Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          RC12OWH0Iz9VRJwIXTh4bOFvZ26hIOWS6+6b7MJsu3E=
Subject key identifier:   85:63:2F:9A:4A:99:C6:9A:A9:C7:71:20:9B:74:A3:E2:39:35:87:9F
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019923A0868B290A3026AC198F0555D6BB32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0DE7
Signing time:             Sun 07 Sep 2025 10:02:26 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:26 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:26 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: H8UZ+76VQVqDa5nR51Zvif9Qb9eyHN6ybMjWDJM1pcU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:86:8b:29:0a:30:26:ac:19:8f:05:55:d6:bb:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Sep  7 10:02:26 2025 GMT
            Not After : Sep  8 10:02:26 2025 GMT
        Subject: CN=85632f9a4a99c69aa9c771209b74a3e23935879f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0e:e3:4d:56:ad:76:4e:1b:82:9d:93:8a:4f:
                    eb:6c:4b:96:59:19:cd:73:b6:55:ae:0d:6e:ac:72:
                    6b:16:c3:f9:c5:2a:2e:2b:b7:3a:e3:7d:12:b2:15:
                    1a:71:3f:6d:99:96:11:12:69:17:99:b9:cc:c7:13:
                    6d:18:55:86:3b:a7:d4:cf:48:4e:56:18:4e:85:36:
                    cc:e7:b9:e9:4f:11:54:7d:fa:cb:0b:33:0d:b8:53:
                    95:47:01:44:96:aa:d7:16:69:1d:d1:de:99:c2:6d:
                    e8:68:3f:73:60:05:ac:08:2d:d0:ba:3e:fe:eb:52:
                    48:56:1c:2d:6f:6f:f1:73:c9:89:2e:5a:da:16:5b:
                    90:f9:2f:3c:16:47:75:0e:40:10:44:e1:5d:fe:65:
                    84:51:42:6d:e3:48:83:81:f2:b1:48:bc:e9:fe:4c:
                    3f:c7:43:1e:90:7b:72:07:e1:79:cc:95:48:e5:eb:
                    4b:82:10:c2:c9:16:bb:90:35:19:38:ec:9b:d1:cd:
                    04:83:84:b2:36:3f:62:ba:38:e0:56:1c:aa:68:94:
                    19:71:0b:a3:da:ce:0f:56:15:ae:da:ef:48:b4:cd:
                    f9:3e:8d:59:44:b2:b0:02:f0:9f:51:ae:0a:72:1e:
                    b3:3c:09:05:75:f7:aa:26:09:ee:ba:d7:69:e1:92:
                    9d:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:63:2F:9A:4A:99:C6:9A:A9:C7:71:20:9B:74:A3:E2:39:35:87:9F
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:9d:68:ad:05:3a:e1:e5:b1:a8:54:94:fc:0d:d1:c1:23:13:
         5a:fe:f6:9b:3e:50:70:e7:a8:25:77:0f:c0:5a:2d:52:6a:d3:
         33:07:f8:d9:df:86:30:ae:ff:0b:5a:0d:6f:3c:20:6a:77:42:
         5a:93:ba:12:b5:57:0e:0f:d5:74:46:54:0c:09:ed:85:2a:55:
         65:56:d5:51:ec:88:0c:43:10:bc:0d:25:23:40:8e:f5:66:37:
         2b:a3:17:85:05:09:9d:3a:1a:41:2e:9e:15:1e:23:90:d3:d6:
         01:16:39:97:8d:0f:8b:ca:ba:eb:2c:a7:e1:aa:77:00:14:e4:
         89:af:33:eb:d8:cc:7d:3c:aa:c6:52:b2:6e:c8:16:20:27:a2:
         e8:52:f1:72:09:ee:ea:db:a5:a3:b0:9c:57:24:b6:4c:80:12:
         f2:2e:56:67:83:a6:61:59:51:14:fd:4b:6f:63:5f:0d:1f:87:
         e5:2f:2d:0a:54:94:64:77:70:c2:a9:96:bc:1a:ef:3e:c6:6d:
         09:cb:46:ba:28:fb:f3:40:03:e8:63:ee:38:e5:b2:49:e0:7c:
         a8:af:f0:a0:5d:9f:18:dc:e3:2c:67:18:97:36:94:15:fe:66:
         9f:8d:bd:ed:77:cc:7e:5d:d7:f3:c2:cc:79:6a:3e:17:5c:d6:
         b4:e3:65:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoIaLKQowJqwZjwVV1rsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwOTA3MTAwMjI2WhcNMjUwOTA4MTAwMjI2WjAzMTEwLwYDVQQD
Eyg4NTYzMmY5YTRhOTljNjlhYTljNzcxMjA5Yjc0YTNlMjM5MzU4NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg7jTVatdk4bgp2Tik/rbEuWWRnN
c7ZVrg1urHJrFsP5xSouK7c6430SshUacT9tmZYREmkXmbnMxxNtGFWGO6fUz0hO
VhhOhTbM57npTxFUffrLCzMNuFOVRwFElqrXFmkd0d6Zwm3oaD9zYAWsCC3Quj7+
61JIVhwtb2/xc8mJLlraFluQ+S88Fkd1DkAQROFd/mWEUUJt40iDgfKxSLzp/kw/
x0MekHtyB+F5zJVI5etLghDCyRa7kDUZOOyb0c0Eg4SyNj9iujjgVhyqaJQZcQuj
2s4PVhWu2u9ItM35Po1ZRLKwAvCfUa4Kch6zPAkFdfeqJgnuutdp4ZKdXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVjL5pKmcaaqcdxIJt0o+I5NYefMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiJ1orQU6
4eWxqFSU/A3RwSMTWv72mz5QcOeoJXcPwFotUmrTMwf42d+GMK7/C1oNbzwgandC
WpO6ErVXDg/VdEZUDAnthSpVZVbVUeyIDEMQvA0lI0CO9WY3K6MXhQUJnToaQS6e
FR4jkNPWARY5l40Pi8q66yyn4ap3ABTkia8z69jMfTyqxlKybsgWICei6FLxcgnu
6tulo7CcVyS2TIAS8i5WZ4OmYVlRFP1Lb2NfDR+H5S8tClSUZHdwwqmWvBrvPsZt
CctGuij780AD6GPuOOWySeB8qK/woF2fGNzjLGcYlzaUFf5mn4297XfMfl3X88LM
eWo+F1zWtONlZA==
-----END CERTIFICATE-----