Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          4x6FUTO7/TliL2XEWeT00XYr/Gwd0QgASETDlH+1llQ=
Subject key identifier:   F6:8E:3D:CE:5C:CD:98:31:A0:9E:9E:3B:03:75:EC:49:10:7C:CC:9C
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       0199239EFE949A3FEF2B41E40E4C72093BA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0F32
Signing time:             Sun 07 Sep 2025 10:00:46 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:46 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:46 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: FNmHnvW3D0iff7DckH8WAv9cfH2kZgAJFA+1uVwKCSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:fe:94:9a:3f:ef:2b:41:e4:0e:4c:72:09:3b:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Sep  7 10:00:46 2025 GMT
            Not After : Sep  8 10:00:46 2025 GMT
        Subject: CN=f68e3dce5ccd9831a09e9e3b0375ec49107ccc9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ca:0e:78:4f:30:c7:02:72:dd:79:15:e3:27:
                    a1:35:f1:6d:6a:b4:01:da:66:e4:ac:fc:a7:98:ce:
                    a4:9c:61:e3:8a:25:c4:c8:a9:86:0c:f8:07:f3:ed:
                    bc:34:46:8e:7b:5d:4d:e3:b7:9c:ea:7b:1b:93:cd:
                    e2:eb:4d:e2:a1:22:cf:5a:51:49:b4:2c:65:f1:b3:
                    6b:55:06:c5:a5:76:11:23:94:61:c5:09:17:2b:24:
                    30:9c:ec:9e:37:4b:e7:16:14:61:08:59:55:4d:db:
                    3e:71:4c:66:e9:31:f7:8d:b9:7c:0d:f5:b4:32:a9:
                    ce:95:25:ed:52:2b:2a:4a:04:cb:38:c6:fa:a0:4c:
                    d1:5b:57:9a:f4:e8:7c:e1:b3:51:07:16:52:46:a0:
                    87:d5:cd:fc:52:6b:a0:c2:dc:db:ab:02:c1:c3:aa:
                    58:d1:bb:4e:42:e0:b9:0d:0b:17:0d:c0:d1:3c:7d:
                    94:02:5f:22:61:7e:6b:1d:49:74:b4:7a:9f:82:c6:
                    8f:28:51:c0:d1:2e:6a:5b:40:01:4c:a7:46:4e:e2:
                    ef:e9:c4:1c:fd:c3:68:dd:b5:9a:38:55:84:ed:db:
                    54:67:0e:0b:51:35:42:d5:94:5c:ab:a1:02:dd:fc:
                    34:bc:83:eb:69:f6:08:84:b1:69:26:45:6c:f3:94:
                    2b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:8E:3D:CE:5C:CD:98:31:A0:9E:9E:3B:03:75:EC:49:10:7C:CC:9C
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:a5:f3:c2:18:2f:bb:75:ff:52:05:a0:58:82:4a:77:11:14:
         e2:0b:83:02:bf:41:a4:13:a4:cb:4b:86:39:70:9b:37:9c:13:
         b8:57:dd:54:10:a9:6e:c0:56:36:6e:b0:f7:0b:df:b8:3d:1d:
         84:4f:a4:7d:1d:66:b3:72:3f:b7:1d:03:8e:12:d6:b7:f4:7b:
         b6:b7:21:fc:f5:5c:5b:8b:fd:fb:08:b2:6e:96:c0:15:dd:60:
         c0:11:73:40:10:ee:89:1c:46:8d:62:52:4d:3b:46:fa:74:7c:
         81:90:d2:f4:92:e7:ba:5c:38:ef:8a:f1:98:8a:22:8b:26:69:
         d8:9e:a8:11:c4:77:63:3d:29:1f:a8:26:4f:02:62:09:28:03:
         9d:60:aa:bf:af:59:ac:4a:cf:1c:0f:74:76:44:b0:95:4f:8c:
         90:38:05:60:cd:da:43:9e:5d:3d:dc:8b:5e:fc:a4:dc:e3:9b:
         6f:de:18:a4:7d:3d:43:0d:cb:61:d6:81:3c:e1:e4:e8:0c:c3:
         e5:82:a6:b2:a6:93:7d:aa:4f:21:57:44:05:6a:e7:07:5a:fd:
         06:ba:3f:07:3b:53:f1:10:ce:b1:38:a0:94:3d:74:50:14:c6:
         02:ec:05:a1:01:63:19:f9:d4:7d:c7:f5:f0:c8:d3:48:29:30:
         b2:50:8b:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnv6Umj/vK0HkDkxyCTupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwOTA3MTAwMDQ2WhcNMjUwOTA4MTAwMDQ2WjAzMTEwLwYDVQQD
EyhmNjhlM2RjZTVjY2Q5ODMxYTA5ZTllM2IwMzc1ZWM0OTEwN2NjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8oOeE8wxwJy3XkV4yehNfFtarQB
2mbkrPynmM6knGHjiiXEyKmGDPgH8+28NEaOe11N47ec6nsbk83i603ioSLPWlFJ
tCxl8bNrVQbFpXYRI5RhxQkXKyQwnOyeN0vnFhRhCFlVTds+cUxm6TH3jbl8DfW0
MqnOlSXtUisqSgTLOMb6oEzRW1ea9Oh84bNRBxZSRqCH1c38UmugwtzbqwLBw6pY
0btOQuC5DQsXDcDRPH2UAl8iYX5rHUl0tHqfgsaPKFHA0S5qW0ABTKdGTuLv6cQc
/cNo3bWaOFWE7dtUZw4LUTVC1ZRcq6EC3fw0vIPrafYIhLFpJkVs85QrmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaOPc5czZgxoJ6eOwN17EkQfMycMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaXzwhgv
u3X/UgWgWIJKdxEU4guDAr9BpBOky0uGOXCbN5wTuFfdVBCpbsBWNm6w9wvfuD0d
hE+kfR1ms3I/tx0DjhLWt/R7trch/PVcW4v9+wiybpbAFd1gwBFzQBDuiRxGjWJS
TTtG+nR8gZDS9JLnulw474rxmIoiiyZp2J6oEcR3Yz0pH6gmTwJiCSgDnWCqv69Z
rErPHA90dkSwlU+MkDgFYM3aQ55dPdyLXvyk3OObb94YpH09Qw3LYdaBPOHk6AzD
5YKmsqaTfapPIVdEBWrnB1r9Bro/BztT8RDOsTiglD10UBTGAuwFoQFjGfnUfcf1
8MjTSCkwslCLvg==
-----END CERTIFICATE-----