Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          U5XFL8t8/elqHSGTFXpZGxI8fHpv+fdQltU98M7r0Cc=
Subject key identifier:   AB:5C:0A:55:EA:2A:A6:25:9A:23:5F:9C:A3:E2:18:BE:B4:50:6F:7D
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       019A04ECF30AC0B80541DF0511EC3D1770CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0C2B
Signing time:             Tue 21 Oct 2025 04:00:28 +0000
Manifest this update:     Tue 21 Oct 2025 04:00:28 +0000
Manifest next update:     Wed 22 Oct 2025 04:00:28 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: R19W428kAYUMHZpGDBVBu9boK3NV7vM/0qqLrlLak6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 Oct 2025 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:04:ec:f3:0a:c0:b8:05:41:df:05:11:ec:3d:17:70:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Oct 21 04:00:28 2025 GMT
            Not After : Oct 22 04:00:28 2025 GMT
        Subject: CN=ab5c0a55ea2aa6259a235f9ca3e218beb4506f7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2b:15:8e:e6:59:ee:4f:85:2d:3f:65:18:75:
                    45:a2:1c:20:8c:9c:2d:d3:a0:d4:60:20:cc:68:46:
                    34:fc:58:61:e5:58:8a:e5:3c:30:a9:58:e3:96:72:
                    fd:29:6e:56:c7:0b:b9:57:77:5c:f0:58:7a:f1:59:
                    e4:3b:23:d9:a7:ed:17:7d:c1:0c:06:e0:fb:57:15:
                    08:8d:a5:99:32:83:04:7d:b5:e9:65:15:36:cc:52:
                    a6:20:b6:11:a8:69:e1:55:1a:3f:40:12:70:e6:e9:
                    49:2e:e3:b1:75:2f:0f:2f:bb:c6:01:0a:7f:db:ff:
                    17:f7:a7:de:bc:55:b0:e7:14:82:16:06:bd:a1:73:
                    9c:04:db:e8:19:6a:83:77:d4:07:a5:9e:48:c4:86:
                    40:0f:dd:3b:25:1e:74:e2:c8:12:b6:3d:0f:6b:fa:
                    c6:e8:b3:a1:11:37:87:6b:79:8d:1f:d6:ad:75:d2:
                    63:75:e2:82:ed:4c:3e:06:ec:a1:62:86:8f:54:85:
                    9b:29:22:d9:0f:42:80:bc:78:59:05:7e:d1:b0:04:
                    82:99:a7:0f:95:2b:e0:0e:84:f0:82:8a:c6:35:c8:
                    dc:e6:85:4d:c8:d1:37:8f:af:98:30:ec:11:c1:9c:
                    ab:63:13:6e:71:6d:07:e0:e5:4a:87:80:fa:d8:52:
                    21:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:5C:0A:55:EA:2A:A6:25:9A:23:5F:9C:A3:E2:18:BE:B4:50:6F:7D
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:df:d5:c0:a5:4e:3c:60:eb:91:49:96:bb:db:6f:3f:bb:d2:
         8a:5c:07:8b:87:04:6b:dc:90:68:28:e4:09:5a:22:6a:bc:fb:
         b6:93:54:4a:69:15:2b:65:60:14:2a:44:15:5a:cd:b6:f0:04:
         92:b4:15:67:c7:6a:da:79:93:ce:ef:a0:8c:42:f7:c5:eb:35:
         e9:57:2f:26:e2:9c:d6:47:45:71:84:88:50:12:d9:20:fe:ef:
         f8:d2:1e:f5:4e:13:f3:fb:60:2e:86:cc:00:52:60:14:cb:4d:
         9e:70:46:66:5a:b4:08:1e:fe:c7:7c:75:e5:b9:73:39:ca:b7:
         23:28:07:9f:b3:c5:83:2a:a0:04:e7:5e:80:c1:05:55:c1:c2:
         84:c8:ff:3d:19:80:28:71:75:a0:da:b7:9b:27:44:4e:4e:36:
         d8:71:d7:42:f1:0b:ae:19:e4:30:ed:97:26:b4:97:08:6a:12:
         08:3d:69:49:ad:2f:9a:aa:51:bd:77:08:fc:34:85:9e:13:2f:
         b6:53:d4:89:5e:13:83:90:ca:49:57:9f:64:e2:53:40:a2:ef:
         02:ea:25:53:95:52:e8:f6:cc:89:86:7c:98:9a:01:d3:55:14:
         ba:dc:53:23:48:3f:e1:43:b4:e0:9d:16:76:7b:fe:d8:50:a2:
         39:0e:58:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoE7PMKwLgFQd8FEew9F3DPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjUxMDIxMDQwMDI4WhcNMjUxMDIyMDQwMDI4WjAzMTEwLwYDVQQD
EyhhYjVjMGE1NWVhMmFhNjI1OWEyMzVmOWNhM2UyMThiZWI0NTA2ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoysVjuZZ7k+FLT9lGHVFohwgjJwt
06DUYCDMaEY0/Fhh5ViK5TwwqVjjlnL9KW5Wxwu5V3dc8Fh68VnkOyPZp+0XfcEM
BuD7VxUIjaWZMoMEfbXpZRU2zFKmILYRqGnhVRo/QBJw5ulJLuOxdS8PL7vGAQp/
2/8X96fevFWw5xSCFga9oXOcBNvoGWqDd9QHpZ5IxIZAD907JR504sgStj0Pa/rG
6LOhETeHa3mNH9atddJjdeKC7Uw+BuyhYoaPVIWbKSLZD0KAvHhZBX7RsASCmacP
lSvgDoTwgorGNcjc5oVNyNE3j6+YMOwRwZyrYxNucW0H4OVKh4D62FIhOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtcClXqKqYlmiNfnKPiGL60UG99MB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAft/VwKVO
PGDrkUmWu9tvP7vSilwHi4cEa9yQaCjkCVoiarz7tpNUSmkVK2VgFCpEFVrNtvAE
krQVZ8dq2nmTzu+gjEL3xes16VcvJuKc1kdFcYSIUBLZIP7v+NIe9U4T8/tgLobM
AFJgFMtNnnBGZlq0CB7+x3x15blzOcq3IygHn7PFgyqgBOdegMEFVcHChMj/PRmA
KHF1oNq3mydETk422HHXQvELrhnkMO2XJrSXCGoSCD1pSa0vmqpRvXcI/DSFnhMv
tlPUiV4Tg5DKSVefZOJTQKLvAuolU5VS6PbMiYZ8mJoB01UUutxTI0g/4UO04J0W
dnv+2FCiOQ5Y4w==
-----END CERTIFICATE-----