62fa7dd62dffb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0b:5b:d9:fa:5e:1c:7b:bb:99:df:6c:d5:df:
                    2b:f3:69:d4:97:48:db:ce:01:e1:3c:68:ae:8e:93:
                    7c:df:88:3b:04:63:65:5f:75:71:8c:34:d2:4d:ca:
                    2b:a0:28:36:81:9d:ff:5a:9d:9f:56:d4:2c:c5:81:
                    af:c2:c4:97:24:53:c2:20:f6:b7:01:fa:23:70:ee:
                    ca:35:2c:8d:b1:32:b4:c1:ee:20:25:c0:d7:df:71:
                    3d:b2:7e:7a:fb:6a:e1:1a:8c:0d:72:86:39:6a:f4:
                    21:33:a8:48:38:a5:e5:aa:f9:7d:e6:cb:16:29:eb:
                    b4:ec:31:31:40:27:76:8f:65:d0:30:2c:16:bb:d9:
                    20:ec:c7:93:82:25:de:d3:a0:d5:e4:de:ed:50:d5:
                    08:d8:02:f6:97:d0:6e:f6:96:af:37:49:3c:02:f5:
                    7c:3b:cb:64:96:f7:de:f2:c4:dc:07:87:40:5f:de:
                    6b:93:3f:5c:51:0c:45:68:aa:05:4c:e0:78:d7:ea:
                    ab:db:90:a4:94:6c:39:9f:2e:85:59:81:f2:a7:90:
                    30:12:61:83:97:02:b8:55:61:11:b4:01:36:f0:de:
                    92:14:04:b4:2e:33:f2:63:c1:d2:54:b1:83:04:ac:
                    7b:90:70:bd:0a:57:bf:35:b3:7a:37:c3:45:12:97:
                    c9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:BA:C6:A3:42:B8:B1:62:10:6C:4A:2F:5C:62:FA:7D:D6:2D:FF:B8
            X509v3 Authority Key Identifier:
                keyid:1E:98:BB:48:B5:93:06:A7:30:C9:B9:BD:8D:77:34:67:CF:1C:54:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:b1:20:98:12:88:01:d7:c4:b0:d8:d8:dc:11:7b:2c:e0:83:
         98:ae:65:a2:bd:20:e6:ea:92:af:c7:99:77:8f:83:03:82:08:
         16:79:c2:37:7d:bf:09:55:5b:a3:f3:a9:05:a1:63:2b:b0:6d:
         d1:a4:44:10:8d:fd:b4:71:fb:be:fd:84:60:87:b4:c4:46:c1:
         01:0c:10:96:2a:0c:76:26:85:82:66:d6:ed:e5:bb:f3:2c:b4:
         ce:85:31:ba:a2:77:00:dc:53:8f:9b:e1:13:94:45:88:6e:6d:
         6c:fe:7d:bf:85:df:b8:e7:0c:42:22:a7:29:89:fc:99:cb:24:
         b8:19:26:fe:78:0b:83:2d:dd:f7:32:af:f4:69:db:dd:33:de:
         10:ed:03:bb:d8:da:4d:f4:d4:b7:ed:14:7b:c4:f1:4f:ea:52:
         80:ba:bc:72:19:62:94:52:df:fe:0b:e5:5f:21:ed:cf:fb:4e:
         33:dc:cb:5a:73:d0:6f:c4:55:43:70:c6:06:9a:77:38:c5:e9:
         4a:5e:42:85:7e:64:01:17:d7:2e:26:e7:51:53:e8:32:ae:3b:
         d5:a7:5c:bc:81:b0:90:45:4d:1d:fd:21:d6:c3:5f:ec:6f:d9:
         fd:20:1f:44:78:de:4d:86:af:bc:21:a0:fe:03:71:d7:74:f8:
         a5:54:5c:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x4caS3f2ZTGkf/ylNk18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOThiYjQ4YjU5MzA2YTczMGM5YjliZDhkNzczNDY3Y2Yx
YzU0ZTAwHhcNMjUxMDIwMDQwMTMwWhcNMjUxMDIxMDQwMTMwWjAzMTEwLwYDVQQD
EyhhZmJhYzZhMzQyYjhiMTYyMTA2YzRhMmY1YzYyZmE3ZGQ2MmRmZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAtb2fpeHHu7md9s1d8r82nUl0jb
zgHhPGiujpN834g7BGNlX3VxjDTSTcoroCg2gZ3/Wp2fVtQsxYGvwsSXJFPCIPa3
AfojcO7KNSyNsTK0we4gJcDX33E9sn56+2rhGowNcoY5avQhM6hIOKXlqvl95ssW
Keu07DExQCd2j2XQMCwWu9kg7MeTgiXe06DV5N7tUNUI2AL2l9Bu9pavN0k8AvV8
O8tklvfe8sTcB4dAX95rkz9cUQxFaKoFTOB41+qr25CklGw5ny6FWYHyp5AwEmGD
lwK4VWERtAE28N6SFAS0LjPyY8HSVLGDBKx7kHC9Cle/NbN6N8NFEpfJ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+6xqNCuLFiEGxKL1xi+n3WLf+4MB8GA1UdIwQY
MBaAFB6Yu0i1kwanMMm5vY13NGfPHFTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81MTYxY2ItYmNkZC00MDk2LTg4Zjct
NWFlZDhkNmEzM2I3LzEvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81MTYxY2ItYmNkZC00MDk2LTg4ZjctNWFlZDhkNmEzM2I3
LzEvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbEgmBKI
AdfEsNjY3BF7LOCDmK5lor0g5uqSr8eZd4+DA4IIFnnCN32/CVVbo/OpBaFjK7Bt
0aREEI39tHH7vv2EYIe0xEbBAQwQlioMdiaFgmbW7eW78yy0zoUxuqJ3ANxTj5vh
E5RFiG5tbP59v4XfuOcMQiKnKYn8mcskuBkm/ngLgy3d9zKv9Gnb3TPeEO0Du9ja
TfTUt+0Ue8TxT+pSgLq8chlilFLf/gvlXyHtz/tOM9zLWnPQb8RVQ3DGBpp3OMXp
Sl5ChX5kARfXLibnUVPoMq471adcvIGwkEVNHf0h1sNf7G/Z/SAfRHjeTYavvCGg
/gNx13T4pVRcFw==
-----END CERTIFICATE-----