Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          0T/maUSyk+sqnFW/YCBURHYkTIZdqAEdOCBdXlvG4PU=
Subject key identifier:   7E:D5:44:CE:19:95:F8:B2:B1:17:B0:E7:A8:5B:F0:2F:5B:58:24:A5
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       01974A7AFFF59A67F6AF8A6C2EAB97978A15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0E3D
Signing time:             Sat 07 Jun 2025 13:01:04 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:04 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:04 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: RzoAh4khqlbr3dqRzEPAjMrWs/ylOOlmRhGf8sW2J/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:ff:f5:9a:67:f6:af:8a:6c:2e:ab:97:97:8a:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Jun  7 13:01:04 2025 GMT
            Not After : Jun  8 13:01:04 2025 GMT
        Subject: CN=7ed544ce1995f8b2b117b0e7a85bf02f5b5824a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ed:74:d0:57:17:81:c9:15:d2:41:fa:e3:2e:
                    44:ad:a4:20:87:1f:f9:2d:04:d8:65:91:c3:bb:f0:
                    39:03:f6:a5:71:a3:91:82:4c:d4:95:9b:91:11:1c:
                    bc:8b:89:38:39:f9:2a:54:d1:7c:aa:63:dd:c9:7f:
                    4c:85:0a:0f:b7:58:6c:c5:09:a5:5d:f9:ae:99:97:
                    81:64:b8:50:4a:69:30:f9:db:f9:19:10:d0:26:10:
                    fc:80:f1:7d:15:5e:79:58:fb:a6:6b:a7:48:0a:e4:
                    56:e6:be:f0:1b:88:06:d2:12:24:34:9d:ba:32:51:
                    fc:ba:19:12:f3:e9:79:53:c8:eb:8b:ca:8c:2c:a0:
                    1c:a7:f2:c0:62:86:3c:63:39:d1:8a:14:11:7a:27:
                    68:86:bc:3f:3c:1c:ea:08:3a:0a:75:82:ca:9a:24:
                    14:b2:e2:df:ea:a5:73:c1:d5:56:17:28:cf:7c:87:
                    e3:5f:a1:cd:f5:47:91:6d:05:4f:d4:39:63:be:02:
                    38:52:09:d7:5b:4a:d4:ff:0e:b2:fe:75:a1:a5:d8:
                    97:2b:f1:a1:2e:37:30:87:e3:b1:29:c5:f5:ef:b8:
                    06:74:9f:fa:01:f4:2e:32:c2:6d:d4:74:63:05:66:
                    73:09:c4:f4:54:a6:f6:eb:76:17:21:90:7d:22:6e:
                    4d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:D5:44:CE:19:95:F8:B2:B1:17:B0:E7:A8:5B:F0:2F:5B:58:24:A5
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:59:2a:e8:28:2b:5c:8b:96:9c:8b:ce:f8:0a:95:0c:6a:9d:
         8f:9b:11:b4:74:6b:c2:16:ba:5f:98:bb:22:e9:0e:50:c7:d4:
         9b:11:c7:8c:2c:d2:53:80:bc:33:6e:0f:3a:b7:e9:1a:db:d6:
         87:5d:1c:7f:b5:dd:a5:57:31:b1:ed:1c:78:ea:65:f5:4e:e4:
         f6:b9:8e:06:62:cb:ba:d2:0c:95:21:e7:14:4c:50:1b:9e:80:
         fb:ba:db:0d:c5:a6:d3:ae:82:c3:a5:3f:6e:38:0a:38:e5:98:
         ca:e0:06:e3:24:b2:48:19:7c:d1:a2:78:97:b2:a6:92:ce:43:
         87:df:07:23:ec:bc:2e:e5:1a:be:99:f5:98:f3:96:12:4f:61:
         7a:0b:0a:fe:bf:44:6a:cc:a5:ab:a2:cb:83:3d:78:6a:fc:67:
         76:4a:e9:57:8c:35:07:a4:97:d3:be:cd:3e:a1:72:de:bb:ee:
         6d:4b:97:32:fe:bc:be:d3:85:e2:4f:b9:18:97:ce:5e:0f:28:
         24:5b:5c:e2:c4:28:3f:82:70:77:d2:ac:a8:fd:d8:5c:9d:fd:
         70:f7:a6:00:bc:08:d7:54:0e:ac:93:7b:fc:19:b9:0e:f7:3e:
         2e:3a:a9:4a:01:c2:3a:42:45:39:c6:f5:d1:3b:f8:0d:a6:ba:
         8b:a4:24:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKev/1mmf2r4psLquXl4oVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwNjA3MTMwMTA0WhcNMjUwNjA4MTMwMTA0WjAzMTEwLwYDVQQD
Eyg3ZWQ1NDRjZTE5OTVmOGIyYjExN2IwZTdhODViZjAyZjViNTgyNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+100FcXgckV0kH64y5EraQghx/5
LQTYZZHDu/A5A/alcaORgkzUlZuRERy8i4k4OfkqVNF8qmPdyX9MhQoPt1hsxQml
XfmumZeBZLhQSmkw+dv5GRDQJhD8gPF9FV55WPuma6dICuRW5r7wG4gG0hIkNJ26
MlH8uhkS8+l5U8jri8qMLKAcp/LAYoY8YznRihQReidohrw/PBzqCDoKdYLKmiQU
suLf6qVzwdVWFyjPfIfjX6HN9UeRbQVP1DljvgI4UgnXW0rU/w6y/nWhpdiXK/Gh
Ljcwh+OxKcX177gGdJ/6AfQuMsJt1HRjBWZzCcT0VKb263YXIZB9Im5NXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7VRM4ZlfiysRew56hb8C9bWCSlMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlkq6Cgr
XIuWnIvO+AqVDGqdj5sRtHRrwha6X5i7IukOUMfUmxHHjCzSU4C8M24POrfpGtvW
h10cf7XdpVcxse0ceOpl9U7k9rmOBmLLutIMlSHnFExQG56A+7rbDcWm066Cw6U/
bjgKOOWYyuAG4ySySBl80aJ4l7Kmks5Dh98HI+y8LuUavpn1mPOWEk9hegsK/r9E
asylq6LLgz14avxndkrpV4w1B6SX077NPqFy3rvubUuXMv68vtOF4k+5GJfOXg8o
JFtc4sQoP4Jwd9KsqP3YXJ39cPemALwI11QOrJN7/Bm5Dvc+LjqpSgHCOkJFOcb1
0Tv4Daa6i6QkZQ==
-----END CERTIFICATE-----