Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
File:                     hesz_RfSMvvmsq22bLCv4N7pA7A.mft (raw, json)
Hash identifier:          KZ7oQf3vYDA7RY0aGW51dkPHF42hMFbEJvQ8CQgnorU=
Subject key identifier:   1E:FE:44:1B:55:9A:0A:FB:97:C5:09:59:58:D5:85:82:3B:F9:B3:FA
Authority key identifier: 85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
Certificate issuer:       /CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Certificate serial:       0199FC8F3CB7D078891EBDAC0EAEE3D6C5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
Manifest number:          056F
Signing time:             Sun 19 Oct 2025 13:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:09 +0000
Files and hashes:         1: hesz_RfSMvvmsq22bLCv4N7pA7A.crl (hash: Key3QFMvWeUckG5RMegwDI3eY+4FyY2d1b0sFb4IikE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:3c:b7:d0:78:89:1e:bd:ac:0e:ae:e3:d6:c5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
        Validity
            Not Before: Oct 19 13:01:09 2025 GMT
            Not After : Oct 20 13:01:09 2025 GMT
        Subject: CN=1efe441b559a0afb97c5095958d585823bf9b3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7d:9f:ee:c4:eb:73:b9:4d:e3:e1:b3:69:2e:
                    c0:ef:4c:92:52:02:34:f5:3c:30:bb:25:53:32:a6:
                    69:7e:b0:a1:59:49:4e:55:40:8f:5e:ac:61:8e:fd:
                    b2:6a:68:3e:93:d6:6c:92:39:64:23:b8:40:aa:b3:
                    e4:8b:ba:c2:d2:f8:36:39:6c:30:ce:87:ed:f8:b1:
                    2f:0e:87:b6:d2:42:e8:10:97:22:b1:ea:e0:96:bf:
                    b3:da:6f:a6:a6:2c:46:cb:f3:0f:0f:b6:2d:4d:60:
                    c1:7d:28:d6:2a:e0:11:e2:d1:61:76:7c:ba:e8:72:
                    47:97:f3:1b:dd:5a:35:86:06:0b:bc:59:74:64:3d:
                    a1:41:3c:67:f9:77:1b:b5:76:f6:ad:b7:68:7d:55:
                    a5:de:75:c9:d6:bf:ac:a9:a5:0d:24:18:97:25:41:
                    25:dd:99:a1:8f:45:1e:40:4c:d2:b3:32:96:1f:eb:
                    16:2d:21:d4:91:05:f9:b0:72:3d:d3:43:28:01:66:
                    9f:92:0d:b2:14:50:ef:e4:68:02:ae:18:86:ec:13:
                    ba:50:11:3b:c5:0a:e6:c5:f2:4c:75:ae:03:12:eb:
                    8f:7f:41:bd:16:25:a0:96:36:b1:6f:0e:83:3c:4b:
                    21:00:87:8d:38:cc:9e:0d:89:c5:a8:91:45:0c:85:
                    dc:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:FE:44:1B:55:9A:0A:FB:97:C5:09:59:58:D5:85:82:3B:F9:B3:FA
            X509v3 Authority Key Identifier:
                keyid:85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:e7:9a:09:19:2f:43:a9:b8:82:a6:8c:dc:a3:93:5c:81:dc:
         b2:07:2d:95:30:e0:ab:8a:92:f8:12:fc:cc:c1:95:44:05:85:
         c6:3b:01:03:10:17:f1:b7:2c:79:ef:c7:21:ae:ee:da:cc:e6:
         ed:ea:6d:10:a4:24:cc:e8:b4:38:b6:2c:19:81:db:af:c9:6e:
         39:41:9b:00:fd:e2:e6:84:66:cb:6d:71:52:d4:69:3b:29:f2:
         b3:dd:5a:10:12:6e:9d:ba:1e:0b:46:18:5f:e1:07:98:ef:29:
         77:cd:70:db:a8:86:01:06:66:72:08:a4:ef:29:00:32:a8:1c:
         a4:a6:00:ed:94:6c:74:d2:3b:8d:f0:51:b6:42:bb:41:a2:cc:
         42:30:78:57:32:ec:06:cc:26:cf:f7:4e:ae:f0:6d:3e:b8:86:
         4c:39:ff:c1:8f:71:a2:4b:9e:5e:85:16:b9:ae:3f:2a:a0:84:
         96:4c:99:79:ec:45:2b:56:3a:ff:5c:36:11:85:c8:6e:5b:f3:
         14:6e:a8:92:59:cd:9e:56:4c:bb:6b:60:89:17:6f:f1:23:9c:
         9c:05:d4:29:6a:38:14:0f:f9:1c:09:54:c6:5c:66:83:aa:9d:
         9a:4c:f3:5a:0c:5b:a2:45:94:67:7c:ab:e2:0a:a7:b0:64:4e:
         52:54:c4:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jzy30HiJHr2sDq7j1sX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZWIzM2ZkMTdkMjMyZmJlNmIyYWRiNjZjYjBhZmUwZGVl
OTAzYjAwHhcNMjUxMDE5MTMwMTA5WhcNMjUxMDIwMTMwMTA5WjAzMTEwLwYDVQQD
EygxZWZlNDQxYjU1OWEwYWZiOTdjNTA5NTk1OGQ1ODU4MjNiZjliM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA032f7sTrc7lN4+GzaS7A70ySUgI0
9TwwuyVTMqZpfrChWUlOVUCPXqxhjv2yamg+k9ZskjlkI7hAqrPki7rC0vg2OWww
zoft+LEvDoe20kLoEJciserglr+z2m+mpixGy/MPD7YtTWDBfSjWKuAR4tFhdny6
6HJHl/Mb3Vo1hgYLvFl0ZD2hQTxn+XcbtXb2rbdofVWl3nXJ1r+sqaUNJBiXJUEl
3Zmhj0UeQEzSszKWH+sWLSHUkQX5sHI900MoAWafkg2yFFDv5GgCrhiG7BO6UBE7
xQrmxfJMda4DEuuPf0G9FiWgljaxbw6DPEshAIeNOMyeDYnFqJFFDIXcKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB7+RBtVmgr7l8UJWVjVhYI7+bP6MB8GA1UdIwQY
MBaAFIXrM/0X0jL75rKttmywr+De6QOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMt
OGEzOGVhMmIxZjU0LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMtOGEzOGVhMmIxZjU0
LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWOeaCRkv
Q6m4gqaM3KOTXIHcsgctlTDgq4qS+BL8zMGVRAWFxjsBAxAX8bcsee/HIa7u2szm
7eptEKQkzOi0OLYsGYHbr8luOUGbAP3i5oRmy21xUtRpOynys91aEBJunboeC0YY
X+EHmO8pd81w26iGAQZmcgik7ykAMqgcpKYA7ZRsdNI7jfBRtkK7QaLMQjB4VzLs
Bswmz/dOrvBtPriGTDn/wY9xokueXoUWua4/KqCElkyZeexFK1Y6/1w2EYXIblvz
FG6oklnNnlZMu2tgiRdv8SOcnAXUKWo4FA/5HAlUxlxmg6qdmkzzWgxbokWUZ3yr
4gqnsGROUlTEbg==
-----END CERTIFICATE-----