Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          R4T8um+WZB6bD/cVPPn/QUTjlJ9GBeYpAQabyTs4zfU=
Subject key identifier:   72:8F:C1:EA:C3:87:C3:8F:3B:71:FC:2F:69:4E:21:69:6B:A4:15:FE
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       0197469E958527E325DA72DA0BC87648FDAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0CF0
Signing time:             Fri 06 Jun 2025 19:01:27 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:27 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:27 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: Xl72f5l9luRRvW/kFwLOEpj9vL57Xy2nqgHxRW1HxpM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:95:85:27:e3:25:da:72:da:0b:c8:76:48:fd:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Jun  6 19:01:27 2025 GMT
            Not After : Jun  7 19:01:27 2025 GMT
        Subject: CN=728fc1eac387c38f3b71fc2f694e21696ba415fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:12:e7:e2:48:c2:18:4c:c2:ae:4f:4b:6c:17:
                    4c:d1:96:a4:75:08:2a:aa:9a:6b:c4:0f:78:9c:56:
                    1d:c8:4f:e2:50:1a:8d:e0:ba:a6:7b:c8:bf:81:f0:
                    35:43:78:a6:15:43:33:a3:f5:5e:26:7a:14:0c:e6:
                    b2:91:89:77:f1:a7:0f:80:6c:72:25:a7:c2:f4:29:
                    7a:c4:6e:25:4a:67:03:4f:41:ce:1d:60:0c:6f:c0:
                    2c:40:60:2b:06:22:3f:aa:bf:be:0d:3d:f2:41:1d:
                    e3:d3:c0:64:53:4b:8b:69:12:b5:44:08:ce:af:97:
                    e5:77:38:89:7f:7c:5f:1b:5a:0d:99:2c:d8:6e:da:
                    30:43:2e:f2:4b:40:c3:ad:4c:c2:fb:f0:91:94:d3:
                    01:b7:ba:cc:b5:3e:39:43:ed:af:b8:5c:ea:34:4c:
                    6d:09:b9:0c:90:89:35:03:a5:80:bf:09:dc:35:9b:
                    b9:d7:58:ff:b3:35:84:32:1a:f6:97:3f:87:27:58:
                    01:01:ee:b8:e7:91:35:e9:f0:66:da:a3:af:61:b6:
                    6d:14:bf:86:fc:be:1b:53:f6:89:05:60:55:57:6c:
                    10:8e:cc:08:26:7f:36:91:e0:36:b7:e1:6d:76:8f:
                    46:9e:bd:c3:76:34:df:48:62:df:d7:03:d4:96:f3:
                    75:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:8F:C1:EA:C3:87:C3:8F:3B:71:FC:2F:69:4E:21:69:6B:A4:15:FE
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:aa:29:8f:53:d8:e5:5a:98:55:33:e0:36:f7:38:7c:e8:a9:
         db:00:a5:5c:95:52:91:d0:cd:44:ae:a5:b6:15:04:1a:75:72:
         d3:c1:76:3c:94:09:dd:bd:c3:dc:a9:ae:23:62:35:fe:c4:b0:
         67:5c:43:3b:60:17:75:10:f8:2e:2a:43:c3:29:96:0c:84:11:
         59:11:41:87:0d:b5:04:8f:e2:71:e8:27:b2:86:e5:3d:40:77:
         5c:0f:d3:9a:8c:bc:0b:5d:b4:39:4b:4b:1b:c4:fb:29:36:29:
         3e:1e:ed:c8:37:b0:89:67:41:fc:7e:74:b9:24:79:b3:a6:74:
         7e:10:3d:05:02:3b:a2:69:c6:93:b7:22:8b:d6:a0:81:11:c5:
         02:c3:b6:b7:a7:05:9f:07:00:4d:ca:38:72:ff:cc:0a:b4:5e:
         0b:d4:93:4a:4e:68:02:82:11:72:61:56:78:95:30:b8:d4:18:
         10:eb:7b:66:89:2a:f9:f8:04:80:a7:8f:ec:b1:3c:4e:3b:c0:
         76:1f:5f:d6:9e:5e:6a:78:af:c3:b6:3f:99:3a:7e:c2:82:c4:
         55:94:df:69:1a:d1:f8:b3:f4:6f:d0:b5:ee:33:89:ba:22:ec:
         26:da:b8:28:b6:a6:b1:ff:1b:ba:85:a3:db:c5:db:75:ff:f8:
         d2:a8:78:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnpWFJ+Ml2nLaC8h2SP2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwNjA2MTkwMTI3WhcNMjUwNjA3MTkwMTI3WjAzMTEwLwYDVQQD
Eyg3MjhmYzFlYWMzODdjMzhmM2I3MWZjMmY2OTRlMjE2OTZiYTQxNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxLn4kjCGEzCrk9LbBdM0ZakdQgq
qpprxA94nFYdyE/iUBqN4Lqme8i/gfA1Q3imFUMzo/VeJnoUDOaykYl38acPgGxy
JafC9Cl6xG4lSmcDT0HOHWAMb8AsQGArBiI/qr++DT3yQR3j08BkU0uLaRK1RAjO
r5fldziJf3xfG1oNmSzYbtowQy7yS0DDrUzC+/CRlNMBt7rMtT45Q+2vuFzqNExt
CbkMkIk1A6WAvwncNZu511j/szWEMhr2lz+HJ1gBAe6455E16fBm2qOvYbZtFL+G
/L4bU/aJBWBVV2wQjswIJn82keA2t+Ftdo9Gnr3DdjTfSGLf1wPUlvN1NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKPwerDh8OPO3H8L2lOIWlrpBX+MB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbaopj1PY
5VqYVTPgNvc4fOip2wClXJVSkdDNRK6lthUEGnVy08F2PJQJ3b3D3KmuI2I1/sSw
Z1xDO2AXdRD4LipDwymWDIQRWRFBhw21BI/icegnsoblPUB3XA/Tmoy8C120OUtL
G8T7KTYpPh7tyDewiWdB/H50uSR5s6Z0fhA9BQI7omnGk7cii9aggRHFAsO2t6cF
nwcATco4cv/MCrReC9STSk5oAoIRcmFWeJUwuNQYEOt7Zokq+fgEgKeP7LE8TjvA
dh9f1p5eanivw7Y/mTp+woLEVZTfaRrR+LP0b9C17jOJuiLsJtq4KLamsf8buoWj
28Xbdf/40qh4Fw==
-----END CERTIFICATE-----