Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          h5/HJpjWwAfEunC6rmHha0SImePK2erNKUVeY9fCxv0=
Subject key identifier:   1E:81:93:19:C1:D3:9C:2C:1B:A3:3A:17:FC:7D:91:28:70:2E:BF:59
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       0199FCC626C8971A55554FC9910ABB11CC48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          07C7
Signing time:             Sun 19 Oct 2025 14:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:08 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: 7IgYXYPXS6F8kzVaFGyjZ6OWkDN5wuEp5W9y+uLi6dU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:26:c8:97:1a:55:55:4f:c9:91:0a:bb:11:cc:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Oct 19 14:01:08 2025 GMT
            Not After : Oct 20 14:01:08 2025 GMT
        Subject: CN=1e819319c1d39c2c1ba33a17fc7d9128702ebf59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:0e:81:22:04:70:ac:a8:ab:49:f1:79:55:6c:
                    59:22:07:14:ff:9d:92:96:8c:22:e3:33:f1:2e:50:
                    7e:55:98:10:e9:f7:9a:f8:13:10:dd:b5:a7:53:51:
                    fa:a0:2e:76:8c:74:0d:5c:a7:57:80:1d:ca:3e:07:
                    68:37:66:18:5b:59:6e:f3:24:e5:6f:d7:d3:77:a1:
                    17:64:f2:ec:16:94:43:8c:97:41:b1:50:79:c5:a7:
                    02:21:ef:80:71:de:e0:62:22:88:ac:b9:68:0c:bf:
                    d3:c6:6c:a6:ee:b6:4b:b7:2b:07:48:dd:b8:ec:e5:
                    17:8c:b7:cd:9c:80:45:e3:68:b8:50:97:89:6e:73:
                    6d:54:92:b6:1b:ef:43:2a:a8:cf:1e:88:21:96:95:
                    0b:61:51:8e:ef:ec:4a:ca:e2:37:36:63:50:57:3f:
                    b7:0b:98:86:f8:06:fd:e8:5d:51:db:2d:0b:4e:83:
                    29:72:66:8e:d0:71:24:b0:d6:6f:db:3a:8a:42:4d:
                    b2:ca:d5:7c:e9:bc:f4:99:a5:e2:ae:b2:5c:14:9b:
                    f3:61:51:9e:03:d8:a6:09:9e:62:be:e2:29:5a:7a:
                    99:68:f9:c4:c4:a3:e8:1e:a1:27:d0:5b:a3:1f:96:
                    96:c6:b3:11:83:45:f5:19:33:3d:a1:19:23:d8:7b:
                    3c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:81:93:19:C1:D3:9C:2C:1B:A3:3A:17:FC:7D:91:28:70:2E:BF:59
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:cf:e4:81:de:c8:8c:35:02:50:00:1b:77:53:f1:45:b0:d3:
         b5:63:00:80:3b:4c:77:75:29:ef:de:3b:4c:52:c7:ed:85:89:
         20:b1:83:ca:3d:e9:1f:12:98:3c:54:67:bd:8a:c2:3c:b5:9c:
         cb:7c:83:46:2c:78:89:84:db:5d:b9:14:74:84:f4:d2:b9:94:
         54:74:c0:c9:95:02:39:85:a8:bb:2e:cb:80:7b:95:af:6d:93:
         ed:cd:55:36:40:7d:10:ce:26:d0:3d:06:13:ff:b3:5e:f8:be:
         c4:9a:42:bf:d9:f5:fb:d3:46:89:95:df:19:52:c6:44:13:ed:
         35:e1:24:ac:31:6d:16:bd:82:47:84:15:0c:c5:03:bd:c6:e9:
         71:6d:bd:21:91:1c:43:17:43:0c:de:12:96:d7:d9:de:62:c2:
         dd:fe:e6:7a:0a:39:03:aa:48:10:a8:33:0c:9c:b2:45:21:7d:
         9c:10:be:36:b5:f8:fe:bf:13:07:d3:81:9b:54:4c:5c:a8:38:
         be:16:0a:ee:10:85:00:9b:05:45:f8:62:c2:a8:87:df:9a:da:
         5d:3e:42:ca:47:bc:9a:7d:6c:3d:db:bf:9f:d5:97:de:26:85:
         1a:bf:f2:fa:f8:8d:9c:72:b3:37:6f:d0:ed:e9:a2:2a:95:d7:
         8b:8e:ee:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xibIlxpVVU/JkQq7EcxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjUxMDE5MTQwMTA4WhcNMjUxMDIwMTQwMTA4WjAzMTEwLwYDVQQD
EygxZTgxOTMxOWMxZDM5YzJjMWJhMzNhMTdmYzdkOTEyODcwMmViZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8A6BIgRwrKirSfF5VWxZIgcU/52S
lowi4zPxLlB+VZgQ6fea+BMQ3bWnU1H6oC52jHQNXKdXgB3KPgdoN2YYW1lu8yTl
b9fTd6EXZPLsFpRDjJdBsVB5xacCIe+Acd7gYiKIrLloDL/Txmym7rZLtysHSN24
7OUXjLfNnIBF42i4UJeJbnNtVJK2G+9DKqjPHoghlpULYVGO7+xKyuI3NmNQVz+3
C5iG+Ab96F1R2y0LToMpcmaO0HEksNZv2zqKQk2yytV86bz0maXirrJcFJvzYVGe
A9imCZ5ivuIpWnqZaPnExKPoHqEn0FujH5aWxrMRg0X1GTM9oRkj2Hs8TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6BkxnB05wsG6M6F/x9kShwLr9ZMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8/kgd7I
jDUCUAAbd1PxRbDTtWMAgDtMd3Up7947TFLH7YWJILGDyj3pHxKYPFRnvYrCPLWc
y3yDRix4iYTbXbkUdIT00rmUVHTAyZUCOYWouy7LgHuVr22T7c1VNkB9EM4m0D0G
E/+zXvi+xJpCv9n1+9NGiZXfGVLGRBPtNeEkrDFtFr2CR4QVDMUDvcbpcW29IZEc
QxdDDN4SltfZ3mLC3f7mego5A6pIEKgzDJyyRSF9nBC+NrX4/r8TB9OBm1RMXKg4
vhYK7hCFAJsFRfhiwqiH35raXT5Cyke8mn1sPdu/n9WX3iaFGr/y+viNnHKzN2/Q
7emiKpXXi47u8w==
-----END CERTIFICATE-----