Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          cqO14/mhSme8PGcQybBzFQcxtfCSEDLkMuJ2Lhpc2RY=
Subject key identifier:   F5:AD:2C:3B:02:47:0F:7D:D1:B6:6E:5F:9D:85:56:A3:CA:0F:97:DC
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       0199FC58E6EFD612D4C2F9D972A0A02A734F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          16DD
Signing time:             Sun 19 Oct 2025 12:01:48 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:48 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:48 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: yWect6nZfQU7R77s/BoavbsbzhtSN7fyGX/Vf6wNUZM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:e6:ef:d6:12:d4:c2:f9:d9:72:a0:a0:2a:73:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Oct 19 12:01:48 2025 GMT
            Not After : Oct 20 12:01:48 2025 GMT
        Subject: CN=f5ad2c3b02470f7dd1b66e5f9d8556a3ca0f97dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:95:10:21:e8:1c:2e:8f:4b:87:89:f8:ab:90:
                    58:23:ed:9f:6e:3c:cf:3e:03:36:9f:42:50:36:85:
                    d7:f0:08:e7:32:77:fa:18:68:37:21:33:a7:d0:fc:
                    a6:d4:38:26:c7:e2:a9:63:a0:03:4f:25:bb:de:6c:
                    bd:47:62:85:50:75:bb:cb:21:18:b4:31:cc:f5:b5:
                    e1:cf:34:f5:8a:8d:dc:8c:42:0d:ee:23:02:ae:9f:
                    87:46:49:27:a7:eb:73:05:0d:e8:cc:07:ef:6d:78:
                    8b:34:12:85:ac:26:d3:5a:50:14:6c:67:c8:82:3b:
                    07:70:b9:5c:b4:61:fe:b7:fc:1a:f0:da:cd:2f:ec:
                    28:ae:22:fd:96:be:a5:63:2e:18:fe:2a:ee:09:7a:
                    20:9b:c4:4d:6c:d6:41:1f:54:09:8b:6d:b8:37:7d:
                    d9:43:b7:12:e5:d4:ce:a8:a3:4c:ec:55:95:e2:95:
                    da:10:b8:b1:9f:e3:bf:99:4e:1c:aa:d1:d0:1b:f7:
                    f3:8a:06:10:35:30:51:33:9e:b3:b1:03:d6:18:91:
                    64:d4:5b:0d:e1:c4:4a:02:98:e3:a5:df:11:b2:c5:
                    f5:17:1b:09:47:ac:d4:bf:ac:49:52:bb:bb:74:e0:
                    25:5d:33:f5:6c:88:77:d4:c4:a7:9f:54:16:64:4b:
                    a9:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AD:2C:3B:02:47:0F:7D:D1:B6:6E:5F:9D:85:56:A3:CA:0F:97:DC
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:f0:68:93:d9:11:e5:14:88:15:2e:eb:36:ff:57:31:e2:fa:
         61:ba:e5:c1:6d:62:b9:4f:4d:23:97:da:02:11:56:2c:b2:54:
         91:ea:89:96:d0:b5:12:d3:36:42:e5:6a:ad:4a:29:51:3f:f8:
         ef:75:5d:0b:81:18:73:fe:f6:29:12:0e:3f:97:d7:8a:e6:ef:
         2f:ab:fe:b5:b2:f7:9d:27:38:46:fb:30:8a:57:13:42:77:a6:
         f8:1d:d8:8f:eb:2f:1b:7b:f9:99:55:32:99:e0:e9:fb:bf:a9:
         38:54:3e:22:fe:18:c0:90:40:67:9c:63:2a:ab:10:c4:d7:43:
         c7:24:35:ab:f6:f1:67:fe:dd:7d:08:55:8d:38:af:39:dc:11:
         f8:1a:f8:0d:9d:5b:2e:78:52:0c:bf:a2:76:7d:f5:ee:c4:63:
         1b:ca:84:62:ef:b9:e4:aa:fc:10:d9:4b:8f:c2:56:7d:81:74:
         d3:54:81:ef:10:fb:ae:86:59:08:1b:b4:20:6f:7e:d1:86:80:
         58:f4:20:e6:d6:c3:c6:4f:4f:2d:72:b6:20:da:7f:79:3e:ab:
         e7:9c:01:8e:99:91:f0:dc:30:14:df:c2:4b:fb:fa:71:4f:89:
         82:f1:c7:20:0c:e3:e6:89:ff:05:01:1b:2c:b9:b6:3a:d1:05:
         30:fd:1e:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WObv1hLUwvnZcqCgKnNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUxMDE5MTIwMTQ4WhcNMjUxMDIwMTIwMTQ4WjAzMTEwLwYDVQQD
EyhmNWFkMmMzYjAyNDcwZjdkZDFiNjZlNWY5ZDg1NTZhM2NhMGY5N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZUQIegcLo9Lh4n4q5BYI+2fbjzP
PgM2n0JQNoXX8AjnMnf6GGg3ITOn0Pym1Dgmx+KpY6ADTyW73my9R2KFUHW7yyEY
tDHM9bXhzzT1io3cjEIN7iMCrp+HRkknp+tzBQ3ozAfvbXiLNBKFrCbTWlAUbGfI
gjsHcLlctGH+t/wa8NrNL+woriL9lr6lYy4Y/iruCXogm8RNbNZBH1QJi224N33Z
Q7cS5dTOqKNM7FWV4pXaELixn+O/mU4cqtHQG/fzigYQNTBRM56zsQPWGJFk1FsN
4cRKApjjpd8RssX1FxsJR6zUv6xJUru7dOAlXTP1bIh31MSnn1QWZEupTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWtLDsCRw990bZuX52FVqPKD5fcMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvBok9kR
5RSIFS7rNv9XMeL6YbrlwW1iuU9NI5faAhFWLLJUkeqJltC1EtM2QuVqrUopUT/4
73VdC4EYc/72KRIOP5fXiubvL6v+tbL3nSc4RvswilcTQnem+B3Yj+svG3v5mVUy
meDp+7+pOFQ+Iv4YwJBAZ5xjKqsQxNdDxyQ1q/bxZ/7dfQhVjTivOdwR+Br4DZ1b
LnhSDL+idn317sRjG8qEYu+55Kr8ENlLj8JWfYF001SB7xD7roZZCBu0IG9+0YaA
WPQg5tbDxk9PLXK2INp/eT6r55wBjpmR8NwwFN/CS/v6cU+JgvHHIAzj5on/BQEb
LLm2OtEFMP0ekQ==
-----END CERTIFICATE-----