Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File:                     h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier:          EmPIdbkh1/CbVCvC6vPt8dyyGUdOYZ4dDmZdTInpASk=
Subject key identifier:   42:52:F7:33:A3:81:79:03:96:05:B9:22:6B:19:25:B8:90:AD:A3:7D
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer:       /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial:       0199FBEBA605FA4F027CA66FD17395316CFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number:          0FA3
Signing time:             Sun 19 Oct 2025 10:02:28 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:28 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:28 +0000
Files and hashes:         1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: nQoRmdJRbKPphuSOVnGeZ53zbj7YFTP2H0p1V7mFKVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:a6:05:fa:4f:02:7c:a6:6f:d1:73:95:31:6c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
        Validity
            Not Before: Oct 19 10:02:28 2025 GMT
            Not After : Oct 20 10:02:28 2025 GMT
        Subject: CN=4252f733a38179039605b9226b1925b890ada37d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:49:4a:bc:bc:89:b2:28:c5:92:24:d4:7d:7b:
                    a9:2d:64:65:3d:3c:70:3e:2d:b1:06:bf:1b:c8:f9:
                    cf:48:e8:79:46:e9:c3:48:cb:41:c1:b0:58:b8:00:
                    b0:c3:0e:50:93:cf:e2:6c:e8:fe:69:71:f4:1a:41:
                    56:0a:f3:4c:0b:7a:5c:6c:81:2c:ee:cd:9f:19:ce:
                    8b:ed:04:20:25:c1:7a:df:60:14:06:a1:57:18:04:
                    92:75:6e:b7:cd:bc:31:a3:bd:35:58:13:76:6a:07:
                    1c:2b:09:dc:df:05:13:00:71:1d:6b:c5:1c:a4:e8:
                    51:91:89:21:be:f6:15:bd:54:83:c1:cf:31:3c:cf:
                    b6:47:48:4d:3b:2c:1b:8f:1b:38:f9:f6:4f:07:0b:
                    45:b0:f8:93:12:31:2a:57:81:4b:af:46:3a:50:f6:
                    d0:d6:ed:a0:14:3c:45:33:43:5d:70:b8:16:52:b0:
                    c0:0c:75:9e:3c:72:c2:ea:6d:43:b3:f1:55:e6:00:
                    8a:e1:65:d1:e8:b3:db:b9:64:84:0b:6a:d1:1b:58:
                    93:df:7e:a3:57:b8:fa:1b:18:81:9a:c9:89:fd:26:
                    5c:dc:65:3b:f0:e7:1f:7f:3d:2c:fd:56:9b:63:a0:
                    d5:14:8e:aa:93:db:95:ee:08:4a:bb:ad:b8:ad:d9:
                    0f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:52:F7:33:A3:81:79:03:96:05:B9:22:6B:19:25:B8:90:AD:A3:7D
            X509v3 Authority Key Identifier:
                keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:03:e8:a8:0e:f6:8d:72:53:1a:13:e9:aa:4d:43:b0:32:90:
         d3:5b:9b:7a:a6:84:70:a2:9e:99:28:3d:ac:39:61:e8:47:2b:
         20:95:3f:c0:f1:7c:23:21:73:92:2e:e1:55:85:6f:86:52:5d:
         0e:04:46:52:5b:d8:53:ad:7a:79:09:d8:98:e5:2a:a1:77:50:
         54:ab:02:98:1d:bd:e8:0d:19:65:aa:71:9e:8b:50:4e:9e:92:
         85:ea:2e:27:b1:17:66:11:bb:55:e2:4a:9e:0c:cd:c3:4c:b9:
         f9:89:b5:9f:d8:69:03:6e:31:22:b8:27:b6:3b:ee:e0:96:ca:
         b2:8f:0a:63:9a:37:d1:b4:4b:2f:67:ef:34:dd:0c:82:48:c6:
         f0:b8:e4:e3:18:a2:00:ac:48:2c:73:c4:d4:ed:99:8a:92:04:
         04:e7:63:1f:2f:40:cf:f1:22:73:86:a9:53:82:6f:13:ae:f6:
         ba:72:3a:89:b1:e9:c1:54:f7:e3:c2:78:98:a4:6d:8a:bd:17:
         cb:a8:02:c6:7a:00:22:c0:dc:19:32:2d:31:98:8f:b2:32:e4:
         53:d5:cb:c6:d1:e4:38:0e:62:dd:8d:10:97:d6:11:ed:c8:d6:
         d9:2e:46:fb:de:e0:5f:4a:5b:48:d7:0b:97:05:60:b9:68:4f:
         d1:8e:92:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766YF+k8CfKZv0XOVMWz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjUxMDE5MTAwMjI4WhcNMjUxMDIwMTAwMjI4WjAzMTEwLwYDVQQD
Eyg0MjUyZjczM2EzODE3OTAzOTYwNWI5MjI2YjE5MjViODkwYWRhMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqklKvLyJsijFkiTUfXupLWRlPTxw
Pi2xBr8byPnPSOh5RunDSMtBwbBYuACwww5Qk8/ibOj+aXH0GkFWCvNMC3pcbIEs
7s2fGc6L7QQgJcF632AUBqFXGASSdW63zbwxo701WBN2agccKwnc3wUTAHEda8Uc
pOhRkYkhvvYVvVSDwc8xPM+2R0hNOywbjxs4+fZPBwtFsPiTEjEqV4FLr0Y6UPbQ
1u2gFDxFM0NdcLgWUrDADHWePHLC6m1Ds/FV5gCK4WXR6LPbuWSEC2rRG1iT336j
V7j6GxiBmsmJ/SZc3GU78Ocffz0s/VabY6DVFI6qk9uV7ghKu624rdkP8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJS9zOjgXkDlgW5ImsZJbiQraN9MB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQPoqA72
jXJTGhPpqk1DsDKQ01ubeqaEcKKemSg9rDlh6EcrIJU/wPF8IyFzki7hVYVvhlJd
DgRGUlvYU616eQnYmOUqoXdQVKsCmB296A0ZZapxnotQTp6SheouJ7EXZhG7VeJK
ngzNw0y5+Ym1n9hpA24xIrgntjvu4JbKso8KY5o30bRLL2fvNN0MgkjG8Ljk4xii
AKxILHPE1O2ZipIEBOdjHy9Az/Eic4apU4JvE672unI6ibHpwVT348J4mKRtir0X
y6gCxnoAIsDcGTItMZiPsjLkU9XLxtHkOA5i3Y0Ql9YR7cjW2S5G+97gX0pbSNcL
lwVguWhP0Y6S1g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:26 2025 by rpki-client