Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          UDTRC77KRRfiDiu9zbdFF1bhGMn29Aey/H2QLuLeaq8=
Subject key identifier:   CF:81:89:04:7C:84:9D:EF:80:27:2A:F8:2C:50:83:EB:68:3E:06:D6
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       0198D660FC1AF0E085A19DDE345833D34EE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0DBF
Signing time:             Sat 23 Aug 2025 10:02:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:16 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: N4+nlW6hozlhXpZLyQSFUmz9yx6Pbj7aB4lS7DLo0so=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:fc:1a:f0:e0:85:a1:9d:de:34:58:33:d3:4e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Aug 23 10:02:16 2025 GMT
            Not After : Aug 24 10:02:16 2025 GMT
        Subject: CN=cf8189047c849def80272af82c5083eb683e06d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:06:cb:ab:32:9e:6d:7c:84:0f:1e:d8:2d:a9:
                    96:98:9a:05:93:ad:03:15:5c:a1:16:88:c1:0b:e9:
                    29:98:f1:ce:c1:06:f0:ab:c6:e8:03:13:c9:17:44:
                    6a:2c:d2:76:b7:a8:67:64:b3:29:ef:5a:0f:9b:eb:
                    54:1f:ae:08:54:9f:d4:63:e9:99:8c:16:00:eb:33:
                    1e:f9:da:b0:f6:a9:64:ef:a1:81:72:19:51:8e:e4:
                    c9:60:2d:9e:db:c1:cb:8a:f4:bf:2f:31:c4:38:6b:
                    c0:5a:6b:26:ab:6f:db:41:c6:2d:86:22:8c:0d:29:
                    e4:35:53:9e:f8:7e:6e:78:bf:3f:da:5c:58:04:2a:
                    97:69:8c:70:6a:c1:1b:1c:63:11:db:16:25:37:cc:
                    33:21:53:e4:ac:81:97:c3:ec:59:42:b9:5d:ba:00:
                    03:23:36:38:27:02:50:9b:2e:76:df:f8:8b:12:8c:
                    92:9c:76:b4:88:bb:b9:3c:42:2c:79:ab:b2:83:76:
                    56:46:58:d9:26:d7:c1:12:9f:d9:a4:72:a4:b4:e4:
                    ab:40:37:42:2d:4f:ad:25:92:4d:28:63:06:12:be:
                    cd:43:9e:29:18:92:a5:fb:a3:06:c6:64:60:96:af:
                    5a:1f:af:c2:b1:28:24:85:fa:41:21:d3:ea:8f:a9:
                    6d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:81:89:04:7C:84:9D:EF:80:27:2A:F8:2C:50:83:EB:68:3E:06:D6
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:62:8a:fd:4d:7f:9c:36:96:22:8e:c3:46:b3:9f:b3:6b:5e:
         aa:d5:89:35:76:89:ce:a7:46:0b:1f:c0:d7:84:d5:b2:6a:5e:
         ff:d7:3e:7c:22:38:5b:ff:51:fb:a1:cc:e9:0b:8e:e5:60:1b:
         a3:07:dd:58:a8:ee:f5:77:32:0a:41:43:26:fa:d5:64:6a:28:
         e2:ea:a0:8d:22:33:37:dc:7d:eb:fd:8a:50:6d:47:b0:bd:3a:
         e3:d4:aa:6f:e3:ee:cc:a5:c5:4a:5a:79:06:e9:5f:74:5c:b2:
         e0:67:f2:a3:0a:56:a6:5e:63:28:ec:f9:b1:95:14:fc:a2:33:
         4a:04:0c:0d:fc:38:2b:77:6e:4a:a4:c5:31:9c:42:d1:82:9e:
         16:2b:05:4e:f2:24:82:62:bc:41:20:f1:a2:d9:8b:80:4b:e6:
         c5:04:f4:00:02:fb:f9:ef:73:94:e4:80:4a:1e:be:ad:05:71:
         16:32:ed:97:b9:93:bc:3f:4d:0a:d5:6c:ad:82:2c:20:7f:c0:
         4b:85:7c:18:a3:b9:61:aa:e7:81:cb:af:8d:a6:19:48:34:fa:
         9a:a8:bb:71:8f:d8:7a:8d:24:62:d4:bc:9e:66:be:15:8e:bf:
         8d:2d:14:2e:3f:3b:22:b4:53:70:ec:e2:bd:31:1a:59:b7:fe:
         ec:ce:d4:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYPwa8OCFoZ3eNFgz007oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwODIzMTAwMjE2WhcNMjUwODI0MTAwMjE2WjAzMTEwLwYDVQQD
EyhjZjgxODkwNDdjODQ5ZGVmODAyNzJhZjgyYzUwODNlYjY4M2UwNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQbLqzKebXyEDx7YLamWmJoFk60D
FVyhFojBC+kpmPHOwQbwq8boAxPJF0RqLNJ2t6hnZLMp71oPm+tUH64IVJ/UY+mZ
jBYA6zMe+dqw9qlk76GBchlRjuTJYC2e28HLivS/LzHEOGvAWmsmq2/bQcYthiKM
DSnkNVOe+H5ueL8/2lxYBCqXaYxwasEbHGMR2xYlN8wzIVPkrIGXw+xZQrldugAD
IzY4JwJQmy523/iLEoySnHa0iLu5PEIseauyg3ZWRljZJtfBEp/ZpHKktOSrQDdC
LU+tJZJNKGMGEr7NQ54pGJKl+6MGxmRglq9aH6/CsSgkhfpBIdPqj6ltnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+BiQR8hJ3vgCcq+CxQg+toPgbWMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOWKK/U1/
nDaWIo7DRrOfs2teqtWJNXaJzqdGCx/A14TVsmpe/9c+fCI4W/9R+6HM6QuO5WAb
owfdWKju9XcyCkFDJvrVZGoo4uqgjSIzN9x96/2KUG1HsL0649Sqb+PuzKXFSlp5
BulfdFyy4GfyowpWpl5jKOz5sZUU/KIzSgQMDfw4K3duSqTFMZxC0YKeFisFTvIk
gmK8QSDxotmLgEvmxQT0AAL7+e9zlOSASh6+rQVxFjLtl7mTvD9NCtVsrYIsIH/A
S4V8GKO5YarngcuvjaYZSDT6mqi7cY/Yeo0kYtS8nma+FY6/jS0ULj87IrRTcOzi
vTEaWbf+7M7UVw==
-----END CERTIFICATE-----