Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          eRylgLkmT2r5/oAQ8e4eO4ZJOjFWkMjNz+xmd9Hch+s=
Subject key identifier:   E6:87:CB:11:E6:D7:2A:30:69:9F:3C:63:98:07:82:DE:B9:A8:18:92
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0197488BEA1EA341AB997667CA059EC0127B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          07A5
Signing time:             Sat 07 Jun 2025 04:00:18 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:18 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:18 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: x33sMc9erLVp8J9HluUDRBQpHBIncmI9BYmVBuRxO8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8b:ea:1e:a3:41:ab:99:76:67:ca:05:9e:c0:12:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Jun  7 04:00:18 2025 GMT
            Not After : Jun  8 04:00:18 2025 GMT
        Subject: CN=e687cb11e6d72a30699f3c63980782deb9a81892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7c:fb:46:88:24:68:67:2b:60:10:9e:26:4a:
                    53:a1:14:b0:05:a2:0f:0b:95:e7:ad:22:03:b1:88:
                    43:a7:e1:a1:05:8b:70:10:99:0c:89:6a:ff:66:37:
                    1e:b1:32:ee:4b:2c:ed:49:ca:f1:53:b1:50:63:68:
                    4f:f5:49:a1:be:78:2c:4a:61:a8:85:30:e5:02:1a:
                    33:f0:d5:c3:88:73:fa:b9:38:7e:a9:dd:68:6b:7f:
                    f3:67:81:75:3d:55:88:2f:e8:54:af:46:39:64:b0:
                    04:41:3c:c3:95:67:34:c4:1c:15:e9:8f:34:fc:f4:
                    73:06:f7:3b:28:f1:bb:47:d3:a5:cc:9f:39:d0:fb:
                    38:17:82:e4:5c:bd:18:af:b2:f3:0f:e8:3a:3a:fa:
                    e1:ca:73:34:d1:56:75:8d:74:45:d5:b2:c4:98:5b:
                    0f:94:80:56:bb:6f:00:27:03:21:9e:b8:bf:e8:78:
                    a1:06:1c:2e:ca:7b:b1:9e:e2:40:25:64:39:d4:2f:
                    37:72:e0:88:e4:1b:1f:e8:b9:db:db:49:81:7b:d2:
                    c0:c8:93:72:de:2c:73:11:1a:c4:b7:64:7f:db:2b:
                    00:29:3b:74:35:b7:b0:e5:b9:e9:a6:5d:c0:f2:1f:
                    e6:50:6d:d9:5b:a0:77:fc:c5:1f:fa:98:fd:47:d3:
                    ed:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:87:CB:11:E6:D7:2A:30:69:9F:3C:63:98:07:82:DE:B9:A8:18:92
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:22:28:6c:90:8c:20:ed:38:9a:be:32:65:29:64:59:a3:25:
         bb:0d:40:2c:9d:80:89:7f:dd:46:a8:b4:05:08:83:71:a6:f6:
         c9:9f:0e:43:72:ce:19:6c:a6:ea:eb:b9:33:24:5b:60:51:fd:
         4d:76:02:7a:ba:7b:2c:cd:94:77:61:06:ad:15:e3:a9:09:0c:
         7d:e2:72:a8:cf:8f:89:ec:8d:ae:4a:1e:3a:d2:47:82:17:6e:
         8c:49:9e:ae:27:8e:8a:9a:39:0c:3e:cb:73:ed:a2:65:cb:af:
         0c:df:1b:b2:ca:10:9f:b0:f8:33:8e:cf:2d:4a:9e:6f:27:26:
         3c:b5:ac:f4:1a:4e:5c:ab:3c:fc:b0:11:89:43:e6:bb:ee:b7:
         6c:ae:3a:b6:b2:f9:92:c4:f0:6d:de:a4:5b:4f:a6:d9:55:d8:
         fd:4e:0f:b3:d1:ee:ae:9d:86:2b:7c:00:a9:20:eb:94:f7:4b:
         cd:d2:be:d0:6b:4c:a6:21:68:54:e2:cf:71:99:67:00:39:30:
         ca:0b:8b:20:dd:fc:d7:2d:0d:93:3f:5b:50:44:9b:0a:15:ee:
         88:62:01:e9:e8:d1:be:30:e1:ec:ad:70:24:2c:b0:98:61:f5:
         ce:ec:d0:d8:f4:af:3b:96:db:0e:ab:07:ba:11:25:06:8c:19:
         0a:bd:c1:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIi+oeo0GrmXZnygWewBJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwNjA3MDQwMDE4WhcNMjUwNjA4MDQwMDE4WjAzMTEwLwYDVQQD
EyhlNjg3Y2IxMWU2ZDcyYTMwNjk5ZjNjNjM5ODA3ODJkZWI5YTgxODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXz7RogkaGcrYBCeJkpToRSwBaIP
C5XnrSIDsYhDp+GhBYtwEJkMiWr/ZjcesTLuSyztScrxU7FQY2hP9UmhvngsSmGo
hTDlAhoz8NXDiHP6uTh+qd1oa3/zZ4F1PVWIL+hUr0Y5ZLAEQTzDlWc0xBwV6Y80
/PRzBvc7KPG7R9OlzJ850Ps4F4LkXL0Yr7LzD+g6OvrhynM00VZ1jXRF1bLEmFsP
lIBWu28AJwMhnri/6HihBhwuynuxnuJAJWQ51C83cuCI5Bsf6Lnb20mBe9LAyJNy
3ixzERrEt2R/2ysAKTt0Nbew5bnppl3A8h/mUG3ZW6B3/MUf+pj9R9PtTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaHyxHm1yowaZ88Y5gHgt65qBiSMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyIobJCM
IO04mr4yZSlkWaMluw1ALJ2AiX/dRqi0BQiDcab2yZ8OQ3LOGWym6uu5MyRbYFH9
TXYCerp7LM2Ud2EGrRXjqQkMfeJyqM+PieyNrkoeOtJHghdujEmerieOipo5DD7L
c+2iZcuvDN8bssoQn7D4M47PLUqebycmPLWs9BpOXKs8/LARiUPmu+63bK46trL5
ksTwbd6kW0+m2VXY/U4Ps9Hurp2GK3wAqSDrlPdLzdK+0GtMpiFoVOLPcZlnADkw
yguLIN381y0Nkz9bUESbChXuiGIB6ejRvjDh7K1wJCywmGH1zuzQ2PSvO5bbDqsH
uhElBowZCr3BAw==
-----END CERTIFICATE-----