Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
File:                     hesz_RfSMvvmsq22bLCv4N7pA7A.mft (raw, json)
Hash identifier:          7R1aT62cUdrVBt8QI4xjYsd2/1TTUUxtXCjb1xAvHGE=
Subject key identifier:   C7:2E:39:E6:E5:72:74:EA:23:C6:61:74:AA:7B:09:8A:1C:9A:EC:73
Authority key identifier: 85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
Certificate issuer:       /CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Certificate serial:       01992255C13C7448EA87235E767541A2F49A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
Manifest number:          04FE
Signing time:             Sun 07 Sep 2025 04:01:09 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:09 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:09 +0000
Files and hashes:         1: hesz_RfSMvvmsq22bLCv4N7pA7A.crl (hash: 4ZwsWTNQ9TervOFLaXsU6RRXq4hssedHVOfag5zUlhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:c1:3c:74:48:ea:87:23:5e:76:75:41:a2:f4:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
        Validity
            Not Before: Sep  7 04:01:09 2025 GMT
            Not After : Sep  8 04:01:09 2025 GMT
        Subject: CN=c72e39e6e57274ea23c66174aa7b098a1c9aec73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f2:4b:99:fc:22:0a:e6:a6:f6:bf:78:24:f8:
                    94:e6:aa:59:cc:11:53:00:5d:5a:4e:a1:b8:ae:14:
                    d1:5a:0d:43:56:f9:d2:3a:a2:41:0c:89:2b:40:ea:
                    06:ce:18:db:c5:27:dc:c7:5c:42:7e:ae:26:43:ce:
                    11:52:3f:e1:82:9b:d9:a4:f2:dd:c5:eb:b5:b3:d4:
                    fd:dc:4d:b4:93:b8:11:21:f1:9a:bd:f2:64:da:d5:
                    34:4d:9e:6d:ec:cb:d9:25:52:60:5e:22:fb:8f:e1:
                    a0:39:ad:7a:09:d8:9c:c6:70:36:58:ee:8f:ff:52:
                    e4:0e:86:cc:61:1c:59:ba:3c:5b:84:64:1b:78:e4:
                    fe:4d:36:95:08:0e:22:38:88:fc:5e:b3:70:4c:ec:
                    f1:b0:da:01:29:f2:84:15:15:54:61:a8:0b:a6:1c:
                    81:bd:93:60:b9:3b:e6:43:3b:b6:c8:e3:f6:7e:72:
                    3f:36:f8:3a:a1:73:22:31:77:6d:55:6b:42:25:53:
                    6c:ef:2d:03:6b:d1:a8:e8:b9:69:d8:ee:73:d1:a9:
                    01:ae:17:0a:25:c7:7b:10:f8:65:aa:04:96:e4:e5:
                    a5:fb:a3:1a:6b:07:7d:6e:06:03:f0:1d:a3:43:04:
                    43:aa:28:20:76:b0:a1:ae:b5:88:11:10:98:4c:6f:
                    01:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2E:39:E6:E5:72:74:EA:23:C6:61:74:AA:7B:09:8A:1C:9A:EC:73
            X509v3 Authority Key Identifier:
                keyid:85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:d5:aa:af:a2:3f:9d:46:e0:9b:0f:52:0a:81:88:39:9b:ff:
         c5:bf:08:a7:76:e3:a1:54:03:b7:70:88:be:fc:93:54:9c:fa:
         81:c8:99:90:27:6d:46:3d:20:28:62:1e:dd:bb:c3:8a:e1:c0:
         eb:d0:61:7f:fd:6b:7f:8d:64:d6:4c:46:af:79:06:77:f5:e5:
         17:5f:8f:9e:75:51:96:6e:bb:ab:fe:24:58:d8:83:c4:8d:72:
         18:08:b5:cd:53:ff:ab:63:60:ee:fd:70:24:41:a3:5e:84:ba:
         20:4d:28:75:04:61:03:8d:86:25:55:08:fe:2a:d1:00:ad:70:
         7e:4f:39:bc:a6:85:cf:13:8d:57:b6:98:38:74:17:dd:eb:e0:
         56:6a:79:4e:3a:ba:34:ba:68:61:ca:35:56:c8:1a:12:3b:89:
         6f:5e:bc:7f:3f:fe:3a:f6:9f:85:b7:cb:a8:bf:2a:03:e1:6c:
         4e:b5:8e:5d:81:bb:f4:f3:04:ce:4a:dd:33:bb:2e:cb:13:9b:
         35:49:86:af:d6:df:6d:db:f7:13:73:f8:52:19:0b:df:42:ca:
         d1:b8:9a:72:18:72:ec:bc:07:92:95:0a:e2:84:f5:86:93:af:
         d9:40:8a:c7:38:99:8e:2a:ff:15:e5:84:c7:1f:4f:f0:1d:c2:
         bd:40:02:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVcE8dEjqhyNednVBovSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZWIzM2ZkMTdkMjMyZmJlNmIyYWRiNjZjYjBhZmUwZGVl
OTAzYjAwHhcNMjUwOTA3MDQwMTA5WhcNMjUwOTA4MDQwMTA5WjAzMTEwLwYDVQQD
EyhjNzJlMzllNmU1NzI3NGVhMjNjNjYxNzRhYTdiMDk4YTFjOWFlYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/JLmfwiCuam9r94JPiU5qpZzBFT
AF1aTqG4rhTRWg1DVvnSOqJBDIkrQOoGzhjbxSfcx1xCfq4mQ84RUj/hgpvZpPLd
xeu1s9T93E20k7gRIfGavfJk2tU0TZ5t7MvZJVJgXiL7j+GgOa16CdicxnA2WO6P
/1LkDobMYRxZujxbhGQbeOT+TTaVCA4iOIj8XrNwTOzxsNoBKfKEFRVUYagLphyB
vZNguTvmQzu2yOP2fnI/Nvg6oXMiMXdtVWtCJVNs7y0Da9Go6Llp2O5z0akBrhcK
Jcd7EPhlqgSW5OWl+6Maawd9bgYD8B2jQwRDqiggdrChrrWIERCYTG8BswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcuOeblcnTqI8ZhdKp7CYocmuxzMB8GA1UdIwQY
MBaAFIXrM/0X0jL75rKttmywr+De6QOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMt
OGEzOGVhMmIxZjU0LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMtOGEzOGVhMmIxZjU0
LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitWqr6I/
nUbgmw9SCoGIOZv/xb8Ip3bjoVQDt3CIvvyTVJz6gciZkCdtRj0gKGIe3bvDiuHA
69Bhf/1rf41k1kxGr3kGd/XlF1+PnnVRlm67q/4kWNiDxI1yGAi1zVP/q2Ng7v1w
JEGjXoS6IE0odQRhA42GJVUI/irRAK1wfk85vKaFzxONV7aYOHQX3evgVmp5Tjq6
NLpoYco1VsgaEjuJb168fz/+OvafhbfLqL8qA+FsTrWOXYG79PMEzkrdM7suyxOb
NUmGr9bfbdv3E3P4UhkL30LK0biachhy7LwHkpUK4oT1hpOv2UCKxziZjir/FeWE
xx9P8B3CvUAC1Q==
-----END CERTIFICATE-----