Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          V9x6wuOEqUftTvyxFoYB5cu27+2t1npNQ260Xa6d/zg=
Subject key identifier:   08:D1:4D:E8:59:FE:20:A1:D9:E0:95:FB:ED:B4:84:F8:35:5E:6D:6F
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019749681C58F18A2F21A121CE9457189034
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0C5C
Signing time:             Sat 07 Jun 2025 08:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:49 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: ul0Tm71chNqYX2/ICCcvMW484pg5NkXaVdKQ9pSwhwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:68:1c:58:f1:8a:2f:21:a1:21:ce:94:57:18:90:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Jun  7 08:00:49 2025 GMT
            Not After : Jun  8 08:00:49 2025 GMT
        Subject: CN=08d14de859fe20a1d9e095fbedb484f8355e6d6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8a:8c:f4:39:28:a8:0f:a4:e8:df:f4:a9:c0:
                    56:6e:11:cd:39:7c:e6:8f:3b:67:b2:75:9e:ba:73:
                    3d:88:0a:54:1f:2c:ce:4c:d7:5a:48:60:de:65:98:
                    74:80:da:27:de:30:d4:ba:64:88:c7:12:a6:a3:01:
                    b2:0b:7f:a6:34:9d:a8:7c:82:d7:8d:f4:75:1c:14:
                    70:be:70:97:8c:c2:db:24:f6:94:de:ef:a6:60:48:
                    1c:ec:19:5a:4e:70:89:89:c2:42:f1:8d:64:4f:10:
                    e0:4e:20:c5:30:9c:85:14:b2:24:30:ba:e6:09:b4:
                    b5:c6:03:58:47:e3:a7:8c:cf:c6:4e:45:46:51:a0:
                    5d:14:29:00:c3:2c:b9:40:85:4f:a3:25:a6:28:b2:
                    a7:4d:6c:f1:3d:3f:d0:5a:53:a0:26:fe:e2:f5:62:
                    bf:2f:b9:3c:d2:55:79:97:45:94:a3:61:dc:68:04:
                    68:40:db:6c:e5:2f:c8:f3:d0:71:8d:6e:60:7c:46:
                    01:4f:2b:fa:e4:e3:c9:c1:52:46:28:32:50:4f:fc:
                    3a:27:95:01:62:a0:b4:8d:2c:aa:7e:af:80:91:25:
                    de:1f:ee:15:b2:10:4b:49:62:bd:07:43:b5:ce:eb:
                    f2:d3:7c:f4:47:a4:39:7f:02:2e:d4:a4:2e:db:17:
                    16:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D1:4D:E8:59:FE:20:A1:D9:E0:95:FB:ED:B4:84:F8:35:5E:6D:6F
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:54:ec:d1:cc:ab:00:37:b3:4c:a7:40:85:63:be:f6:c7:95:
         a7:de:cd:d2:28:61:cf:cc:25:5d:15:70:1c:ac:9d:84:be:f1:
         0c:34:5a:f6:d4:d4:9f:93:7f:5f:0e:f0:e5:49:ce:5d:77:4e:
         0c:59:de:c5:55:01:c9:14:c7:f2:37:c1:3f:07:9e:6b:92:f1:
         2b:e2:93:8f:1b:8e:6b:93:8b:5d:3e:f2:25:ca:c4:77:7d:53:
         33:d2:8b:3b:ed:02:59:da:8e:85:ed:47:12:17:cc:bb:3d:93:
         4c:33:f7:8c:a6:a4:40:58:6f:f0:44:7c:52:9e:fb:bb:d8:f6:
         ab:62:8a:5f:69:28:9f:04:3a:c9:35:f5:9a:80:fa:f6:82:6d:
         e8:e0:a3:33:b9:3a:94:14:88:67:5b:73:7c:90:a8:85:d6:09:
         77:fb:31:6c:82:d7:0d:3a:49:0d:81:98:b8:16:ce:83:8c:60:
         ef:47:f0:ea:c4:9d:8b:1e:7d:7d:32:13:71:85:f8:d5:a3:3b:
         27:95:ef:69:b3:28:46:69:46:42:7b:4d:3b:28:38:a8:e5:fd:
         c1:04:a6:c0:fd:bd:d1:9c:a5:61:29:58:33:12:bf:14:ae:ad:
         82:37:38:16:4c:96:6c:eb:18:89:fa:a8:31:30:b9:3d:4b:72:
         52:cd:32:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJaBxY8YovIaEhzpRXGJA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjUwNjA3MDgwMDQ5WhcNMjUwNjA4MDgwMDQ5WjAzMTEwLwYDVQQD
EygwOGQxNGRlODU5ZmUyMGExZDllMDk1ZmJlZGI0ODRmODM1NWU2ZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoqM9DkoqA+k6N/0qcBWbhHNOXzm
jztnsnWeunM9iApUHyzOTNdaSGDeZZh0gNon3jDUumSIxxKmowGyC3+mNJ2ofILX
jfR1HBRwvnCXjMLbJPaU3u+mYEgc7BlaTnCJicJC8Y1kTxDgTiDFMJyFFLIkMLrm
CbS1xgNYR+OnjM/GTkVGUaBdFCkAwyy5QIVPoyWmKLKnTWzxPT/QWlOgJv7i9WK/
L7k80lV5l0WUo2HcaARoQNts5S/I89BxjW5gfEYBTyv65OPJwVJGKDJQT/w6J5UB
YqC0jSyqfq+AkSXeH+4VshBLSWK9B0O1zuvy03z0R6Q5fwIu1KQu2xcWvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjRTehZ/iCh2eCV++20hPg1Xm1vMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxlTs0cyr
ADezTKdAhWO+9seVp97N0ihhz8wlXRVwHKydhL7xDDRa9tTUn5N/Xw7w5UnOXXdO
DFnexVUByRTH8jfBPweea5LxK+KTjxuOa5OLXT7yJcrEd31TM9KLO+0CWdqOhe1H
EhfMuz2TTDP3jKakQFhv8ER8Up77u9j2q2KKX2konwQ6yTX1moD69oJt6OCjM7k6
lBSIZ1tzfJCohdYJd/sxbILXDTpJDYGYuBbOg4xg70fw6sSdix59fTITcYX41aM7
J5XvabMoRmlGQntNOyg4qOX9wQSmwP290ZylYSlYMxK/FK6tgjc4FkyWbOsYifqo
MTC5PUtyUs0yXw==
-----END CERTIFICATE-----