Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          YsC8XQw2cT3neC9PIeAvX1zFuJcBy9sf4MKLtvWsKxU=
Subject key identifier:   8D:1F:A5:2F:88:A4:03:77:80:D5:A7:DC:C0:B1:86:CB:05:3C:13:A6
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019923A07B5AE41365F175E281B2E11C252A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0F34
Signing time:             Sun 07 Sep 2025 10:02:23 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:23 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:23 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: B3OMSSeF1VcMH7kvkmYj345xYAy91SbfvdDJu4eDGvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:7b:5a:e4:13:65:f1:75:e2:81:b2:e1:1c:25:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Sep  7 10:02:23 2025 GMT
            Not After : Sep  8 10:02:23 2025 GMT
        Subject: CN=8d1fa52f88a4037780d5a7dcc0b186cb053c13a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:95:7e:b6:81:6f:4d:08:de:25:55:02:98:fe:
                    14:53:a3:31:2f:ed:87:dd:38:d3:c3:ce:ef:c8:92:
                    95:ff:88:36:0c:6c:81:ac:14:f2:e9:cd:d7:a5:34:
                    6b:0f:a3:34:c2:ea:17:b6:27:39:4c:b7:22:2a:a6:
                    eb:e8:da:06:e2:c5:95:01:36:18:a0:e0:c3:7b:0a:
                    62:45:19:28:8e:d2:d4:85:cd:5d:2b:f7:a2:09:6b:
                    37:ab:b6:c5:2a:37:3e:23:e3:ad:4a:ef:cf:c5:24:
                    90:8f:d0:ce:ba:f4:bb:40:fa:ec:46:c9:85:48:6b:
                    e4:cb:e9:b6:c3:a1:17:5d:da:10:3f:44:14:97:01:
                    6a:f6:de:44:94:be:59:c5:93:32:4b:fa:bf:7a:49:
                    d8:59:91:13:fd:06:62:fd:a2:c2:16:66:a1:50:fd:
                    69:95:9b:94:55:fa:cc:03:40:e4:81:f8:2f:78:42:
                    64:b7:50:49:17:db:88:25:6a:5c:b7:da:cd:87:02:
                    79:cd:af:c9:a9:16:a6:06:6f:3b:59:8f:0d:2a:58:
                    7d:74:ab:aa:42:14:39:4c:ba:5f:8b:0a:68:3d:f3:
                    10:42:b7:55:30:d2:74:f5:cd:29:ca:c0:e7:4d:f7:
                    91:6d:cc:9a:b9:e1:02:18:d6:ef:0f:db:a2:f4:8f:
                    cb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:1F:A5:2F:88:A4:03:77:80:D5:A7:DC:C0:B1:86:CB:05:3C:13:A6
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:29:10:36:0d:d7:d3:8a:00:bb:6a:3b:a4:a5:36:d8:3d:bf:
         a1:a6:58:a8:cd:54:23:6a:54:a6:f3:b3:fd:d6:3f:f4:82:3f:
         00:c5:d7:1a:d6:d6:d0:15:93:44:4b:c0:65:ed:49:e5:69:08:
         db:66:ab:95:08:7d:e1:08:31:a9:ad:4f:ab:b4:a6:cf:ee:6e:
         13:01:c0:ce:37:2a:28:ba:12:9a:29:9b:7d:df:8d:85:d1:24:
         0f:79:f6:69:2c:c4:27:79:f6:57:1f:c5:be:21:aa:5c:4c:26:
         da:30:d9:1a:91:05:5f:fd:c5:a7:56:e5:35:cb:c5:02:b6:25:
         19:56:7b:14:6a:51:61:de:22:9e:21:f0:9c:86:e9:e4:be:40:
         bc:25:cc:61:9d:f5:5d:f7:a4:4b:be:71:07:5d:dd:62:31:6f:
         0d:de:e1:b0:b7:bd:fc:41:4c:71:c9:d0:26:70:a5:c0:22:2f:
         4b:80:2a:63:7b:a3:63:39:c8:45:0e:9a:0c:5e:dd:e2:58:c8:
         fc:3a:b0:fd:50:75:ae:f1:9a:40:20:18:76:53:49:9a:0a:24:
         c6:82:39:47:ee:5a:07:df:7e:77:9b:17:66:5c:29:42:90:da:
         cc:df:87:94:c0:8d:aa:7d:c9:7b:7e:78:7c:02:8e:79:63:8b:
         29:5f:c0:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoHta5BNl8XXigbLhHCUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUwOTA3MTAwMjIzWhcNMjUwOTA4MTAwMjIzWjAzMTEwLwYDVQQD
Eyg4ZDFmYTUyZjg4YTQwMzc3ODBkNWE3ZGNjMGIxODZjYjA1M2MxM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupV+toFvTQjeJVUCmP4UU6MxL+2H
3TjTw87vyJKV/4g2DGyBrBTy6c3XpTRrD6M0wuoXtic5TLciKqbr6NoG4sWVATYY
oODDewpiRRkojtLUhc1dK/eiCWs3q7bFKjc+I+OtSu/PxSSQj9DOuvS7QPrsRsmF
SGvky+m2w6EXXdoQP0QUlwFq9t5ElL5ZxZMyS/q/eknYWZET/QZi/aLCFmahUP1p
lZuUVfrMA0DkgfgveEJkt1BJF9uIJWpct9rNhwJ5za/JqRamBm87WY8NKlh9dKuq
QhQ5TLpfiwpoPfMQQrdVMNJ09c0pysDnTfeRbcyaueECGNbvD9ui9I/LTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0fpS+IpAN3gNWn3MCxhssFPBOmMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABCkQNg3X
04oAu2o7pKU22D2/oaZYqM1UI2pUpvOz/dY/9II/AMXXGtbW0BWTREvAZe1J5WkI
22arlQh94Qgxqa1Pq7Smz+5uEwHAzjcqKLoSmimbfd+NhdEkD3n2aSzEJ3n2Vx/F
viGqXEwm2jDZGpEFX/3Fp1blNcvFArYlGVZ7FGpRYd4iniHwnIbp5L5AvCXMYZ31
XfekS75xB13dYjFvDd7hsLe9/EFMccnQJnClwCIvS4AqY3ujYznIRQ6aDF7d4ljI
/Dqw/VB1rvGaQCAYdlNJmgokxoI5R+5aB99+d5sXZlwpQpDazN+HlMCNqn3Je354
fAKOeWOLKV/AMg==
-----END CERTIFICATE-----