Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
File:                     D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft (raw, json)
Hash identifier:          ZPTslpChwuTl4RUTnvEWsLYiaQoFDQJ2VZ8Y1QrtzVg=
Subject key identifier:   22:4C:75:B1:F3:9E:E3:3C:A9:49:34:5C:9D:65:E9:A9:95:AB:40:7C
Authority key identifier: 0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3
Certificate issuer:       /CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
Certificate serial:       0199FCC697BFF5031570214781DAD5FB201E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
Manifest number:          083D
Signing time:             Sun 19 Oct 2025 14:01:37 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:37 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:37 +0000
Files and hashes:         1: D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl (hash: EhpScx9GCjDAdieVngZ4VWK7dfTCqowAZyFyP1E2FEE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:97:bf:f5:03:15:70:21:47:81:da:d5:fb:20:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
        Validity
            Not Before: Oct 19 14:01:37 2025 GMT
            Not After : Oct 20 14:01:37 2025 GMT
        Subject: CN=224c75b1f39ee33ca949345c9d65e9a995ab407c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:48:7f:cf:c1:96:03:5f:c9:9d:95:9b:44:26:
                    08:78:14:c9:35:bd:ab:d3:15:47:52:8c:40:05:a9:
                    ca:32:af:b2:f2:f2:ac:e4:e7:e7:f1:e9:f3:bc:7f:
                    25:38:8a:ae:ee:7f:0a:62:31:e4:4d:1a:f4:6f:32:
                    99:2a:cf:6f:0f:22:87:bb:20:c0:14:bc:47:03:e9:
                    83:85:98:c2:55:9e:18:bc:83:d2:a7:fa:cf:17:a2:
                    d3:43:b3:9e:76:5f:9d:a5:2f:dd:a9:f6:e5:84:2f:
                    07:33:7c:37:e1:0c:86:11:30:38:ad:61:b7:03:97:
                    fa:c1:8a:6f:27:e2:07:09:90:43:95:d1:c0:67:be:
                    bd:ad:38:3e:f9:2b:3d:91:ef:2c:b7:a4:c8:44:9e:
                    37:91:fe:4f:b7:1b:07:30:ee:9c:47:cb:9e:49:dc:
                    41:64:36:29:7e:fd:e3:6c:cd:ee:90:4a:44:94:e8:
                    be:64:69:71:e9:42:02:5f:70:c5:a2:b3:66:a7:03:
                    8e:90:b7:cc:88:da:7f:c8:e6:8b:a3:c5:0f:a6:36:
                    32:27:22:24:92:69:e0:b7:00:03:1b:f9:de:aa:57:
                    16:20:66:b0:67:f9:6a:5b:e2:fd:48:51:b8:af:b0:
                    c2:de:49:58:b6:99:93:45:1c:8e:50:16:d1:3d:e7:
                    37:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4C:75:B1:F3:9E:E3:3C:A9:49:34:5C:9D:65:E9:A9:95:AB:40:7C
            X509v3 Authority Key Identifier:
                keyid:0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:33:b2:79:6c:da:f5:ea:2e:f0:16:bf:d0:1d:14:31:b6:94:
         1a:1a:46:8b:0d:ba:30:bc:90:05:e2:5e:74:7e:3d:9a:35:ff:
         ee:a6:4a:ce:29:b0:26:3f:f3:e0:b9:31:1c:89:ae:21:ba:a0:
         09:c7:7a:c4:a8:06:9f:e8:ed:f9:c2:5e:38:e9:8d:4f:cf:3c:
         7a:d4:ee:14:1a:32:90:9b:dd:12:b3:38:72:4f:fd:ec:5a:a9:
         0b:e8:a6:aa:17:4c:1e:3b:24:18:f5:c1:45:c1:e8:cd:ee:3a:
         f8:84:a8:11:b7:37:e1:e4:e6:67:f1:2f:a7:c1:07:17:ea:cb:
         44:66:3c:a0:d6:0f:b2:02:84:dd:cd:12:f9:b6:3c:5f:e9:c0:
         a8:d8:a8:ff:55:84:0d:37:5c:11:56:3a:c7:2f:48:06:47:09:
         80:30:52:e5:3c:7d:f1:4b:26:9c:7f:02:c8:34:91:d3:f3:e7:
         f8:72:37:cb:d2:2b:37:65:0a:45:86:fa:45:1a:c8:24:f0:f2:
         0e:00:8e:80:39:38:fe:b0:9e:49:4c:28:04:2c:e7:a0:6b:fb:
         ab:b7:3f:5d:c2:7d:7f:ce:80:8f:b0:48:e9:38:70:4f:36:9b:
         f1:58:3b:da:d1:7a:af:8a:dc:73:cb:a5:e4:a8:90:ff:4e:41:
         3f:20:9f:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xpe/9QMVcCFHgdrV+yAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYjdmMWZkODc2OGUyMTE2MzU0MmFmY2Y1NWE4M2M2OTgw
MjE1YTMwHhcNMjUxMDE5MTQwMTM3WhcNMjUxMDIwMTQwMTM3WjAzMTEwLwYDVQQD
EygyMjRjNzViMWYzOWVlMzNjYTk0OTM0NWM5ZDY1ZTlhOTk1YWI0MDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0h/z8GWA1/JnZWbRCYIeBTJNb2r
0xVHUoxABanKMq+y8vKs5Ofn8enzvH8lOIqu7n8KYjHkTRr0bzKZKs9vDyKHuyDA
FLxHA+mDhZjCVZ4YvIPSp/rPF6LTQ7Oedl+dpS/dqfblhC8HM3w34QyGETA4rWG3
A5f6wYpvJ+IHCZBDldHAZ769rTg++Ss9ke8st6TIRJ43kf5PtxsHMO6cR8ueSdxB
ZDYpfv3jbM3ukEpElOi+ZGlx6UICX3DForNmpwOOkLfMiNp/yOaLo8UPpjYyJyIk
kmngtwADG/neqlcWIGawZ/lqW+L9SFG4r7DC3klYtpmTRRyOUBbRPec3lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJMdbHznuM8qUk0XJ1l6amVq0B8MB8GA1UdIwQY
MBaAFA+38f2HaOIRY1Qq/PVag8aYAhWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAt
YTBlMjhkY2ZmZmM3LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAtYTBlMjhkY2ZmZmM3
LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzOyeWza
9eou8Ba/0B0UMbaUGhpGiw26MLyQBeJedH49mjX/7qZKzimwJj/z4LkxHImuIbqg
Ccd6xKgGn+jt+cJeOOmNT888etTuFBoykJvdErM4ck/97FqpC+imqhdMHjskGPXB
RcHoze46+ISoEbc34eTmZ/Evp8EHF+rLRGY8oNYPsgKE3c0S+bY8X+nAqNio/1WE
DTdcEVY6xy9IBkcJgDBS5Tx98UsmnH8CyDSR0/Pn+HI3y9IrN2UKRYb6RRrIJPDy
DgCOgDk4/rCeSUwoBCznoGv7q7c/XcJ9f86Aj7BI6ThwTzab8Vg72tF6r4rcc8ul
5KiQ/05BPyCfqQ==
-----END CERTIFICATE-----