Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.mft
File:                     hhiwVNIN_cnFSTxSyGI0d0kEvnc.mft (raw, json)
Hash identifier:          c1tlgX1xOHgogxt8Qpghs3IoYwllBkMQLD093pqxM5Q=
Subject key identifier:   75:52:5B:AB:2D:03:0D:AD:37:14:D4:87:78:9A:3C:4C:C4:3A:F9:58
Authority key identifier: 86:18:B0:54:D2:0D:FD:C9:C5:49:3C:52:C8:62:34:77:49:04:BE:77
Certificate issuer:       /CN=8618b054d20dfdc9c5493c52c86234774904be77
Certificate serial:       0199FBEBF83A1A5E56A366B8128AED9CAE1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hhiwVNIN_cnFSTxSyGI0d0kEvnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:49 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:49 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:49 +0000
Files and hashes:         1: hhiwVNIN_cnFSTxSyGI0d0kEvnc.crl (hash: n0VjGgrnQsXUn7om45+0ZdFTFXkVcjAyHKjUbw5Mrxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hhiwVNIN_cnFSTxSyGI0d0kEvnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:f8:3a:1a:5e:56:a3:66:b8:12:8a:ed:9c:ae:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8618b054d20dfdc9c5493c52c86234774904be77
        Validity
            Not Before: Oct 19 10:02:49 2025 GMT
            Not After : Oct 20 10:02:49 2025 GMT
        Subject: CN=75525bab2d030dad3714d487789a3c4cc43af958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ce:9a:63:ba:db:ad:04:bd:93:49:f5:e5:da:
                    5c:bf:3b:f5:f0:1d:29:37:2d:d7:f1:55:99:40:80:
                    32:5b:00:07:b2:7d:c3:c9:95:ed:3e:98:b7:7a:ce:
                    ea:f4:56:51:fa:be:58:d2:7f:60:29:bc:60:19:f9:
                    34:d4:c7:09:4d:5a:e2:ff:4c:a3:80:ed:c9:f8:c0:
                    0c:f8:a3:95:cf:58:cb:69:8f:cd:e9:2c:53:2a:84:
                    bc:da:74:f5:2e:6c:58:74:9b:46:de:d7:38:d8:00:
                    74:66:a7:23:87:0f:a6:58:54:72:db:22:5a:71:91:
                    7e:13:b9:84:d6:57:c2:37:d0:d2:d3:56:8a:9a:0b:
                    b0:f8:16:62:35:be:32:3c:0b:59:f0:10:bd:9d:74:
                    66:46:1d:ce:64:a7:e2:1f:b8:c7:78:52:a2:71:39:
                    6b:45:25:b4:f1:0e:6b:7b:0e:84:e0:8f:46:26:39:
                    b4:9e:3c:49:a6:04:1b:33:61:94:89:e6:f1:08:0f:
                    5a:27:5c:ed:7e:4d:8e:0c:81:9f:4f:26:72:4a:fc:
                    f3:8c:03:21:20:0e:4f:10:93:ae:de:b3:25:4a:3d:
                    12:4c:3a:86:7d:2d:ce:1d:61:86:0b:c1:ad:c4:99:
                    09:c0:52:f0:05:0b:49:55:70:37:eb:e2:b4:cd:fc:
                    5a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:52:5B:AB:2D:03:0D:AD:37:14:D4:87:78:9A:3C:4C:C4:3A:F9:58
            X509v3 Authority Key Identifier:
