Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          nqBioxCMgi24oxOqqp6i6cN4oIvWbLHQCRO3qiyUhIE=
Subject key identifier:   84:AC:32:F4:D8:BF:68:C0:A5:A9:92:F8:3B:37:10:F9:69:9A:1E:E0
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       01965236A803745298F1C161F72A0E2C77CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0BDC
Signing time:             Sun 20 Apr 2025 08:00:35 +0000
Manifest this update:     Sun 20 Apr 2025 08:00:35 +0000
Manifest next update:     Mon 21 Apr 2025 08:00:35 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: qlddO7pDTSwFpE1MK8ipJ9brSPyemy8y/fPAMeOS6RM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:52:36:a8:03:74:52:98:f1:c1:61:f7:2a:0e:2c:77:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Apr 20 08:00:35 2025 GMT
            Not After : Apr 21 08:00:35 2025 GMT
        Subject: CN=84ac32f4d8bf68c0a5a992f83b3710f9699a1ee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:40:a8:17:eb:b8:d5:28:db:17:26:f0:74:0e:
                    20:8d:f1:b4:87:f2:11:06:aa:be:0f:9e:b5:8b:de:
                    e2:2b:14:85:37:ab:e2:5c:b6:dd:6f:e0:13:37:2c:
                    37:5a:fd:51:40:72:02:f0:86:18:66:95:c7:37:71:
                    f4:ed:59:a9:ed:48:32:08:9d:81:29:eb:5d:9c:24:
                    d9:7f:bf:4d:06:dc:ba:50:1d:79:75:ce:ff:3b:74:
                    e3:a3:b3:6a:c3:b6:9b:19:97:ff:b1:10:7c:0e:8c:
                    2d:dd:f4:40:ff:fa:63:25:2f:2b:8a:9f:a3:0e:6a:
                    f2:a0:db:79:74:28:85:9e:d1:76:12:0e:ef:fe:7a:
                    a7:14:87:61:0c:c7:cc:49:f7:f6:e5:a7:40:a6:24:
                    fc:f9:58:4a:63:0f:ee:c6:e2:f8:98:c6:ba:8a:9f:
                    d6:dd:7a:68:42:4e:03:d0:d0:38:20:66:c5:30:bb:
                    f7:00:0e:89:33:7a:a9:3b:7d:45:2e:0f:b0:f5:c3:
                    c5:ef:d9:a0:56:ec:70:c1:df:7a:d0:ac:18:a6:8c:
                    80:4d:81:7e:cb:c9:fb:a2:78:bc:59:72:45:5b:4c:
                    ac:88:52:b2:bf:73:0e:a6:f6:65:9d:d4:5f:36:6e:
                    ec:05:13:57:c6:9b:ff:a3:26:07:33:5b:8f:16:31:
                    20:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:AC:32:F4:D8:BF:68:C0:A5:A9:92:F8:3B:37:10:F9:69:9A:1E:E0
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:5d:e2:58:66:ec:d8:aa:55:43:63:61:f1:58:c5:25:d8:66:
         24:28:a6:17:c1:71:87:df:dc:c4:2c:39:c5:9b:a8:e7:b8:11:
         24:41:5a:aa:ef:d3:3b:c5:33:21:ed:b2:69:3a:5b:63:e5:37:
         b6:55:8e:db:70:02:fa:3b:54:f5:1e:aa:90:46:d7:1e:50:14:
         11:0a:f7:97:42:d9:cd:49:27:8f:62:c7:e2:de:d3:10:5f:bf:
         4a:f7:58:2c:9b:9e:34:ae:73:b7:21:b3:ca:0d:c6:d4:6a:66:
         72:db:42:94:cb:77:43:95:bd:a4:01:46:90:83:d5:19:24:cb:
         e1:7d:d9:4f:3a:8e:d1:be:75:85:4d:ed:b7:ab:e8:e9:e3:a6:
         d2:34:c4:f6:45:49:e7:d0:62:5c:6b:3d:36:3a:7f:23:f3:91:
         66:71:0d:82:33:59:98:dc:08:42:53:97:58:63:f9:0b:64:47:
         0f:ff:20:9c:c1:00:75:a9:58:c6:fe:1c:35:7c:9d:02:f8:b5:
         68:c3:63:74:aa:e9:7c:df:b8:0f:b9:52:be:16:a9:95:a5:65:
         47:42:e3:dd:1f:9e:8e:bc:5f:8e:bd:ae:02:bc:70:72:7f:39:
         6e:3b:9d:70:97:b2:29:e0:75:58:52:2f:39:8a:80:1c:b2:f4:
         b1:48:35:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZSNqgDdFKY8cFh9yoOLHfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjUwNDIwMDgwMDM1WhcNMjUwNDIxMDgwMDM1WjAzMTEwLwYDVQQD
Eyg4NGFjMzJmNGQ4YmY2OGMwYTVhOTkyZjgzYjM3MTBmOTY5OWExZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUCoF+u41SjbFybwdA4gjfG0h/IR
Bqq+D561i97iKxSFN6viXLbdb+ATNyw3Wv1RQHIC8IYYZpXHN3H07Vmp7UgyCJ2B
KetdnCTZf79NBty6UB15dc7/O3Tjo7Nqw7abGZf/sRB8Dowt3fRA//pjJS8rip+j
DmryoNt5dCiFntF2Eg7v/nqnFIdhDMfMSff25adApiT8+VhKYw/uxuL4mMa6ip/W
3XpoQk4D0NA4IGbFMLv3AA6JM3qpO31FLg+w9cPF79mgVuxwwd960KwYpoyATYF+
y8n7oni8WXJFW0ysiFKyv3MOpvZlndRfNm7sBRNXxpv/oyYHM1uPFjEgFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISsMvTYv2jApamS+Ds3EPlpmh7gMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaF3iWGbs
2KpVQ2Nh8VjFJdhmJCimF8Fxh9/cxCw5xZuo57gRJEFaqu/TO8UzIe2yaTpbY+U3
tlWO23AC+jtU9R6qkEbXHlAUEQr3l0LZzUknj2LH4t7TEF+/SvdYLJueNK5ztyGz
yg3G1GpmcttClMt3Q5W9pAFGkIPVGSTL4X3ZTzqO0b51hU3tt6vo6eOm0jTE9kVJ
59BiXGs9Njp/I/ORZnENgjNZmNwIQlOXWGP5C2RHD/8gnMEAdalYxv4cNXydAvi1
aMNjdKrpfN+4D7lSvhaplaVlR0Lj3R+ejrxfjr2uArxwcn85bjudcJeyKeB1WFIv
OYqAHLL0sUg1SQ==
-----END CERTIFICATE-----