Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
File:                     hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json)
Hash identifier:          mP6t7N6wx7AR1fVXP3+S3+GxLk2Ab8LLUOLWlRpX7O4=
Subject key identifier:   9A:9D:CC:53:C2:F9:5F:68:34:45:4B:98:86:89:D6:33:66:A6:E2:86
Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8
Certificate issuer:       /CN=8449c609325c3a6602047260c9d300135095b8b8
Certificate serial:       019A003505D55683DD4F5C10370FC77772D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
Manifest number:          06B5
Signing time:             Mon 20 Oct 2025 06:01:06 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:06 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:06 +0000
Files and hashes:         1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: M6rdQZne3R638L9JnNGS2Eb3dyay/rqUiEhPS6JwwFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:05:d5:56:83:dd:4f:5c:10:37:0f:c7:77:72:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8
        Validity
            Not Before: Oct 20 06:01:06 2025 GMT
            Not After : Oct 21 06:01:06 2025 GMT
        Subject: CN=9a9dcc53c2f95f6834454b988689d63366a6e286
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bf:10:60:32:54:ef:95:e7:a5:92:63:b4:8b:
                    ac:25:5d:5a:4e:54:2a:12:78:ad:6b:b9:8d:7a:ab:
                    c5:e3:3d:ac:1e:4f:2d:7d:99:4e:16:2e:8b:e9:9f:
                    02:88:56:31:42:81:01:6d:e9:46:fd:c3:ef:ca:55:
                    39:42:5f:34:40:02:d5:d7:14:20:47:b5:fb:6d:73:
                    88:fd:79:00:75:ce:f2:41:b9:0a:4f:3a:68:94:1a:
                    92:15:4c:8f:25:be:72:f0:ea:46:e9:01:47:aa:d4:
                    15:77:f8:94:1a:41:42:1d:64:57:f4:47:1b:5a:7c:
                    eb:50:be:13:db:1a:23:9e:db:2d:51:9d:c9:05:07:
                    e4:c9:21:47:49:15:1e:c0:c9:24:ca:34:22:de:fd:
                    0f:ea:ba:09:e3:3c:6e:9a:8a:6d:b5:7c:fa:c1:ab:
                    45:69:d2:3c:de:d0:d9:9f:3d:d7:0b:d3:f9:ab:87:
                    60:96:d9:d0:ac:27:b6:9e:01:65:85:3f:20:1f:c5:
                    62:19:4f:b4:51:d9:86:f1:c3:98:bf:53:d1:b2:ba:
                    32:71:f5:85:d6:54:d4:45:d1:32:61:f8:68:90:06:
                    e7:d2:41:1a:f2:ea:54:90:95:d8:0c:a2:06:c4:e7:
                    40:d2:19:80:26:c8:6b:76:30:67:1b:a6:d6:50:23:
                    56:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:9D:CC:53:C2:F9:5F:68:34:45:4B:98:86:89:D6:33:66:A6:E2:86
            X509v3 Authority Key Identifier:
                keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:ce:2f:89:e8:e0:7d:3a:8a:ca:4a:34:02:9e:10:6f:cf:c7:
         d5:aa:4a:1d:4b:58:8c:68:6e:b9:f5:3d:c6:14:d1:6c:0a:a6:
         87:20:e4:4a:7a:51:17:1f:e7:38:12:9c:7a:bc:0e:75:02:8f:
         3f:12:df:ce:e5:3f:1b:4d:0e:fb:11:4a:5e:c7:b7:22:29:4a:
         9d:a9:f7:26:92:6c:37:16:b9:fd:11:f1:60:b6:85:d4:4a:1e:
         ff:3e:ba:90:c7:5b:29:38:9c:9f:30:6f:aa:19:85:86:83:8e:
         d6:8e:5f:ee:00:11:72:68:9d:41:d9:6a:07:ec:bf:1d:83:ad:
         d7:03:33:39:15:7f:5b:d1:56:13:da:9e:80:77:90:db:af:ce:
         3f:ec:45:23:6e:39:6a:45:64:bb:95:be:0e:47:14:2c:30:a4:
         8d:02:1a:8e:5a:02:5c:31:3e:30:0b:ee:16:72:b0:c7:b9:fc:
         a7:e2:53:fb:5c:fa:59:88:40:80:f0:54:55:2b:ea:3c:54:48:
         84:bf:41:65:fa:f5:c4:2e:4e:68:f9:e4:ec:92:13:de:f2:7a:
         d5:07:c4:18:ab:13:07:81:49:c9:f1:ca:dc:b4:14:66:5c:c6:
         d6:07:ac:65:b1:ce:2e:a2:66:29:09:7c:45:dd:ab:7f:7d:df:
         1c:f4:4e:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANQXVVoPdT1wQNw/Hd3LTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5
NWI4YjgwHhcNMjUxMDIwMDYwMTA2WhcNMjUxMDIxMDYwMTA2WjAzMTEwLwYDVQQD
Eyg5YTlkY2M1M2MyZjk1ZjY4MzQ0NTRiOTg4Njg5ZDYzMzY2YTZlMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur8QYDJU75XnpZJjtIusJV1aTlQq
Enita7mNeqvF4z2sHk8tfZlOFi6L6Z8CiFYxQoEBbelG/cPvylU5Ql80QALV1xQg
R7X7bXOI/XkAdc7yQbkKTzpolBqSFUyPJb5y8OpG6QFHqtQVd/iUGkFCHWRX9Ecb
WnzrUL4T2xojntstUZ3JBQfkySFHSRUewMkkyjQi3v0P6roJ4zxumopttXz6watF
adI83tDZnz3XC9P5q4dgltnQrCe2ngFlhT8gH8ViGU+0UdmG8cOYv1PRsroycfWF
1lTURdEyYfhokAbn0kEa8upUkJXYDKIGxOdA0hmAJshrdjBnG6bWUCNWBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqdzFPC+V9oNEVLmIaJ1jNmpuKGMB8GA1UdIwQY
MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt
Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4
LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAes4viejg
fTqKyko0Ap4Qb8/H1apKHUtYjGhuufU9xhTRbAqmhyDkSnpRFx/nOBKcerwOdQKP
PxLfzuU/G00O+xFKXse3IilKnan3JpJsNxa5/RHxYLaF1Eoe/z66kMdbKTicnzBv
qhmFhoOO1o5f7gARcmidQdlqB+y/HYOt1wMzORV/W9FWE9qegHeQ26/OP+xFI245
akVku5W+DkcULDCkjQIajloCXDE+MAvuFnKwx7n8p+JT+1z6WYhAgPBUVSvqPFRI
hL9BZfr1xC5OaPnk7JIT3vJ61QfEGKsTB4FJyfHK3LQUZlzG1gesZbHOLqJmKQl8
Rd2rf33fHPRO/w==
-----END CERTIFICATE-----