Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
File:                     HpPX4oqwueeUSHlGoProzW7VQHE.mft (raw, json)
Hash identifier:          aRlonlOC0L5H93wttSmnaujtv7Qdr5r8UGnGeoA5Z/E=
Subject key identifier:   80:5B:7C:67:38:FA:74:7D:B1:4E:EC:01:D3:BC:90:BF:8C:A0:E5:3E
Authority key identifier: 1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71
Certificate issuer:       /CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
Certificate serial:       0199FEEC0D07469E12DAC69838CF69522B1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
Manifest number:          7D
Signing time:             Mon 20 Oct 2025 00:01:46 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:46 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:46 +0000
Files and hashes:         1: HpPX4oqwueeUSHlGoProzW7VQHE.crl (hash: lp7F1Cw4GZEE7g27Dnn0cyyBjzV6Em/e9iNGfhkjHBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:ec:0d:07:46:9e:12:da:c6:98:38:cf:69:52:2b:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
        Validity
            Not Before: Oct 20 00:01:46 2025 GMT
            Not After : Oct 21 00:01:46 2025 GMT
        Subject: CN=805b7c6738fa747db14eec01d3bc90bf8ca0e53e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:b0:4c:da:a9:58:34:dc:b7:48:c2:a6:ef:33:
                    48:0b:89:53:18:2a:e8:39:96:0c:71:90:70:02:ab:
                    56:4f:77:45:f0:a7:8c:3c:f0:43:1f:db:5b:d6:a7:
                    3a:c3:b1:9c:48:6c:ea:41:60:89:88:dd:e2:cc:21:
                    c2:5e:1a:e6:d0:e9:62:fc:fe:5b:47:b7:c0:10:5e:
                    f2:5f:4b:fb:5f:1e:23:72:be:0c:59:93:ed:a6:9c:
                    36:cd:01:d9:8f:d8:c5:ff:4f:8b:84:d2:1f:ae:41:
                    bf:34:b3:7e:98:3f:aa:af:4c:95:6d:c1:df:4d:53:
                    00:e2:83:2f:1e:ba:62:bc:b6:95:04:ac:ce:99:f0:
                    ac:64:de:62:ef:cc:7c:4b:81:31:92:a8:18:1f:86:
                    4d:7c:37:03:e4:38:a6:c8:e5:1f:d4:85:1b:c1:07:
                    82:aa:ec:ff:46:a1:23:bb:24:40:48:1d:4f:37:d6:
                    60:85:4e:04:f3:f0:66:73:c9:59:df:75:26:39:e5:
                    cd:7e:9c:d4:93:a6:69:cf:f8:52:bf:ed:58:3e:47:
                    ed:03:b8:85:b9:6d:cd:31:d0:47:d8:16:8b:0d:3c:
                    61:f9:ad:87:cc:6f:ea:91:8a:92:ab:76:81:12:ff:
                    e5:7f:08:91:a5:df:4a:94:db:a4:78:90:19:5c:b2:
                    4a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:5B:7C:67:38:FA:74:7D:B1:4E:EC:01:D3:BC:90:BF:8C:A0:E5:3E
            X509v3 Authority Key Identifier:
                keyid:1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:f3:7d:d2:be:e9:aa:d0:4a:3b:b0:2f:f7:10:2e:97:d8:1f:
         9f:f1:49:eb:82:14:8d:41:7b:0d:61:7e:54:ec:a0:c5:6e:f4:
         73:2a:b6:a1:b5:11:62:c2:9f:9f:44:f5:22:38:d2:d9:68:be:
         40:11:db:a7:26:57:62:28:88:c3:2e:23:a4:8a:68:de:e3:ef:
         56:e2:b4:ff:ec:44:87:8d:27:b6:0e:40:ca:4f:e7:53:51:49:
         d9:b9:29:86:69:bb:0c:1d:79:2d:07:66:b1:e2:ba:aa:5e:58:
         90:92:b5:c6:79:45:a3:2c:34:d2:10:c5:25:cb:b4:e5:da:3a:
         db:92:d3:b4:5f:62:81:e2:f1:83:26:8a:15:2d:43:18:0b:e7:
         56:08:44:2a:bb:80:5f:e7:8f:53:1e:21:da:3f:c3:8d:a6:4a:
         92:32:82:44:04:df:79:6d:bc:8b:af:7c:dc:cc:d6:0d:da:65:
         3e:47:de:7d:ac:26:75:4a:10:ae:6f:ea:83:e5:fd:f2:fb:40:
         ed:09:49:ee:d3:02:ec:4e:90:e6:a8:06:01:95:f0:13:1a:f4:
         03:a1:07:4b:02:94:7c:6e:24:58:bf:f0:59:25:6c:e2:16:b3:
         4d:27:63:32:eb:ef:c0:c8:a3:a9:00:a1:a1:ff:53:e1:2d:38:
         2d:89:fa:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+7A0HRp4S2saYOM9pUisbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTNkN2UyOGFiMGI5ZTc5NDQ4Nzk0NmEwZmFlOGNkNmVk
NTQwNzEwHhcNMjUxMDIwMDAwMTQ2WhcNMjUxMDIxMDAwMTQ2WjAzMTEwLwYDVQQD
Eyg4MDViN2M2NzM4ZmE3NDdkYjE0ZWVjMDFkM2JjOTBiZjhjYTBlNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LBM2qlYNNy3SMKm7zNIC4lTGCro
OZYMcZBwAqtWT3dF8KeMPPBDH9tb1qc6w7GcSGzqQWCJiN3izCHCXhrm0Oli/P5b
R7fAEF7yX0v7Xx4jcr4MWZPtppw2zQHZj9jF/0+LhNIfrkG/NLN+mD+qr0yVbcHf
TVMA4oMvHrpivLaVBKzOmfCsZN5i78x8S4ExkqgYH4ZNfDcD5DimyOUf1IUbwQeC
quz/RqEjuyRASB1PN9ZghU4E8/Bmc8lZ33UmOeXNfpzUk6Zpz/hSv+1YPkftA7iF
uW3NMdBH2BaLDTxh+a2HzG/qkYqSq3aBEv/lfwiRpd9KlNukeJAZXLJKYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBbfGc4+nR9sU7sAdO8kL+MoOU+MB8GA1UdIwQY
MBaAFB6T1+KKsLnnlEh5RqD66M1u1UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzkt
MWExNmVmNDkyMDM0LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzktMWExNmVmNDkyMDM0
LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP/N90r7p
qtBKO7Av9xAul9gfn/FJ64IUjUF7DWF+VOygxW70cyq2obURYsKfn0T1IjjS2Wi+
QBHbpyZXYiiIwy4jpIpo3uPvVuK0/+xEh40ntg5Ayk/nU1FJ2bkphmm7DB15LQdm
seK6ql5YkJK1xnlFoyw00hDFJcu05do625LTtF9igeLxgyaKFS1DGAvnVghEKruA
X+ePUx4h2j/DjaZKkjKCRATfeW28i6983MzWDdplPkfefawmdUoQrm/qg+X98vtA
7QlJ7tMC7E6Q5qgGAZXwExr0A6EHSwKUfG4kWL/wWSVs4hazTSdjMuvvwMijqQCh
of9T4S04LYn6rg==
-----END CERTIFICATE-----