Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          3EIhnk0FeN5BzE4wTB5m2bRLHfnEUX0k9mm4CXNqHOs=
Subject key identifier:   7A:EC:DF:DF:A0:B3:C1:34:D7:FC:3A:6C:E1:67:7A:BC:3F:86:66:5D
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       0199FBEC1EBC9D17E02E7509954311376B70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0E57
Signing time:             Sun 19 Oct 2025 10:02:59 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:59 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:59 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: ALVVYQxDDVlrJqVJz8zPNyhfiGBdpV4pc26WUwwgWbA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:1e:bc:9d:17:e0:2e:75:09:95:43:11:37:6b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Oct 19 10:02:59 2025 GMT
            Not After : Oct 20 10:02:59 2025 GMT
        Subject: CN=7aecdfdfa0b3c134d7fc3a6ce1677abc3f86665d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:a2:24:cd:4f:c5:90:89:59:81:f8:67:5c:62:
                    81:9d:17:d4:d9:52:0a:8b:69:ce:79:52:f1:cf:9d:
                    38:9d:e5:4c:0c:4d:aa:94:0a:88:69:b0:a8:59:47:
                    6e:fc:60:3e:9a:3e:d4:6c:09:e9:13:60:a1:cc:7a:
                    d6:b4:cb:01:e6:5c:59:2b:1b:2b:0a:75:91:3b:cd:
                    0c:77:28:e2:88:98:ce:73:bd:77:83:24:93:8a:c3:
                    9a:45:bd:be:6d:52:98:e0:f6:0a:74:a5:93:e5:59:
                    24:95:c2:98:70:3b:0c:f3:c3:07:6d:39:0b:ed:f0:
                    21:8e:95:a6:2f:59:69:03:f8:78:33:53:85:3e:08:
                    e6:48:1f:34:0a:b7:aa:7c:eb:5b:55:d8:9c:b9:79:
                    8c:11:06:29:dc:53:cd:f8:1f:8f:2f:b4:97:fb:2d:
                    8a:3e:8f:88:45:92:23:1d:63:67:f7:69:99:5c:48:
                    88:93:5f:0c:0c:e5:ca:da:e7:8c:88:3c:11:11:59:
                    c8:75:be:ee:ff:77:c7:7c:d1:d4:e6:21:bd:07:d0:
                    99:9d:7f:1c:bd:5f:0b:62:39:3e:6c:cb:2a:2a:67:
                    e0:72:9b:58:82:ba:07:ec:56:f3:1c:85:fe:f6:6b:
                    66:59:74:3a:61:60:96:44:e9:4f:e5:4d:5b:95:bc:
                    bf:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:EC:DF:DF:A0:B3:C1:34:D7:FC:3A:6C:E1:67:7A:BC:3F:86:66:5D
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:c6:7f:54:d1:95:92:20:ce:ed:25:ef:50:c8:62:ea:87:26:
         6f:9c:a8:c7:36:ed:6b:21:76:9b:29:6b:1a:be:20:29:66:10:
         20:73:25:d8:6a:4e:08:35:50:97:4a:ba:89:d1:79:aa:7e:1b:
         de:02:fc:82:20:b5:06:87:6c:2c:8b:9a:e2:6f:0c:71:c0:1f:
         0e:0e:fd:f3:a3:e1:26:49:dd:77:11:8d:20:6a:a2:10:39:e8:
         c3:de:bf:10:f4:76:76:e2:97:a4:64:0b:de:10:39:e7:53:a8:
         c9:bf:23:8e:8b:94:42:07:08:32:c4:75:89:2d:d2:e4:d3:d4:
         d0:81:d9:7d:b0:9d:43:a1:a1:47:e5:62:10:40:08:14:f2:6f:
         9a:bb:b9:48:0b:9c:46:2f:02:e4:28:1e:da:49:33:d7:51:48:
         1c:79:e7:c7:a8:3a:50:e6:1b:06:4e:c8:e0:53:f4:d9:5f:1a:
         42:88:22:17:03:20:a6:e3:f8:89:b4:16:e5:b5:c3:8b:95:a3:
         e6:8b:9d:82:19:ee:3a:50:8d:a9:ba:ac:0e:30:ef:ec:c4:75:
         b6:a2:be:02:e9:4c:6c:d7:ba:ad:c1:d7:7b:d4:6e:de:a2:e2:
         19:8e:b3:8c:69:48:aa:e2:fa:80:08:23:f1:10:00:14:a8:05:
         24:07:39:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77B68nRfgLnUJlUMRN2twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUxMDE5MTAwMjU5WhcNMjUxMDIwMTAwMjU5WjAzMTEwLwYDVQQD
Eyg3YWVjZGZkZmEwYjNjMTM0ZDdmYzNhNmNlMTY3N2FiYzNmODY2NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9KIkzU/FkIlZgfhnXGKBnRfU2VIK
i2nOeVLxz504neVMDE2qlAqIabCoWUdu/GA+mj7UbAnpE2ChzHrWtMsB5lxZKxsr
CnWRO80MdyjiiJjOc713gySTisOaRb2+bVKY4PYKdKWT5VkklcKYcDsM88MHbTkL
7fAhjpWmL1lpA/h4M1OFPgjmSB80CreqfOtbVdicuXmMEQYp3FPN+B+PL7SX+y2K
Po+IRZIjHWNn92mZXEiIk18MDOXK2ueMiDwREVnIdb7u/3fHfNHU5iG9B9CZnX8c
vV8LYjk+bMsqKmfgcptYgroH7FbzHIX+9mtmWXQ6YWCWROlP5U1blby/HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrs39+gs8E01/w6bOFnerw/hmZdMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8Z/VNGV
kiDO7SXvUMhi6ocmb5yoxzbtayF2mylrGr4gKWYQIHMl2GpOCDVQl0q6idF5qn4b
3gL8giC1BodsLIua4m8MccAfDg7986PhJknddxGNIGqiEDnow96/EPR2duKXpGQL
3hA551Ooyb8jjouUQgcIMsR1iS3S5NPU0IHZfbCdQ6GhR+ViEEAIFPJvmru5SAuc
Ri8C5Cge2kkz11FIHHnnx6g6UOYbBk7I4FP02V8aQogiFwMgpuP4ibQW5bXDi5Wj
5oudghnuOlCNqbqsDjDv7MR1tqK+AulMbNe6rcHXe9Ru3qLiGY6zjGlIquL6gAgj
8RAAFKgFJAc5mw==
-----END CERTIFICATE-----