Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File:                     h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier:          vqhDYoy3U5LI7CuZo94yrh0vH6wf+T+eT84PCK6LcjA=
Subject key identifier:   3F:A5:9B:78:0D:F5:BC:50:AC:76:38:6A:60:3A:8E:B7:C9:03:F9:23
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer:       /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial:       019A71B89C6DC644B444E8767FB31D165931
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number:          0FE0
Signing time:             Tue 11 Nov 2025 07:01:55 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:55 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:55 +0000
Files and hashes:         1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: WzMeCHGtvXOetKjM7mALv/mqbnEaBu0m7814R3n88VU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:9c:6d:c6:44:b4:44:e8:76:7f:b3:1d:16:59:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
        Validity
            Not Before: Nov 11 07:01:55 2025 GMT
            Not After : Nov 12 07:01:55 2025 GMT
        Subject: CN=3fa59b780df5bc50ac76386a603a8eb7c903f923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:06:a7:bc:5c:60:a9:60:76:19:85:fc:22:41:
                    56:10:be:e7:8b:43:bc:e0:3d:63:e4:d7:21:81:70:
                    67:d2:3c:a2:36:6b:d5:dd:61:1a:3b:c9:f6:9d:12:
                    53:fe:b3:b0:76:92:c3:7c:2b:69:a4:f1:0f:eb:f4:
                    76:63:19:d6:04:a2:68:4e:30:f3:20:13:42:12:c1:
                    71:44:5c:ff:d2:68:73:36:f3:c4:46:87:f3:5b:08:
                    60:70:89:9f:b2:14:17:88:89:5a:ac:0e:19:9b:d5:
                    14:17:55:6b:0b:2e:31:69:70:4b:fc:57:a9:f9:af:
                    d6:89:b8:88:9c:df:52:18:ce:43:d4:4c:62:3c:77:
                    ef:e5:0c:f6:5a:fc:dc:eb:cc:c3:2c:ab:16:67:ad:
                    05:91:94:f2:dd:a5:bf:16:0e:28:6c:a1:9a:5a:78:
                    1d:0f:44:38:d2:de:78:ab:af:30:7c:c1:83:49:8a:
                    a0:7a:bc:a3:b0:dc:e7:b2:f6:74:e1:b7:fe:28:b4:
                    42:21:95:16:10:80:78:a3:a6:5e:14:d2:94:83:da:
                    21:97:3b:ee:93:af:bb:55:fa:9d:ec:72:49:10:0b:
                    17:a3:f9:9c:45:70:71:67:db:1c:eb:92:e7:c1:59:
                    44:3b:ce:54:df:65:21:08:20:83:a9:f6:4d:24:8b:
                    57:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A5:9B:78:0D:F5:BC:50:AC:76:38:6A:60:3A:8E:B7:C9:03:F9:23
            X509v3 Authority Key Identifier:
                keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b0:78:0a:00:ff:21:88:62:1e:7d:f2:fd:b3:28:28:a8:11:
         97:ce:8b:0e:bb:a0:bd:68:92:92:d6:61:26:9c:82:a4:06:37:
         70:21:2f:34:0d:92:6b:85:f4:3c:b7:d1:20:cc:bd:6e:f6:24:
         00:25:36:ab:ab:5e:b4:60:da:87:67:a1:53:cc:25:ff:5f:e5:
         c0:ce:26:ce:5b:e4:00:a9:86:31:b2:08:22:ac:ad:cb:38:72:
         d2:fe:33:f7:d8:56:7f:5d:77:20:41:29:ba:cf:38:64:e0:90:
         6f:fe:71:a7:5a:e5:f5:b9:1c:90:1c:36:ae:ca:86:7b:d0:54:
         92:94:2a:72:99:ac:a8:9b:61:04:47:ea:e5:67:e7:51:c1:fa:
         d5:66:10:f9:07:7d:7a:f6:d4:27:7a:85:e1:50:15:81:11:ed:
         e6:d7:58:6f:33:83:b9:d8:1a:96:b8:fe:c5:78:b9:e1:3d:d1:
         c2:81:58:35:10:67:ca:95:0f:f2:6b:86:db:12:51:70:42:be:
         9f:db:62:55:e0:a3:0c:ab:8a:be:af:d3:5d:e9:d1:4e:74:dc:
         ac:c7:1e:f3:c6:4c:7d:a1:e4:50:10:4b:be:0f:1f:2f:64:5e:
         3f:4b:fb:07:46:d1:97:b4:1d:81:13:9e:8d:05:0c:6b:6a:6c:
         2c:b0:0c:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuJxtxkS0ROh2f7MdFlkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjUxMTExMDcwMTU1WhcNMjUxMTEyMDcwMTU1WjAzMTEwLwYDVQQD
EygzZmE1OWI3ODBkZjViYzUwYWM3NjM4NmE2MDNhOGViN2M5MDNmOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwanvFxgqWB2GYX8IkFWEL7ni0O8
4D1j5NchgXBn0jyiNmvV3WEaO8n2nRJT/rOwdpLDfCtppPEP6/R2YxnWBKJoTjDz
IBNCEsFxRFz/0mhzNvPERofzWwhgcImfshQXiIlarA4Zm9UUF1VrCy4xaXBL/Fep
+a/WibiInN9SGM5D1ExiPHfv5Qz2Wvzc68zDLKsWZ60FkZTy3aW/Fg4obKGaWngd
D0Q40t54q68wfMGDSYqgeryjsNznsvZ04bf+KLRCIZUWEIB4o6ZeFNKUg9ohlzvu
k6+7Vfqd7HJJEAsXo/mcRXBxZ9sc65LnwVlEO85U32UhCCCDqfZNJItXWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+lm3gN9bxQrHY4amA6jrfJA/kjMB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7B4CgD/
IYhiHn3y/bMoKKgRl86LDrugvWiSktZhJpyCpAY3cCEvNA2Sa4X0PLfRIMy9bvYk
ACU2q6tetGDah2ehU8wl/1/lwM4mzlvkAKmGMbIIIqytyzhy0v4z99hWf113IEEp
us84ZOCQb/5xp1rl9bkckBw2rsqGe9BUkpQqcpmsqJthBEfq5WfnUcH61WYQ+Qd9
evbUJ3qF4VAVgRHt5tdYbzODudgalrj+xXi54T3RwoFYNRBnypUP8muG2xJRcEK+
n9tiVeCjDKuKvq/TXenRTnTcrMce88ZMfaHkUBBLvg8fL2ReP0v7B0bRl7QdgROe
jQUMa2psLLAMQQ==
-----END CERTIFICATE-----