Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          8ryl82nl8CaQ2Qe0wONdOh9QQmZ82wAoMd+nzCeO3aM=
Subject key identifier:   E5:27:62:8A:17:B7:6C:B4:07:BB:B0:21:EC:F0:07:54:06:20:8D:76
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       0199FDD98D8415D1EA42835142CF5DBBDE83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0FA3
Signing time:             Sun 19 Oct 2025 19:01:56 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:56 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:56 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: gkPpjnjhICs3SQJpciNTinW3XJO6pIRXt8R+voVHLqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:8d:84:15:d1:ea:42:83:51:42:cf:5d:bb:de:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Oct 19 19:01:56 2025 GMT
            Not After : Oct 20 19:01:56 2025 GMT
        Subject: CN=e527628a17b76cb407bbb021ecf0075406208d76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e5:61:e6:1d:d8:65:74:0c:ee:0e:1a:fb:61:
                    fe:85:05:c2:9d:97:b2:cc:47:ea:07:52:e2:df:c8:
                    af:07:cf:85:53:36:a6:1a:07:08:55:63:55:28:f6:
                    7a:8c:16:98:20:ce:9e:2e:94:62:00:d3:f2:a3:1c:
                    cc:b0:15:be:f3:e5:9a:1f:e2:25:b8:28:41:8f:bf:
                    a4:8f:dd:37:e9:ce:34:af:fb:bc:21:ad:61:23:00:
                    15:89:b6:52:0b:d0:11:0f:bc:f4:5e:aa:ad:85:c1:
                    20:a1:be:da:05:2f:bb:1f:97:a3:71:df:ea:76:61:
                    ed:b4:3c:49:4b:cf:fa:e6:bd:ce:a1:87:13:09:6f:
                    94:a6:89:7e:fc:83:58:4b:81:24:33:e8:24:a2:68:
                    ab:a2:23:e0:71:a9:21:4b:7b:d3:ad:80:57:03:94:
                    05:36:86:e7:21:f1:2e:3b:38:4e:a6:dc:0c:4e:d9:
                    dc:16:78:92:dd:30:a6:fe:4b:c6:9c:d1:1c:33:28:
                    f6:82:62:60:42:b2:8b:e3:1c:d0:f9:68:c6:43:e6:
                    16:0e:a5:65:6c:d6:6f:5a:99:55:ee:bf:d4:f1:d3:
                    1b:75:22:69:9f:8b:dd:fd:52:53:6f:2f:5c:d6:f4:
                    5f:b2:73:47:b8:0a:29:4a:70:03:97:8c:ec:a4:c8:
                    b9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:27:62:8A:17:B7:6C:B4:07:BB:B0:21:EC:F0:07:54:06:20:8D:76
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:6f:20:3f:30:da:35:47:f5:04:7c:07:ee:f3:a6:82:d7:87:
         14:76:89:67:79:ef:0e:7c:2f:36:90:24:14:da:9b:c4:8f:70:
         94:6b:40:e4:ce:9f:24:45:0c:7f:06:fd:19:04:f8:97:b0:46:
         d6:03:0a:03:e3:94:d3:41:23:4c:66:7a:5f:2a:75:a6:4a:a8:
         6b:53:8c:d1:5a:09:e8:18:67:07:da:06:d4:44:2a:b3:c2:f8:
         eb:2d:72:46:fd:1b:1f:f8:f1:6a:ba:90:25:29:c9:00:4d:61:
         38:4a:b1:00:ab:ef:aa:cc:06:92:38:09:32:9f:e1:d4:6d:f7:
         9a:74:a6:be:41:2e:bc:04:04:23:7b:e0:00:d1:49:28:8e:0b:
         ca:9f:a8:b4:ff:b2:28:82:f9:8d:04:13:5f:96:82:d0:5c:2d:
         e8:5d:31:92:f8:a4:76:05:1c:1e:8d:5d:b4:a5:93:eb:91:bc:
         24:d0:af:89:8c:93:12:a8:51:3d:19:1d:85:fb:31:c4:33:50:
         4c:4b:15:83:8d:5f:dd:78:1f:46:2e:cd:c3:d3:f0:d3:6b:15:
         5d:f7:58:3e:57:79:4d:60:a8:91:7d:33:cf:10:37:7b:24:55:
         f1:2c:11:10:fc:c4:5d:49:a6:9a:80:7d:c6:4e:7f:6f:bf:4f:
         73:3f:d9:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92Y2EFdHqQoNRQs9du96DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUxMDE5MTkwMTU2WhcNMjUxMDIwMTkwMTU2WjAzMTEwLwYDVQQD
EyhlNTI3NjI4YTE3Yjc2Y2I0MDdiYmIwMjFlY2YwMDc1NDA2MjA4ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+Vh5h3YZXQM7g4a+2H+hQXCnZey
zEfqB1Li38ivB8+FUzamGgcIVWNVKPZ6jBaYIM6eLpRiANPyoxzMsBW+8+WaH+Il
uChBj7+kj9036c40r/u8Ia1hIwAVibZSC9ARD7z0XqqthcEgob7aBS+7H5ejcd/q
dmHttDxJS8/65r3OoYcTCW+Upol+/INYS4EkM+gkomiroiPgcakhS3vTrYBXA5QF
NobnIfEuOzhOptwMTtncFniS3TCm/kvGnNEcMyj2gmJgQrKL4xzQ+WjGQ+YWDqVl
bNZvWplV7r/U8dMbdSJpn4vd/VJTby9c1vRfsnNHuAopSnADl4zspMi56QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOUnYooXt2y0B7uwIezwB1QGII12MB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArm8gPzDa
NUf1BHwH7vOmgteHFHaJZ3nvDnwvNpAkFNqbxI9wlGtA5M6fJEUMfwb9GQT4l7BG
1gMKA+OU00EjTGZ6Xyp1pkqoa1OM0VoJ6BhnB9oG1EQqs8L46y1yRv0bH/jxarqQ
JSnJAE1hOEqxAKvvqswGkjgJMp/h1G33mnSmvkEuvAQEI3vgANFJKI4Lyp+otP+y
KIL5jQQTX5aC0Fwt6F0xkvikdgUcHo1dtKWT65G8JNCviYyTEqhRPRkdhfsxxDNQ
TEsVg41f3XgfRi7Nw9Pw02sVXfdYPld5TWCokX0zzxA3eyRV8SwREPzEXUmmmoB9
xk5/b79Pcz/ZbQ==
-----END CERTIFICATE-----