Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          BUjIBIVBN2tMslAR5rrtuQCJ7jUyTMSmfz/wwOqD/cc=
Subject key identifier:   67:A6:24:25:15:7B:9D:01:F4:83:17:E4:36:2A:CA:09:3C:EE:73:16
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       019873E3FAF4F511A76E2AD8B547D5A00863
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0D8C
Signing time:             Mon 04 Aug 2025 07:02:57 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:57 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:57 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: UnAJ7KH1we/zEbCoyAahrVAmSm7Zw1iHfMIq4tdYM2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:fa:f4:f5:11:a7:6e:2a:d8:b5:47:d5:a0:08:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Aug  4 07:02:57 2025 GMT
            Not After : Aug  5 07:02:57 2025 GMT
        Subject: CN=67a62425157b9d01f48317e4362aca093cee7316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:92:2a:e6:b4:1e:f6:d4:08:a2:89:93:27:2e:
                    f2:13:00:05:50:3f:f2:7a:bd:f7:77:81:92:69:6b:
                    b2:be:92:7f:96:27:01:51:de:f7:e7:2f:28:0d:ca:
                    29:28:28:2f:fc:9d:2c:60:76:78:47:4a:01:26:79:
                    57:42:e8:ff:62:13:f5:da:47:4f:21:85:bf:7e:ee:
                    b9:db:18:d8:cb:78:50:33:ee:fe:cc:9d:20:eb:7d:
                    4e:03:ed:08:59:4c:77:24:0a:c2:f9:e9:ad:fd:fb:
                    ae:83:16:f0:47:fa:8b:b7:2c:e4:7a:b2:74:b7:b9:
                    19:77:a2:d9:46:ca:fa:04:0d:ad:ed:c7:8c:11:59:
                    4d:44:fb:47:e6:2b:b2:7e:73:1a:ae:23:81:13:f0:
                    97:55:cc:4d:3a:c0:92:2f:ee:ba:3b:73:49:46:b1:
                    31:34:2e:4d:88:8f:f5:20:af:96:fe:39:33:de:c0:
                    dc:1a:0b:8f:9b:56:7d:d8:53:56:06:42:45:ef:38:
                    75:1a:8d:fc:61:3d:c3:19:09:4c:46:69:9c:ad:a5:
                    70:6e:45:1a:a4:e3:b0:a4:7f:1d:98:5f:97:41:b2:
                    c8:bb:9a:eb:58:69:43:71:e1:be:a9:25:d2:f6:cb:
                    f0:10:ea:56:74:ad:b7:24:fe:51:dd:e2:da:66:67:
                    82:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A6:24:25:15:7B:9D:01:F4:83:17:E4:36:2A:CA:09:3C:EE:73:16
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:16:cf:ba:38:6d:8e:56:cc:99:44:12:f1:7b:de:d1:c1:a7:
         2f:7b:c7:a1:ea:6f:f8:4e:19:0d:a6:cd:9e:5b:e7:85:ad:3a:
         5d:94:e6:57:e6:cf:4f:91:c6:00:2a:42:a5:28:90:d3:46:c6:
         be:37:3d:ab:61:0d:42:c4:fb:f7:3b:20:48:e9:35:81:7e:7a:
         09:9f:b5:82:8d:b9:9a:66:80:da:4f:06:5d:9e:2a:cc:d4:ae:
         2a:af:58:8d:c4:b4:16:81:31:56:46:2a:6e:98:75:1f:4e:58:
         c9:74:f4:3c:ad:d1:cc:99:e0:f8:82:54:1d:62:52:35:df:55:
         3b:c1:25:8b:cf:ab:c1:79:9c:22:96:1a:3e:00:b3:be:eb:8b:
         de:26:5b:d0:c4:f9:8a:10:70:b2:d2:61:aa:45:76:a7:22:ca:
         a4:b6:d1:10:77:b6:9b:24:68:47:97:31:b9:0d:14:ec:21:05:
         0e:2b:bb:d8:e8:ae:6d:33:5d:9a:26:99:53:9b:aa:2d:f7:46:
         c9:cc:25:98:81:a5:b8:8a:cf:3e:5e:b8:12:ea:f0:40:7e:62:
         f3:0c:e4:f5:5c:51:0f:99:bf:f1:33:21:26:45:82:9d:b4:1e:
         5f:65:df:ee:72:9d:10:c1:9a:39:14:4b:55:b9:a0:a4:a8:cb:
         32:dc:11:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4/r09RGnbirYtUfVoAhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwODA0MDcwMjU3WhcNMjUwODA1MDcwMjU3WjAzMTEwLwYDVQQD
Eyg2N2E2MjQyNTE1N2I5ZDAxZjQ4MzE3ZTQzNjJhY2EwOTNjZWU3MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpIq5rQe9tQIoomTJy7yEwAFUD/y
er33d4GSaWuyvpJ/licBUd735y8oDcopKCgv/J0sYHZ4R0oBJnlXQuj/YhP12kdP
IYW/fu652xjYy3hQM+7+zJ0g631OA+0IWUx3JArC+emt/fuugxbwR/qLtyzkerJ0
t7kZd6LZRsr6BA2t7ceMEVlNRPtH5iuyfnMariOBE/CXVcxNOsCSL+66O3NJRrEx
NC5NiI/1IK+W/jkz3sDcGguPm1Z92FNWBkJF7zh1Go38YT3DGQlMRmmcraVwbkUa
pOOwpH8dmF+XQbLIu5rrWGlDceG+qSXS9svwEOpWdK23JP5R3eLaZmeCawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGemJCUVe50B9IMX5DYqygk87nMWMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQRbPujht
jlbMmUQS8Xve0cGnL3vHoepv+E4ZDabNnlvnha06XZTmV+bPT5HGACpCpSiQ00bG
vjc9q2ENQsT79zsgSOk1gX56CZ+1go25mmaA2k8GXZ4qzNSuKq9YjcS0FoExVkYq
bph1H05YyXT0PK3RzJng+IJUHWJSNd9VO8Eli8+rwXmcIpYaPgCzvuuL3iZb0MT5
ihBwstJhqkV2pyLKpLbREHe2myRoR5cxuQ0U7CEFDiu72OiubTNdmiaZU5uqLfdG
ycwlmIGluIrPPl64EurwQH5i8wzk9VxRD5m/8TMhJkWCnbQeX2Xf7nKdEMGaORRL
VbmgpKjLMtwRZA==
-----END CERTIFICATE-----