Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
File:                     7_vi0INCz7z3p9dOiOvQMeEgItk.mft (raw, json)
Hash identifier:          o/f/a7tds+eRzevD7bh6p8q31Mt3f/zxKNZpVDNv+V0=
Subject key identifier:   95:2D:AA:CC:C0:DD:51:3F:E1:81:F8:D7:4C:97:9E:3D:EB:E4:D4:69
Authority key identifier: EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9
Certificate issuer:       /CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
Certificate serial:       0199FC8F8F0D80E51CF755427919D629C20D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
Manifest number:          04D7
Signing time:             Sun 19 Oct 2025 13:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:30 +0000
Files and hashes:         1: 7_vi0INCz7z3p9dOiOvQMeEgItk.crl (hash: N43I4kWLR44bO8HBtsUXwuVnBZDxE/oEFtjoPXRn/CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:8f:0d:80:e5:1c:f7:55:42:79:19:d6:29:c2:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
        Validity
            Not Before: Oct 19 13:01:30 2025 GMT
            Not After : Oct 20 13:01:30 2025 GMT
        Subject: CN=952daaccc0dd513fe181f8d74c979e3debe4d469
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:55:30:a4:f7:da:44:2a:c5:81:75:c3:73:dc:
                    f5:b3:a7:54:90:0b:79:16:ed:40:15:53:7f:32:f8:
                    87:1f:11:cb:4f:db:0c:f9:c6:e0:9d:77:08:b6:52:
                    26:32:af:38:63:ec:3c:e6:48:5e:36:26:86:52:13:
                    50:3a:1b:e5:6e:f7:69:21:33:8c:cd:ae:09:21:71:
                    d5:06:9b:31:67:5d:16:6b:b7:d2:e2:92:99:d7:ed:
                    35:32:c0:b7:82:f9:8f:f8:9c:53:0f:19:67:8a:06:
                    31:63:04:6a:60:ea:b7:9d:b3:79:96:0d:30:42:30:
                    87:84:12:ce:c3:b1:61:d6:60:ed:96:c2:12:fd:f4:
                    58:e7:06:12:fc:c8:e6:c9:d7:2a:86:74:15:1c:d5:
                    ec:70:0b:51:b9:48:a7:94:68:43:ce:06:ea:57:86:
                    cc:59:7a:d0:36:24:9b:fa:84:f6:5a:04:89:fb:95:
                    f1:00:ff:be:34:ac:fc:78:15:36:6c:ee:13:de:83:
                    9a:b9:f1:10:12:d2:f9:5d:bf:e2:b4:e4:42:26:19:
                    26:8d:c5:0d:79:e7:ce:29:04:0b:5f:52:c9:93:7a:
                    02:88:ce:d7:8d:93:ad:9e:a5:37:16:18:ae:10:ce:
                    68:a1:da:de:73:8d:b3:af:1b:f8:ed:0e:4f:fa:0a:
                    1a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2D:AA:CC:C0:DD:51:3F:E1:81:F8:D7:4C:97:9E:3D:EB:E4:D4:69
            X509v3 Authority Key Identifier:
                keyid:EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:7a:6f:a9:cb:e9:e5:d4:be:db:8b:f7:0f:ad:b0:7d:3e:ed:
         8c:48:b0:c0:69:b2:a6:cb:24:48:7c:56:33:d9:22:cd:f3:24:
         01:da:95:ec:23:0f:28:ba:47:cc:8b:cf:e7:7a:78:f5:fa:0d:
         0d:e9:88:4b:b2:0a:6b:f3:6c:06:c5:d3:c9:07:b6:20:7b:cf:
         d1:6b:23:50:6d:35:b0:79:0c:8c:13:ea:91:2e:af:d6:6f:e5:
         4f:ac:26:e3:41:5e:df:69:42:8b:af:c4:f4:16:66:d7:ac:c6:
         7a:f2:86:84:b8:93:aa:28:5d:da:cb:d1:06:54:9e:43:6b:cb:
         e3:f5:a1:3e:e3:58:d4:e5:1b:bc:c7:d0:94:47:36:cd:53:fe:
         e1:32:e6:07:39:40:43:f4:d9:8b:c8:3c:9e:05:bb:63:eb:10:
         87:f5:05:28:b6:f5:ed:63:6d:9f:e5:10:61:58:e4:27:13:a2:
         ea:bf:2b:aa:6c:9c:11:eb:2e:9c:48:36:43:b1:2f:08:08:99:
         7c:a7:53:28:ab:5c:6d:c4:47:4c:69:33:8f:1b:ad:79:48:5a:
         53:98:64:09:5b:e5:ea:56:c6:fe:66:25:44:95:ff:d7:c3:a9:
         90:da:ca:fc:8d:de:0e:38:56:6c:16:d9:bb:b8:08:bb:65:65:
         17:7f:e1:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j48NgOUc91VCeRnWKcINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZmJlMmQwODM0MmNmYmNmN2E3ZDc0ZTg4ZWJkMDMxZTEy
MDIyZDkwHhcNMjUxMDE5MTMwMTMwWhcNMjUxMDIwMTMwMTMwWjAzMTEwLwYDVQQD
Eyg5NTJkYWFjY2MwZGQ1MTNmZTE4MWY4ZDc0Yzk3OWUzZGViZTRkNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FUwpPfaRCrFgXXDc9z1s6dUkAt5
Fu1AFVN/MviHHxHLT9sM+cbgnXcItlImMq84Y+w85kheNiaGUhNQOhvlbvdpITOM
za4JIXHVBpsxZ10Wa7fS4pKZ1+01MsC3gvmP+JxTDxlnigYxYwRqYOq3nbN5lg0w
QjCHhBLOw7Fh1mDtlsIS/fRY5wYS/MjmydcqhnQVHNXscAtRuUinlGhDzgbqV4bM
WXrQNiSb+oT2WgSJ+5XxAP++NKz8eBU2bO4T3oOaufEQEtL5Xb/itORCJhkmjcUN
eefOKQQLX1LJk3oCiM7XjZOtnqU3FhiuEM5oodrec42zrxv47Q5P+goa7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUtqszA3VE/4YH410yXnj3r5NRpMB8GA1UdIwQY
MBaAFO/74tCDQs+896fXTojr0DHhICLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEt
ZjJmMWNhMjg3MTQxLzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEtZjJmMWNhMjg3MTQx
LzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHpvqcvp
5dS+24v3D62wfT7tjEiwwGmypsskSHxWM9kizfMkAdqV7CMPKLpHzIvP53p49foN
DemIS7IKa/NsBsXTyQe2IHvP0WsjUG01sHkMjBPqkS6v1m/lT6wm40Fe32lCi6/E
9BZm16zGevKGhLiTqihd2svRBlSeQ2vL4/WhPuNY1OUbvMfQlEc2zVP+4TLmBzlA
Q/TZi8g8ngW7Y+sQh/UFKLb17WNtn+UQYVjkJxOi6r8rqmycEesunEg2Q7EvCAiZ
fKdTKKtcbcRHTGkzjxuteUhaU5hkCVvl6lbG/mYlRJX/18OpkNrK/I3eDjhWbBbZ
u7gIu2VlF3/h8w==
-----END CERTIFICATE-----