Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          GVfGHMF+U+IUaPXkMNsh0HYucankKG/9IScDdtGEKAc=
Subject key identifier:   4F:4B:BA:B6:12:8C:AA:40:64:ED:8A:EC:E3:BE:E2:6B:76:1D:75:35
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019A71B8C277072349EB711C8C5942D17A63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0FE1
Signing time:             Tue 11 Nov 2025 07:02:04 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:04 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:04 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: 1cGx4ooXDaZXNafrnOMvY7tCb73yYCmhTsGA4gDafQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:c2:77:07:23:49:eb:71:1c:8c:59:42:d1:7a:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Nov 11 07:02:04 2025 GMT
            Not After : Nov 12 07:02:04 2025 GMT
        Subject: CN=4f4bbab6128caa4064ed8aece3bee26b761d7535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e8:82:33:ec:f2:a0:80:1d:ca:37:d5:ac:f6:
                    dc:a8:7f:6a:c7:bc:b2:39:63:bf:78:c5:c6:97:84:
                    74:7b:22:57:5e:83:03:31:aa:5b:63:46:a8:b8:a3:
                    3b:77:ea:43:0d:10:a6:43:61:34:cd:31:e8:da:cf:
                    a3:b8:c7:e3:51:d8:62:7e:df:3b:0e:c3:4e:9c:38:
                    ae:aa:85:45:76:a2:65:61:22:47:0c:06:2f:e2:7c:
                    58:0f:0c:d3:c7:11:2c:d5:a2:d4:d7:4f:a5:7e:01:
                    ef:82:05:ad:63:bc:0f:5e:b0:62:03:c9:ef:b3:e0:
                    50:f4:de:7f:1c:69:4e:fd:37:19:9b:1d:b2:7e:66:
                    e1:98:4b:55:a6:d9:05:92:d8:8e:b9:26:b5:47:96:
                    57:42:42:e2:dc:3e:39:73:c9:21:a5:0f:e3:76:c1:
                    99:d1:6f:29:c7:da:e4:1b:6c:1e:2a:b4:3f:56:80:
                    5b:08:36:83:29:ca:aa:91:43:1a:8e:4f:cc:0f:1d:
                    f0:96:5d:3d:a4:e4:ce:3e:de:6a:db:14:f4:26:a8:
                    58:0d:50:f9:3d:0e:a5:14:40:fe:7c:19:95:6d:6b:
                    48:ec:f4:bc:85:f1:01:27:5d:e4:b2:31:77:03:db:
                    93:4a:b3:62:a9:f7:5c:80:c4:d8:43:a0:ce:15:51:
                    63:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:4B:BA:B6:12:8C:AA:40:64:ED:8A:EC:E3:BE:E2:6B:76:1D:75:35
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a3:21:2f:18:70:ad:40:4b:ab:07:2c:a4:d2:13:e9:37:6a:
         d0:d7:69:c1:0c:ea:47:da:a2:e8:91:a0:5c:7d:fa:6b:98:61:
         91:1c:d7:b8:3b:71:da:7e:92:44:d9:66:c1:a6:21:45:53:43:
         de:e1:17:44:4c:62:be:d2:f7:fb:13:94:ae:ae:0b:fa:35:ba:
         42:87:88:03:7d:c9:31:fe:13:68:2c:fd:62:20:6c:cf:3c:18:
         dc:c2:46:72:a6:cd:bf:8c:e5:48:9d:e4:e8:6c:ec:3e:14:ca:
         26:a5:c9:30:af:a4:ed:ad:20:00:56:d8:dc:73:87:d0:d0:7f:
         38:47:c3:55:fd:3e:9f:42:08:3d:92:50:9e:7a:92:59:40:13:
         ad:4b:f1:79:8e:42:f7:e6:96:12:8e:e2:b0:f7:9c:06:bb:a3:
         56:9a:cb:a0:59:bf:cb:15:85:de:80:3c:54:5e:ec:86:47:dd:
         de:77:3f:34:83:85:23:19:71:ff:f5:79:4d:cd:e1:08:2f:c2:
         f5:05:66:cf:36:a5:7f:4e:35:ec:13:46:e4:12:f2:cb:a5:9e:
         80:6f:ac:9d:e5:4e:9c:89:0f:29:70:78:d4:76:b6:9b:1f:d2:
         e3:b0:58:72:70:a7:3c:ed:75:3c:bc:4f:ee:9b:51:be:76:97:
         01:b3:28:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMJ3ByNJ63EcjFlC0XpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUxMTExMDcwMjA0WhcNMjUxMTEyMDcwMjA0WjAzMTEwLwYDVQQD
Eyg0ZjRiYmFiNjEyOGNhYTQwNjRlZDhhZWNlM2JlZTI2Yjc2MWQ3NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOiCM+zyoIAdyjfVrPbcqH9qx7yy
OWO/eMXGl4R0eyJXXoMDMapbY0aouKM7d+pDDRCmQ2E0zTHo2s+juMfjUdhift87
DsNOnDiuqoVFdqJlYSJHDAYv4nxYDwzTxxEs1aLU10+lfgHvggWtY7wPXrBiA8nv
s+BQ9N5/HGlO/TcZmx2yfmbhmEtVptkFktiOuSa1R5ZXQkLi3D45c8khpQ/jdsGZ
0W8px9rkG2weKrQ/VoBbCDaDKcqqkUMajk/MDx3wll09pOTOPt5q2xT0JqhYDVD5
PQ6lFED+fBmVbWtI7PS8hfEBJ13ksjF3A9uTSrNiqfdcgMTYQ6DOFVFjJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9LurYSjKpAZO2K7OO+4mt2HXU1MB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6MhLxhw
rUBLqwcspNIT6Tdq0NdpwQzqR9qi6JGgXH36a5hhkRzXuDtx2n6SRNlmwaYhRVND
3uEXRExivtL3+xOUrq4L+jW6QoeIA33JMf4TaCz9YiBszzwY3MJGcqbNv4zlSJ3k
6GzsPhTKJqXJMK+k7a0gAFbY3HOH0NB/OEfDVf0+n0IIPZJQnnqSWUATrUvxeY5C
9+aWEo7isPecBrujVprLoFm/yxWF3oA8VF7shkfd3nc/NIOFIxlx//V5Tc3hCC/C
9QVmzzalf0417BNG5BLyy6WegG+sneVOnIkPKXB41Ha2mx/S47BYcnCnPO11PLxP
7ptRvnaXAbMoWA==
-----END CERTIFICATE-----