Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          HzDVzCXNTuw0vN1QjpoV0anD/anDB77e6C8pYqBlAyY=
Subject key identifier:   F2:41:38:B5:53:04:2C:0D:CE:69:77:D4:D8:25:7B:C7:A8:3C:FD:E1
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       01975121FBBBC3042F45F8AD62D9FA9CAB4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0298
Signing time:             Sun 08 Jun 2025 20:01:11 +0000
Manifest this update:     Sun 08 Jun 2025 20:01:11 +0000
Manifest next update:     Mon 09 Jun 2025 20:01:11 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: LEYF7Y36ip/BAawiN2rK6yoRmQxg6j/LqhGHgdDH+CE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:fb:bb:c3:04:2f:45:f8:ad:62:d9:fa:9c:ab:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Jun  8 20:01:11 2025 GMT
            Not After : Jun  9 20:01:11 2025 GMT
        Subject: CN=f24138b553042c0dce6977d4d8257bc7a83cfde1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:6c:37:3c:8f:82:36:8d:8b:f4:3f:e1:66:f7:
                    79:4e:5b:70:c4:6c:23:34:f7:11:43:1a:ca:93:1f:
                    fb:c1:5e:80:fe:52:af:e3:68:e7:6d:d3:b1:5d:dd:
                    33:ad:50:95:c3:ab:7f:91:64:53:b6:b9:7c:42:16:
                    05:53:ba:17:26:b5:81:ab:65:80:be:62:c9:c4:8e:
                    4e:0e:40:a4:8c:3b:1b:19:a1:da:a7:fe:72:0c:eb:
                    77:95:01:f4:b6:82:4f:f4:f3:1e:00:eb:65:f7:8f:
                    3e:a2:28:c8:8b:b4:8d:c4:e4:61:17:cf:73:72:60:
                    fd:30:57:c7:5b:fb:2d:36:fc:9d:b5:05:93:8d:b3:
                    10:a5:7e:57:99:be:4f:63:5f:21:86:c8:e3:65:2f:
                    09:b0:06:e9:98:11:de:2c:79:a3:fe:8b:e6:82:0d:
                    8e:4f:77:83:b5:a4:45:11:7b:24:c2:6e:f9:33:ef:
                    08:c2:67:61:b0:93:83:03:d8:a7:80:05:d8:1d:d9:
                    81:01:36:19:9f:4d:17:e1:15:56:ad:60:46:c8:84:
                    66:dd:ab:66:95:17:39:64:44:9a:69:0b:64:5f:c9:
                    f0:08:ca:1b:5a:f1:50:cf:54:65:d1:7f:e4:05:ee:
                    76:69:a3:e4:65:60:84:3d:b4:be:a9:83:89:91:2f:
                    28:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:41:38:B5:53:04:2C:0D:CE:69:77:D4:D8:25:7B:C7:A8:3C:FD:E1
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:a7:64:07:d2:51:2d:68:68:1e:2f:7b:38:c2:1b:76:e8:c6:
         ed:a6:bd:1f:2b:a8:45:96:8f:f1:51:79:f1:64:e3:e0:45:0d:
         e8:08:b8:67:e5:06:ca:31:1a:d5:9b:72:f5:fc:42:3b:b1:4b:
         91:b1:7b:fd:fd:bc:d4:90:78:1c:89:b5:b9:2b:be:47:a6:43:
         d0:19:c2:d6:ae:88:d4:52:1b:7a:66:f4:87:3f:21:31:95:d1:
         9e:6e:da:de:bf:f4:89:4e:cb:b9:bd:00:d3:d3:b8:87:54:af:
         14:d3:23:4d:5b:26:c2:e5:d4:20:0f:52:50:ae:b2:2b:09:2d:
         70:a3:f5:82:45:05:b6:46:32:3f:23:43:53:f0:42:c9:8b:43:
         c3:dd:03:fa:5a:18:36:86:ea:64:0e:0d:fa:32:db:0b:a2:1f:
         fa:13:32:2f:56:13:8e:a1:a9:71:0b:3b:45:17:02:7f:a1:ff:
         8a:65:cc:34:29:2f:ed:39:9d:23:c5:52:4d:b8:f1:43:b5:7c:
         aa:19:7c:12:78:65:85:f2:ef:40:d0:f8:db:c7:ac:f9:cd:63:
         0c:3e:76:71:29:7b:8b:34:e9:40:be:2e:8a:16:72:ef:dc:59:
         58:fc:11:be:68:59:7e:33:54:74:a3:55:d5:4b:df:11:f2:b5:
         91:a0:3e:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIfu7wwQvRfitYtn6nKtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjUwNjA4MjAwMTExWhcNMjUwNjA5MjAwMTExWjAzMTEwLwYDVQQD
EyhmMjQxMzhiNTUzMDQyYzBkY2U2OTc3ZDRkODI1N2JjN2E4M2NmZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72w3PI+CNo2L9D/hZvd5TltwxGwj
NPcRQxrKkx/7wV6A/lKv42jnbdOxXd0zrVCVw6t/kWRTtrl8QhYFU7oXJrWBq2WA
vmLJxI5ODkCkjDsbGaHap/5yDOt3lQH0toJP9PMeAOtl948+oijIi7SNxORhF89z
cmD9MFfHW/stNvydtQWTjbMQpX5Xmb5PY18hhsjjZS8JsAbpmBHeLHmj/ovmgg2O
T3eDtaRFEXskwm75M+8IwmdhsJODA9ingAXYHdmBATYZn00X4RVWrWBGyIRm3atm
lRc5ZESaaQtkX8nwCMobWvFQz1Rl0X/kBe52aaPkZWCEPbS+qYOJkS8o4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJBOLVTBCwNzml31Ngle8eoPP3hMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6dkB9JR
LWhoHi97OMIbdujG7aa9HyuoRZaP8VF58WTj4EUN6Ai4Z+UGyjEa1Zty9fxCO7FL
kbF7/f281JB4HIm1uSu+R6ZD0BnC1q6I1FIbemb0hz8hMZXRnm7a3r/0iU7Lub0A
09O4h1SvFNMjTVsmwuXUIA9SUK6yKwktcKP1gkUFtkYyPyNDU/BCyYtDw90D+loY
NobqZA4N+jLbC6If+hMyL1YTjqGpcQs7RRcCf6H/imXMNCkv7TmdI8VSTbjxQ7V8
qhl8EnhlhfLvQND428es+c1jDD52cSl7izTpQL4uihZy79xZWPwRvmhZfjNUdKNV
1UvfEfK1kaA+3A==
-----END CERTIFICATE-----