Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
File:                     an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json)
Hash identifier:          xP5gtDNS+KgQ5kEioAI7b9JE+TCKUxhRuh93XEKWsbM=
Subject key identifier:   9D:5A:35:CC:15:D1:2B:55:9F:3A:2B:2C:ED:0C:79:CA:1A:6D:1F:5A
Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C
Certificate issuer:       /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
Certificate serial:       0199FC8F3AE2619FE0F0303BD65CD0D106F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
Manifest number:          0971
Signing time:             Sun 19 Oct 2025 13:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:08 +0000
Files and hashes:         1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: c+x9gAvMq1lwveZhw9ODGWX9+uswv7ugP/niBVEvwpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:3a:e2:61:9f:e0:f0:30:3b:d6:5c:d0:d1:06:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c
        Validity
            Not Before: Oct 19 13:01:08 2025 GMT
            Not After : Oct 20 13:01:08 2025 GMT
        Subject: CN=9d5a35cc15d12b559f3a2b2ced0c79ca1a6d1f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9b:81:8e:9c:37:04:26:11:f8:bf:e1:d8:65:
                    ab:af:9d:d9:4f:5e:57:46:82:e0:6d:86:02:d0:ba:
                    64:f2:5c:f3:f4:97:3e:be:00:41:a6:68:7c:b7:af:
                    12:8f:64:be:a9:83:c4:b7:ec:cf:63:77:e0:dd:57:
                    51:55:ae:4d:d9:e5:44:f8:00:a6:ab:e5:3d:d0:da:
                    f6:57:b6:b4:28:0a:e4:ee:f9:8e:6c:c7:47:b0:d5:
                    b8:02:f3:64:56:37:a2:58:e7:44:83:29:af:92:f5:
                    92:42:cd:e6:37:9d:3d:8b:f3:9e:6e:62:71:fd:80:
                    41:ff:62:99:e3:e8:e9:4b:98:ec:4b:db:17:eb:df:
                    36:d4:22:19:4b:de:57:4a:20:e5:4d:9f:3d:ab:d1:
                    ee:28:50:0f:41:56:25:35:df:43:78:bb:dd:3f:e7:
                    56:ed:78:53:39:d7:84:fe:23:6d:ad:e6:91:70:55:
                    a0:ae:54:4f:00:62:a9:3b:c5:11:c0:82:62:d1:77:
                    5f:77:84:e3:17:63:f0:c5:c2:6a:2c:92:92:5d:25:
                    f9:79:6c:d9:6b:61:d1:c2:7e:e9:72:ff:3e:af:3c:
                    b6:9b:cb:3d:ea:25:00:67:c6:ab:72:8b:f9:10:35:
                    1d:6f:8b:b0:98:cf:02:da:d2:46:56:cf:8b:d4:d0:
                    60:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:5A:35:CC:15:D1:2B:55:9F:3A:2B:2C:ED:0C:79:CA:1A:6D:1F:5A
            X509v3 Authority Key Identifier:
                keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:6c:91:4a:52:40:4e:04:49:b6:ca:1b:27:54:96:26:67:8f:
         ba:1d:1c:df:93:60:60:97:01:2b:fe:ac:bb:1d:b9:06:96:6e:
         02:c6:02:f0:e3:80:b8:a5:3a:1d:e0:66:3f:d2:79:f5:19:a0:
         30:a5:ce:30:17:62:fe:d7:07:18:70:c1:d7:ed:0d:a7:ed:15:
         9f:9f:59:ff:0d:12:ea:1f:8f:fa:8c:46:43:b2:28:8b:2a:45:
         a3:bd:09:33:65:18:86:3e:e0:4d:a6:8e:ec:c3:10:f1:13:d7:
         3d:26:da:5a:f1:e2:d0:c2:ee:fd:a8:d2:f0:23:d2:92:36:c9:
         15:9d:45:b9:04:96:bc:25:7d:7c:96:94:3d:8c:57:b6:ca:8d:
         f0:5c:6b:f4:27:2b:6b:ba:24:76:ed:44:7b:df:9b:22:b1:e6:
         ca:5d:54:6b:5c:74:36:b8:f1:29:3b:fb:db:7e:67:3e:55:b7:
         4b:bc:47:e0:8b:72:f3:cf:a5:70:85:74:74:52:04:74:c6:12:
         43:f5:de:f9:68:4e:5a:b6:ec:a0:50:af:30:6d:d5:f6:02:ca:
         20:20:e5:0a:3a:ad:0d:1b:27:c8:83:69:ff:cb:33:93:08:ac:
         e0:a9:15:85:18:a9:4f:81:9f:08:32:63:b6:f4:90:54:9d:26:
         6c:b1:07:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jzriYZ/g8DA71lzQ0Qb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm
Zjg2MGMwHhcNMjUxMDE5MTMwMTA4WhcNMjUxMDIwMTMwMTA4WjAzMTEwLwYDVQQD
Eyg5ZDVhMzVjYzE1ZDEyYjU1OWYzYTJiMmNlZDBjNzljYTFhNmQxZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZuBjpw3BCYR+L/h2GWrr53ZT15X
RoLgbYYC0Lpk8lzz9Jc+vgBBpmh8t68Sj2S+qYPEt+zPY3fg3VdRVa5N2eVE+ACm
q+U90Nr2V7a0KArk7vmObMdHsNW4AvNkVjeiWOdEgymvkvWSQs3mN509i/OebmJx
/YBB/2KZ4+jpS5jsS9sX69821CIZS95XSiDlTZ89q9HuKFAPQVYlNd9DeLvdP+dW
7XhTOdeE/iNtreaRcFWgrlRPAGKpO8URwIJi0Xdfd4TjF2PwxcJqLJKSXSX5eWzZ
a2HRwn7pcv8+rzy2m8s96iUAZ8arcov5EDUdb4uwmM8C2tJGVs+L1NBgHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1aNcwV0StVnzorLO0MecoabR9aMB8GA1UdIwQY
MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt
YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1
LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmyRSlJA
TgRJtsobJ1SWJmePuh0c35NgYJcBK/6sux25BpZuAsYC8OOAuKU6HeBmP9J59Rmg
MKXOMBdi/tcHGHDB1+0Np+0Vn59Z/w0S6h+P+oxGQ7IoiypFo70JM2UYhj7gTaaO
7MMQ8RPXPSbaWvHi0MLu/ajS8CPSkjbJFZ1FuQSWvCV9fJaUPYxXtsqN8Fxr9Ccr
a7okdu1Ee9+bIrHmyl1Ua1x0NrjxKTv7235nPlW3S7xH4Ity88+lcIV0dFIEdMYS
Q/Xe+WhOWrbsoFCvMG3V9gLKICDlCjqtDRsnyINp/8szkwis4KkVhRipT4GfCDJj
tvSQVJ0mbLEH9A==
-----END CERTIFICATE-----