Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
File:                     HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json)
Hash identifier:          vhJeyStcxIlosOhDjwroWqRnHA/Y+9I4a6gyV/VrKxY=
Subject key identifier:   65:EE:C3:11:0F:5E:BE:01:1B:2B:01:88:CD:7F:05:D7:AD:04:A1:70
Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70
Certificate issuer:       /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
Certificate serial:       0199FD34501BDE9EAD8A99966349F8BA4767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
Manifest number:          16E1
Signing time:             Sun 19 Oct 2025 16:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:27 +0000
Files and hashes:         1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: dL3W4mV4poebzwABa6B9GQ+TSQ65FBrVWkDUdR0UsmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:50:1b:de:9e:ad:8a:99:96:63:49:f8:ba:47:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270
        Validity
            Not Before: Oct 19 16:01:27 2025 GMT
            Not After : Oct 20 16:01:27 2025 GMT
        Subject: CN=65eec3110f5ebe011b2b0188cd7f05d7ad04a170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:25:0a:b6:3e:d4:2c:19:64:f2:01:3a:db:8b:
                    6a:52:53:fb:c1:a7:5c:5e:63:0f:ac:a0:f8:8a:a1:
                    4d:ef:86:4d:52:09:06:86:13:1d:80:d2:6e:39:7b:
                    c8:14:5e:36:25:07:2e:40:b4:72:47:b5:77:a6:76:
                    bc:45:3a:70:ea:34:c2:6a:b0:d1:e8:05:18:23:dc:
                    12:bd:0a:d3:80:4f:ef:7e:a5:25:cd:7d:a1:6d:6c:
                    d1:14:ab:b9:72:fe:f2:e1:59:2d:e2:60:98:ac:06:
                    9f:f3:54:29:5d:85:15:4a:e7:a7:e9:86:7e:f7:87:
                    ad:05:75:58:a4:1d:68:37:e2:13:8a:6d:c7:6c:46:
                    a8:cf:23:a8:f5:79:98:f8:fe:42:aa:38:b9:78:ad:
                    30:85:96:75:54:61:f2:25:e2:53:34:f3:25:02:47:
                    ff:86:8f:01:45:69:e5:81:fe:b6:95:fa:d6:73:04:
                    4e:53:77:ab:62:32:72:17:72:40:ec:ed:68:dc:02:
                    2a:8d:ce:c2:1b:35:cc:0d:9b:c2:1e:91:87:57:77:
                    6e:2f:38:fe:42:0c:ab:27:8d:33:c2:77:0b:5a:ab:
                    62:c0:1b:d7:cb:bf:f1:81:fe:dc:8a:d6:97:04:63:
                    68:56:f2:fd:fc:c6:03:e4:85:9a:8b:c2:ea:8d:ec:
                    1f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:EE:C3:11:0F:5E:BE:01:1B:2B:01:88:CD:7F:05:D7:AD:04:A1:70
            X509v3 Authority Key Identifier:
                keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:e4:21:56:27:19:40:ec:cd:2b:97:d5:9d:ec:5c:d3:20:6f:
         6d:85:69:4d:20:c3:f1:06:39:59:f8:58:c2:42:7d:51:bf:aa:
         0b:3a:98:16:f2:af:62:8a:7d:aa:bf:39:51:25:05:42:09:28:
         27:8c:1c:30:e8:49:d5:d0:c9:b7:ed:2a:9a:f2:b3:ec:74:30:
         91:3f:49:88:24:31:c3:47:c8:b9:f8:48:87:1b:fd:7d:10:a6:
         05:62:48:ec:5a:b5:77:fb:40:e9:0a:f3:ac:c9:ca:83:a7:6e:
         3f:4a:ff:0a:a8:00:f8:2d:ae:5b:fa:44:c6:fc:a5:f4:4c:84:
         b7:e1:6c:9c:8c:61:6c:ec:d9:7c:24:39:f9:a9:ed:d7:d0:f8:
         6f:6b:b7:4c:8d:2c:50:6d:7b:d0:5e:eb:b1:fd:1e:c6:54:7b:
         b7:ed:dd:2a:77:79:34:4b:ab:ac:4b:f1:71:6f:e0:67:e8:4e:
         bc:24:55:f0:ff:8c:f6:ea:7c:43:e6:6b:59:1b:b8:cd:8f:18:
         84:c8:b7:1f:0c:8b:3c:d9:9f:b8:28:66:05:9f:7e:45:87:df:
         29:86:56:69:55:4b:31:45:55:86:96:35:cf:17:cf:3b:1e:d0:
         cd:eb:bc:20:b6:9b:3a:bc:31:bf:3a:3e:dd:dd:7e:e8:92:4f:
         65:13:e0:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NFAb3p6tipmWY0n4ukdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy
ZDgyNzAwHhcNMjUxMDE5MTYwMTI3WhcNMjUxMDIwMTYwMTI3WjAzMTEwLwYDVQQD
Eyg2NWVlYzMxMTBmNWViZTAxMWIyYjAxODhjZDdmMDVkN2FkMDRhMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SUKtj7ULBlk8gE624tqUlP7wadc
XmMPrKD4iqFN74ZNUgkGhhMdgNJuOXvIFF42JQcuQLRyR7V3pna8RTpw6jTCarDR
6AUYI9wSvQrTgE/vfqUlzX2hbWzRFKu5cv7y4Vkt4mCYrAaf81QpXYUVSuen6YZ+
94etBXVYpB1oN+ITim3HbEaozyOo9XmY+P5Cqji5eK0whZZ1VGHyJeJTNPMlAkf/
ho8BRWnlgf62lfrWcwROU3erYjJyF3JA7O1o3AIqjc7CGzXMDZvCHpGHV3duLzj+
QgyrJ40zwncLWqtiwBvXy7/xgf7citaXBGNoVvL9/MYD5IWai8LqjewfcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXuwxEPXr4BGysBiM1/BdetBKFwMB8GA1UdIwQY
MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct
ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz
LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARuQhVicZ
QOzNK5fVnexc0yBvbYVpTSDD8QY5WfhYwkJ9Ub+qCzqYFvKvYop9qr85USUFQgko
J4wcMOhJ1dDJt+0qmvKz7HQwkT9JiCQxw0fIufhIhxv9fRCmBWJI7Fq1d/tA6Qrz
rMnKg6duP0r/CqgA+C2uW/pExvyl9EyEt+FsnIxhbOzZfCQ5+ant19D4b2u3TI0s
UG170F7rsf0exlR7t+3dKnd5NEurrEvxcW/gZ+hOvCRV8P+M9up8Q+ZrWRu4zY8Y
hMi3HwyLPNmfuChmBZ9+RYffKYZWaVVLMUVVhpY1zxfPOx7Qzeu8ILabOrwxvzo+
3d1+6JJPZRPgZQ==
-----END CERTIFICATE-----