Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
File:                     MMOt1700croWgExJC2ahCXZZvTE.mft (raw, json)
Hash identifier:          HZmK4o4878pvy/lV47KbawbOOrGzXNz75CyqYx4SsYQ=
Subject key identifier:   29:04:6C:72:4E:A3:A0:25:45:09:C3:0D:9E:DC:EA:86:0D:99:09:65
Authority key identifier: 30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31
Certificate issuer:       /CN=30c3add7bd3472ba16804c490b66a1097659bd31
Certificate serial:       01974D44BB214DDE8BF868F6EC010F67E8C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
Manifest number:          0B31
Signing time:             Sun 08 Jun 2025 02:00:39 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:39 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:39 +0000
Files and hashes:         1: MMOt1700croWgExJC2ahCXZZvTE.crl (hash: EKnlo82f5tpRJ6fVxIlDKevwJARxRGudhS7V+1j/d+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:44:bb:21:4d:de:8b:f8:68:f6:ec:01:0f:67:e8:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c3add7bd3472ba16804c490b66a1097659bd31
        Validity
            Not Before: Jun  8 02:00:39 2025 GMT
            Not After : Jun  9 02:00:39 2025 GMT
        Subject: CN=29046c724ea3a0254509c30d9edcea860d990965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:17:2b:90:fa:93:f9:a7:e1:9c:ee:a5:5f:7f:
                    2d:f7:81:0e:9a:17:54:73:29:4c:01:e9:ba:89:3a:
                    95:7d:dc:1e:ff:71:5f:fe:c0:54:23:4a:7c:a4:d5:
                    e2:d5:a1:70:9c:0c:0c:9d:69:8c:52:37:b3:f7:8d:
                    88:72:5c:44:b3:91:90:c6:56:a7:a3:9e:e0:6f:cf:
                    d5:06:93:18:75:a4:e4:cb:28:2f:81:7d:be:fb:50:
                    24:74:1e:f5:06:ee:50:01:2a:4f:eb:ba:49:a1:7a:
                    93:00:f6:d1:20:f6:0a:0e:1b:a2:ba:d3:fe:e0:3f:
                    b3:26:d9:a0:cd:29:93:5b:76:08:d2:cd:71:b2:f2:
                    b0:78:ee:a4:cb:5d:a6:de:f6:2a:bc:6e:8a:86:36:
                    dd:2b:a0:33:d8:89:bf:99:4b:f2:f3:6f:4c:92:71:
                    f7:46:d0:4f:56:0c:a3:d0:18:da:5b:d6:da:00:13:
                    ad:5c:3f:2b:bb:0b:19:85:71:f5:74:b1:04:74:eb:
                    18:b8:54:9a:24:1a:55:ec:95:3b:35:cd:15:77:0a:
                    8f:65:8d:3e:02:11:90:86:35:c5:75:39:47:18:96:
                    be:21:a3:63:cd:79:a9:47:b8:4c:9d:0c:6a:ba:87:
                    63:f6:f2:3c:7a:48:30:67:d9:44:54:97:6c:81:7c:
                    73:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:04:6C:72:4E:A3:A0:25:45:09:C3:0D:9E:DC:EA:86:0D:99:09:65
            X509v3 Authority Key Identifier:
                keyid:30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:9f:d4:04:10:2f:77:63:0e:24:f0:2b:f0:1d:75:8f:27:6f:
         4c:12:b4:ed:45:7b:50:0e:fd:97:de:e6:a6:de:c4:04:3d:6d:
         71:fc:c7:a3:39:18:9a:ad:70:12:8b:71:d0:e8:1f:8d:1d:67:
         91:29:bf:cf:6f:6c:b0:79:49:a4:74:0d:8d:2f:7b:c9:83:3e:
         83:57:5d:aa:78:ae:96:60:55:7f:72:61:e9:cc:0d:69:8a:d9:
         e9:a3:32:54:80:4f:28:17:95:dc:f1:4b:76:5a:9a:c4:81:bd:
         d0:fe:26:14:69:b3:1a:a7:ad:75:b9:85:52:7f:86:81:31:6b:
         c0:72:03:b5:5b:71:d5:02:76:01:a8:0d:97:cd:74:fc:f8:69:
         ae:9f:b8:96:45:1c:f1:3f:bc:a4:d0:d5:3d:e4:3b:c4:01:eb:
         dd:65:d2:c0:5f:cc:24:e1:50:14:14:3c:26:e6:52:e8:b8:1b:
         65:5e:8d:c5:fe:13:4c:77:41:a4:86:4a:12:22:8d:fa:45:ec:
         a4:d6:a8:7b:bb:f0:bc:2b:bf:ee:a4:6b:ee:79:3c:69:81:90:
         84:b3:93:36:24:c5:48:a1:63:bd:38:19:dd:3d:6b:04:a7:f9:
         a1:78:e1:0c:70:12:f1:a9:2b:d7:b7:75:0a:2f:fa:09:89:2d:
         06:05:fe:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRLshTd6L+Gj27AEPZ+jDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzNhZGQ3YmQzNDcyYmExNjgwNGM0OTBiNjZhMTA5NzY1
OWJkMzEwHhcNMjUwNjA4MDIwMDM5WhcNMjUwNjA5MDIwMDM5WjAzMTEwLwYDVQQD
EygyOTA0NmM3MjRlYTNhMDI1NDUwOWMzMGQ5ZWRjZWE4NjBkOTkwOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBcrkPqT+afhnO6lX38t94EOmhdU
cylMAem6iTqVfdwe/3Ff/sBUI0p8pNXi1aFwnAwMnWmMUjez942IclxEs5GQxlan
o57gb8/VBpMYdaTkyygvgX2++1AkdB71Bu5QASpP67pJoXqTAPbRIPYKDhuiutP+
4D+zJtmgzSmTW3YI0s1xsvKweO6ky12m3vYqvG6KhjbdK6Az2Im/mUvy829MknH3
RtBPVgyj0BjaW9baABOtXD8ruwsZhXH1dLEEdOsYuFSaJBpV7JU7Nc0VdwqPZY0+
AhGQhjXFdTlHGJa+IaNjzXmpR7hMnQxquodj9vI8ekgwZ9lEVJdsgXxznQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkEbHJOo6AlRQnDDZ7c6oYNmQllMB8GA1UdIwQY
MBaAFDDDrde9NHK6FoBMSQtmoQl2Wb0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2Ut
OTVjZDY5MjRhYjRlLzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2UtOTVjZDY5MjRhYjRl
LzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmZ/UBBAv
d2MOJPAr8B11jydvTBK07UV7UA79l97mpt7EBD1tcfzHozkYmq1wEotx0OgfjR1n
kSm/z29ssHlJpHQNjS97yYM+g1ddqniulmBVf3Jh6cwNaYrZ6aMyVIBPKBeV3PFL
dlqaxIG90P4mFGmzGqetdbmFUn+GgTFrwHIDtVtx1QJ2AagNl810/Phprp+4lkUc
8T+8pNDVPeQ7xAHr3WXSwF/MJOFQFBQ8JuZS6LgbZV6Nxf4TTHdBpIZKEiKN+kXs
pNaoe7vwvCu/7qRr7nk8aYGQhLOTNiTFSKFjvTgZ3T1rBKf5oXjhDHAS8akr17d1
Ci/6CYktBgX+hw==
-----END CERTIFICATE-----