                keyid:86:18:B0:54:D2:0D:FD:C9:C5:49:3C:52:C8:62:34:77:49:04:BE:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiwVNIN_cnFSTxSyGI0d0kEvnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f7f17c-c27d-408f-99c1-c4736ca5c25a/1/hhiwVNIN_cnFSTxSyGI0d0kEvnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:0f:2b:c0:af:6c:06:14:7f:2a:f0:fe:b0:b8:75:95:89:e0:
         f7:51:4d:c4:e6:66:f6:de:d1:94:16:b7:3d:06:e1:67:0e:02:
         b3:53:52:54:b1:83:7f:78:3d:71:3e:0f:7a:31:d1:26:3f:a7:
         ba:68:54:ec:69:b8:19:3f:d9:2b:d7:87:da:98:42:46:06:5f:
         79:8d:e1:3e:d5:ae:43:38:c2:a3:4d:c4:e3:82:48:34:41:48:
         3f:38:13:ff:4d:78:fd:a3:c5:b1:57:ac:9e:ee:a6:b6:7a:f1:
         8f:63:68:16:96:77:9a:5e:5b:d4:d7:c6:8f:aa:86:c0:c8:6e:
         57:ce:d1:ff:00:19:e6:e6:f5:4a:5d:9c:03:85:d7:42:a9:95:
         0d:cc:e0:8c:46:c9:df:3a:ef:41:21:d7:e1:de:ab:d4:ca:ca:
         9b:fa:03:66:10:ea:dc:2d:39:64:56:6a:dd:3e:75:e7:e0:82:
         b7:58:84:ec:ec:e5:c3:61:22:b6:b6:67:de:8f:31:0c:92:d6:
         c2:18:1d:54:7f:74:da:b5:29:df:23:cc:30:2c:86:c1:fb:89:
         9e:11:87:33:66:31:12:de:f7:27:a2:23:5c:32:3c:d3:83:b4:
         87:a1:b3:0e:02:00:a7:e3:77:63:b2:73:f3:dc:8b:71:2d:01:
         13:e3:25:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/g6Gl5Wo2a4EortnK4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MThiMDU0ZDIwZGZkYzljNTQ5M2M1MmM4NjIzNDc3NDkw
NGJlNzcwHhcNMjUxMDE5MTAwMjQ5WhcNMjUxMDIwMTAwMjQ5WjAzMTEwLwYDVQQD
Eyg3NTUyNWJhYjJkMDMwZGFkMzcxNGQ0ODc3ODlhM2M0Y2M0M2FmOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM6aY7rbrQS9k0n15dpcvzv18B0p
Ny3X8VWZQIAyWwAHsn3DyZXtPpi3es7q9FZR+r5Y0n9gKbxgGfk01McJTVri/0yj
gO3J+MAM+KOVz1jLaY/N6SxTKoS82nT1LmxYdJtG3tc42AB0Zqcjhw+mWFRy2yJa
cZF+E7mE1lfCN9DS01aKmguw+BZiNb4yPAtZ8BC9nXRmRh3OZKfiH7jHeFKicTlr
RSW08Q5rew6E4I9GJjm0njxJpgQbM2GUiebxCA9aJ1ztfk2ODIGfTyZySvzzjAMh
IA5PEJOu3rMlSj0STDqGfS3OHWGGC8GtxJkJwFLwBQtJVXA36+K0zfxa0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVSW6stAw2tNxTUh3iaPEzEOvlYMB8GA1UdIwQY
MBaAFIYYsFTSDf3JxUk8UshiNHdJBL53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGhpd1ZOSU5fY25GU1R4U3lHSTBkMGtFdm5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9mN2YxN2MtYzI3ZC00MDhmLTk5YzEt
YzQ3MzZjYTVjMjVhLzEvaGhpd1ZOSU5fY25GU1R4U3lHSTBkMGtFdm5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9mN2YxN2MtYzI3ZC00MDhmLTk5YzEtYzQ3MzZjYTVjMjVh
LzEvaGhpd1ZOSU5fY25GU1R4U3lHSTBkMGtFdm5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASA8rwK9s
BhR/KvD+sLh1lYng91FNxOZm9t7RlBa3PQbhZw4Cs1NSVLGDf3g9cT4PejHRJj+n
umhU7Gm4GT/ZK9eH2phCRgZfeY3hPtWuQzjCo03E44JINEFIPzgT/014/aPFsVes
nu6mtnrxj2NoFpZ3ml5b1NfGj6qGwMhuV87R/wAZ5ub1Sl2cA4XXQqmVDczgjEbJ
3zrvQSHX4d6r1MrKm/oDZhDq3C05ZFZq3T515+CCt1iE7Ozlw2EitrZn3o8xDJLW
whgdVH902rUp3yPMMCyGwfuJnhGHM2YxEt73J6IjXDI804O0h6GzDgIAp+N3Y7Jz
89yLcS0BE+MlCQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:09 2025 by rpki-client