Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
File:                     hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json)
Hash identifier:          /EzY7GlR9Q5Ooke6PFnh2I6rmxnEd0uKSSPWxwb61Qc=
Subject key identifier:   02:8A:88:F7:03:9D:3F:7C:AD:70:A5:B8:E1:5E:90:D1:9E:C0:D2:F0
Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C
Certificate issuer:       /CN=869acd19e23a816644bad0e8a12b86e1288ad33c
Certificate serial:       0199FFC8470D4A3C0AA1824CCF9196EA667E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
Manifest number:          10CD
Signing time:             Mon 20 Oct 2025 04:02:19 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:19 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:19 +0000
Files and hashes:         1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: 5jyt5Y0XzlM0lMNf57KqXbLeD/zzDQC52qKUC26pY3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:47:0d:4a:3c:0a:a1:82:4c:cf:91:96:ea:66:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c
        Validity
            Not Before: Oct 20 04:02:19 2025 GMT
            Not After : Oct 21 04:02:19 2025 GMT
        Subject: CN=028a88f7039d3f7cad70a5b8e15e90d19ec0d2f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:cd:fe:c3:95:63:f8:e0:d3:65:bd:00:a2:58:
                    52:c5:31:c3:2b:64:e7:a7:87:36:22:38:bf:00:09:
                    2b:c5:2f:57:3b:67:20:0a:88:ff:72:09:b5:6e:d0:
                    d9:c7:42:c2:b2:d2:f4:ba:d2:f9:37:61:2e:64:07:
                    01:0d:ee:47:24:ee:1c:d1:28:1c:83:c2:e4:ee:14:
                    ba:36:8b:8b:11:1b:d0:6e:12:40:81:d3:84:14:7a:
                    6b:72:85:59:3b:76:a4:7a:a5:12:52:7c:29:79:0d:
                    bb:bf:20:13:4c:85:e8:23:ab:10:19:68:f1:c7:da:
                    57:b2:0e:f0:62:52:5e:00:81:92:09:5d:c8:eb:94:
                    b2:c8:1b:c4:cc:b3:5e:3a:3e:00:fb:96:9c:45:5b:
                    7a:d9:96:d7:05:dd:28:82:3d:fd:6b:67:ba:ea:b7:
                    af:c7:d3:c2:04:e7:72:02:01:97:f3:a3:aa:a0:78:
                    74:5c:c2:13:61:0f:8d:33:3a:72:01:d0:87:c7:38:
                    32:28:2e:27:4a:44:90:69:62:ab:00:16:6b:54:59:
                    47:0e:8b:f8:e8:b1:a5:1b:70:a0:36:bf:f5:2c:ea:
                    31:c1:e5:7f:49:77:c4:7a:43:0b:36:3a:ce:62:06:
                    cd:42:f7:e2:61:13:5f:fa:39:06:8b:70:0a:e4:52:
                    d4:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:8A:88:F7:03:9D:3F:7C:AD:70:A5:B8:E1:5E:90:D1:9E:C0:D2:F0
            X509v3 Authority Key Identifier:
                keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:73:63:ca:f9:ed:45:a7:86:d6:0c:00:98:b3:48:c1:1d:7c:
         8d:65:48:58:21:0a:41:92:88:98:30:75:5b:a9:3e:44:05:44:
         07:05:19:78:f6:88:7b:42:a6:16:f6:1b:24:92:6f:95:e5:d4:
         b7:2c:97:b9:36:21:1e:d9:dc:b7:30:f9:2f:bb:52:e5:d8:89:
         53:44:60:87:c5:84:43:8c:e6:fc:f2:22:2b:ef:cd:80:3b:15:
         42:8b:e6:fd:6d:83:79:25:f4:0b:46:8e:da:78:88:e4:e0:a7:
         df:ae:5a:e8:95:9e:66:e8:fa:80:63:9a:2d:43:29:4f:fe:81:
         1d:31:e1:62:db:cd:bc:ef:ff:0d:cb:8a:44:38:02:aa:97:97:
         38:84:de:9e:f0:ee:9f:11:33:df:87:18:a9:ad:65:97:ad:79:
         90:8e:a7:e7:fa:6f:69:ea:cd:f3:62:22:71:37:31:41:a7:ff:
         cf:6b:00:44:a8:e2:77:f5:98:c9:46:a5:fa:e2:17:f2:20:fd:
         c7:10:1b:d9:9e:e4:18:78:2a:4a:7f:b8:33:28:81:d9:11:e8:
         6c:78:cb:fc:ad:b8:f6:94:9b:b9:c5:70:4c:89:7d:f4:44:2c:
         d6:33:32:7d:93:c3:d8:e2:99:3a:79:30:16:45:95:b5:14:c7:
         68:c0:d1:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yEcNSjwKoYJMz5GW6mZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4
YWQzM2MwHhcNMjUxMDIwMDQwMjE5WhcNMjUxMDIxMDQwMjE5WjAzMTEwLwYDVQQD
EygwMjhhODhmNzAzOWQzZjdjYWQ3MGE1YjhlMTVlOTBkMTllYzBkMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM3+w5Vj+ODTZb0AolhSxTHDK2Tn
p4c2Iji/AAkrxS9XO2cgCoj/cgm1btDZx0LCstL0utL5N2EuZAcBDe5HJO4c0Sgc
g8Lk7hS6NouLERvQbhJAgdOEFHprcoVZO3akeqUSUnwpeQ27vyATTIXoI6sQGWjx
x9pXsg7wYlJeAIGSCV3I65SyyBvEzLNeOj4A+5acRVt62ZbXBd0ogj39a2e66rev
x9PCBOdyAgGX86OqoHh0XMITYQ+NMzpyAdCHxzgyKC4nSkSQaWKrABZrVFlHDov4
6LGlG3CgNr/1LOoxweV/SXfEekMLNjrOYgbNQvfiYRNf+jkGi3AK5FLUJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKKiPcDnT98rXCluOFekNGewNLwMB8GA1UdIwQY
MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt
N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw
LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHNjyvnt
RaeG1gwAmLNIwR18jWVIWCEKQZKImDB1W6k+RAVEBwUZePaIe0KmFvYbJJJvleXU
tyyXuTYhHtnctzD5L7tS5diJU0Rgh8WEQ4zm/PIiK+/NgDsVQovm/W2DeSX0C0aO
2niI5OCn365a6JWeZuj6gGOaLUMpT/6BHTHhYtvNvO//DcuKRDgCqpeXOITenvDu
nxEz34cYqa1ll615kI6n5/pvaerN82IicTcxQaf/z2sARKjid/WYyUal+uIX8iD9
xxAb2Z7kGHgqSn+4MyiB2RHobHjL/K249pSbucVwTIl99EQs1jMyfZPD2OKZOnkw
FkWVtRTHaMDRUA==
-----END CERTIFICATE-----