Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
File:                     7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json)
Hash identifier:          6/So9p4orhYyV9dmaMVWbBqA4Upc9dw/zXXRWAWw2ZY=
Subject key identifier:   C7:9B:C0:F5:2A:1A:84:A6:50:C0:B4:B4:33:5C:78:29:B0:A3:5D:22
Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20
Certificate issuer:       /CN=ec70c5d867de200f01486b1a880a94b8495d7220
Certificate serial:       019A4EF59E6EA000DCEA29F51AD7D763F714
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
Manifest number:          0FCF
Signing time:             Tue 04 Nov 2025 13:01:50 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:50 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:50 +0000
Files and hashes:         1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: 5ij5dKDgvlCrNlRY+j6XuIFQZ0RZd4n2ReNJryGIpb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:9e:6e:a0:00:dc:ea:29:f5:1a:d7:d7:63:f7:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220
        Validity
            Not Before: Nov  4 13:01:50 2025 GMT
            Not After : Nov  5 13:01:50 2025 GMT
        Subject: CN=c79bc0f52a1a84a650c0b4b4335c7829b0a35d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:33:7b:6a:82:78:66:c7:ae:12:6e:dd:2f:3d:
                    e3:1a:b0:87:ff:16:f5:65:56:7c:1b:4c:0e:ff:2d:
                    db:ce:0e:c2:ba:16:26:79:d8:79:03:f4:b0:9a:f6:
                    d5:57:c1:4e:f5:c3:5b:ac:e5:a3:72:ff:77:55:51:
                    80:d0:1b:bf:8f:42:40:5d:7a:f4:b0:85:98:10:86:
                    10:c9:42:75:93:f1:74:fb:d5:fb:1d:39:34:ef:3c:
                    82:c8:49:8a:2f:de:a5:1c:74:ca:c0:5f:a2:9b:e1:
                    68:bf:9c:e2:8d:42:85:96:87:e1:87:aa:9c:f6:a9:
                    95:9b:24:95:31:be:4f:08:ff:da:7a:e7:96:71:c4:
                    55:8c:85:81:64:76:49:84:9e:0a:11:35:c1:e7:e4:
                    9c:cc:38:ce:18:9f:4e:e6:f1:eb:14:f0:ec:0c:a5:
                    df:64:5a:19:dd:38:c1:11:f1:d4:b4:b3:11:1d:13:
                    f4:23:90:3a:68:fe:ee:f0:c5:a9:fa:41:c7:12:69:
                    60:43:eb:ae:8a:be:42:cb:c3:1a:8f:6e:f7:69:b8:
                    76:0d:b6:57:51:b4:c7:6d:75:cd:ac:43:d4:ab:d6:
                    cf:f8:31:a4:df:b6:f7:e7:f7:02:0c:cd:a4:fe:2e:
                    71:63:ad:39:48:93:95:06:e3:a3:a9:4d:81:b8:2f:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:9B:C0:F5:2A:1A:84:A6:50:C0:B4:B4:33:5C:78:29:B0:A3:5D:22
            X509v3 Authority Key Identifier:
                keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:66:34:8c:ba:1f:ed:ab:70:f7:ba:8e:66:92:6f:20:9e:fe:
         53:90:a7:9e:aa:17:ab:ea:14:a1:2a:03:b3:0e:b6:94:28:ac:
         15:b4:fa:d6:57:22:77:cc:a7:a9:50:fa:5b:52:9f:e5:35:52:
         18:e1:ef:c1:aa:7e:c0:7c:25:e8:e3:4b:37:c6:ea:47:85:c1:
         86:26:2b:78:cb:90:bc:10:31:7e:6b:74:41:de:e7:ac:2f:b6:
         6d:fa:c2:d4:4c:c9:60:c6:e2:f2:e5:6c:49:0d:ba:34:7c:42:
         31:57:22:2f:a9:b6:dc:87:c8:21:a5:17:d5:42:6c:bf:dc:cb:
         fa:30:58:37:17:0d:59:f6:f5:8d:94:8c:b1:12:e8:a8:95:01:
         3a:92:aa:53:db:7f:15:16:cb:bf:8f:31:8b:ab:f4:aa:88:bd:
         7f:c9:da:56:d2:c3:21:d7:29:62:3f:96:0e:f0:b4:90:17:b6:
         25:e5:54:f5:4e:43:51:ac:02:f1:0f:97:40:1b:d1:69:cd:ef:
         70:55:83:8d:79:4f:e3:54:15:18:e4:3f:28:19:b0:be:a9:cf:
         6c:d8:a1:c3:53:51:11:73:72:cc:c1:87:43:81:dc:49:82:14:
         6c:8f:0d:9c:e9:35:0d:b6:5a:18:70:d5:78:da:ca:e7:8e:b9:
         3f:18:ca:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Z5uoADc6in1GtfXY/cUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1
ZDcyMjAwHhcNMjUxMTA0MTMwMTUwWhcNMjUxMTA1MTMwMTUwWjAzMTEwLwYDVQQD
EyhjNzliYzBmNTJhMWE4NGE2NTBjMGI0YjQzMzVjNzgyOWIwYTM1ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjN7aoJ4ZseuEm7dLz3jGrCH/xb1
ZVZ8G0wO/y3bzg7CuhYmedh5A/SwmvbVV8FO9cNbrOWjcv93VVGA0Bu/j0JAXXr0
sIWYEIYQyUJ1k/F0+9X7HTk07zyCyEmKL96lHHTKwF+im+Fov5zijUKFlofhh6qc
9qmVmySVMb5PCP/aeueWccRVjIWBZHZJhJ4KETXB5+SczDjOGJ9O5vHrFPDsDKXf
ZFoZ3TjBEfHUtLMRHRP0I5A6aP7u8MWp+kHHEmlgQ+uuir5Cy8Maj273abh2DbZX
UbTHbXXNrEPUq9bP+DGk37b35/cCDM2k/i5xY605SJOVBuOjqU2BuC/foQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMebwPUqGoSmUMC0tDNceCmwo10iMB8GA1UdIwQY
MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt
YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2
LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGY0jLof
7atw97qOZpJvIJ7+U5CnnqoXq+oUoSoDsw62lCisFbT61lcid8ynqVD6W1Kf5TVS
GOHvwap+wHwl6ONLN8bqR4XBhiYreMuQvBAxfmt0Qd7nrC+2bfrC1EzJYMbi8uVs
SQ26NHxCMVciL6m23IfIIaUX1UJsv9zL+jBYNxcNWfb1jZSMsRLoqJUBOpKqU9t/
FRbLv48xi6v0qoi9f8naVtLDIdcpYj+WDvC0kBe2JeVU9U5DUawC8Q+XQBvRac3v
cFWDjXlP41QVGOQ/KBmwvqnPbNihw1NREXNyzMGHQ4HcSYIUbI8NnOk1DbZaGHDV
eNrK5465PxjKVw==
-----END CERTIFICATE-----