Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          7qWFxUF06HndmlzGK4gP6Le44fA/s5BPpJQrHvJacCk=
Subject key identifier:   01:BD:A0:A6:AF:B2:E0:73:CA:72:2C:3F:A8:9C:70:82:49:98:A4:26
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       01976FD10FDC4626CFB818266EB5AD6371CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          02F7
Signing time:             Sat 14 Jun 2025 19:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 19:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 19:01:01 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: N3MbaK5QfTO0a3wbqpOyLEQPduGh4eA9St/dy8FcwA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d1:0f:dc:46:26:cf:b8:18:26:6e:b5:ad:63:71:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Jun 14 19:01:01 2025 GMT
            Not After : Jun 15 19:01:01 2025 GMT
        Subject: CN=01bda0a6afb2e073ca722c3fa89c70824998a426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:74:68:31:24:0b:9a:d6:b6:d6:f3:5b:88:02:
                    18:66:9a:df:51:99:c7:fc:fc:19:aa:3d:8e:f8:76:
                    0d:c0:18:79:7d:a2:c3:a8:08:a6:80:00:93:95:7d:
                    5f:da:cd:29:0c:29:74:c2:8e:0a:70:93:1d:0d:52:
                    82:d2:66:3e:e1:1b:4e:d8:52:59:c0:09:27:67:a9:
                    9e:48:60:6d:c7:26:cd:a2:ab:5e:35:93:b6:af:78:
                    35:a7:1a:80:90:e4:47:67:4e:f5:3e:9a:be:ba:79:
                    3d:6a:1d:14:f7:a7:66:c5:1b:47:2a:48:8b:a4:6d:
                    89:f3:9b:70:67:8a:a6:98:5f:29:df:45:95:63:ed:
                    d3:ff:2d:c3:3c:34:4a:0f:69:f2:31:19:c5:4e:9a:
                    a3:61:22:f4:b6:a3:d1:4a:82:7e:30:09:ba:56:09:
                    12:be:b6:12:67:72:17:60:f0:70:4b:a0:b0:89:34:
                    29:a9:ca:92:41:3d:3e:3e:ee:1a:55:e9:b4:97:11:
                    93:56:d3:a1:67:c7:2f:c5:1c:6e:1a:6d:52:b2:a3:
                    0d:52:e5:0a:f5:87:97:64:94:ff:41:fc:2c:68:9e:
                    21:c7:eb:88:fa:ee:27:50:f3:d9:2a:12:5d:bc:a8:
                    f2:12:2e:93:c2:cb:5d:ad:fe:ec:9a:7f:24:77:a4:
                    a7:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:BD:A0:A6:AF:B2:E0:73:CA:72:2C:3F:A8:9C:70:82:49:98:A4:26
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:6a:fa:22:1b:a8:66:de:03:d0:58:f0:6d:4f:63:ae:4b:b4:
         2f:bc:1e:d7:7e:a9:ee:80:2e:49:9f:2d:2c:7d:6c:c3:d9:a5:
         63:28:3d:a2:cb:e6:6a:51:81:d0:6a:91:b3:6d:f1:26:80:f6:
         ed:0f:f6:75:03:5f:2c:13:82:17:6b:c2:27:42:e0:47:95:b7:
         d1:5c:8d:ab:10:d6:35:22:51:cb:b9:43:27:69:23:43:b5:29:
         e4:21:1f:ec:53:99:fe:38:f9:37:99:5c:40:44:d0:17:79:1c:
         9b:08:a0:e0:6c:81:d7:2b:e2:90:6d:0e:db:28:d7:3b:d3:c5:
         2f:fe:d0:a4:a2:50:7d:34:a0:d6:c0:15:d8:90:6d:27:8f:19:
         b4:c0:b5:71:0b:19:88:4c:c2:e7:17:03:b1:75:f0:a3:04:ad:
         5f:d5:87:4f:6b:64:40:25:7e:8c:06:b2:50:5e:a2:29:5f:52:
         e3:5c:36:29:6f:40:51:78:5f:1b:7e:78:e2:f2:7c:6e:0f:86:
         eb:97:a6:19:d1:b6:56:ca:9a:ce:f5:9a:a6:ee:2c:60:eb:29:
         a9:34:06:50:da:d6:61:d0:0d:9a:4d:27:72:8c:c7:50:1d:f8:
         80:6a:1f:23:b8:81:ea:ea:c7:55:4d:74:00:4f:9a:5c:88:80:
         dc:84:de:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0Q/cRibPuBgmbrWtY3HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUwNjE0MTkwMTAxWhcNMjUwNjE1MTkwMTAxWjAzMTEwLwYDVQQD
EygwMWJkYTBhNmFmYjJlMDczY2E3MjJjM2ZhODljNzA4MjQ5OThhNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXRoMSQLmta21vNbiAIYZprfUZnH
/PwZqj2O+HYNwBh5faLDqAimgACTlX1f2s0pDCl0wo4KcJMdDVKC0mY+4RtO2FJZ
wAknZ6meSGBtxybNoqteNZO2r3g1pxqAkORHZ071Ppq+unk9ah0U96dmxRtHKkiL
pG2J85twZ4qmmF8p30WVY+3T/y3DPDRKD2nyMRnFTpqjYSL0tqPRSoJ+MAm6VgkS
vrYSZ3IXYPBwS6CwiTQpqcqSQT0+Pu4aVem0lxGTVtOhZ8cvxRxuGm1SsqMNUuUK
9YeXZJT/QfwsaJ4hx+uI+u4nUPPZKhJdvKjyEi6Twstdrf7smn8kd6SnzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAG9oKavsuBzynIsP6iccIJJmKQmMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGr6Ihuo
Zt4D0FjwbU9jrku0L7we136p7oAuSZ8tLH1sw9mlYyg9osvmalGB0GqRs23xJoD2
7Q/2dQNfLBOCF2vCJ0LgR5W30VyNqxDWNSJRy7lDJ2kjQ7Up5CEf7FOZ/jj5N5lc
QETQF3kcmwig4GyB1yvikG0O2yjXO9PFL/7QpKJQfTSg1sAV2JBtJ48ZtMC1cQsZ
iEzC5xcDsXXwowStX9WHT2tkQCV+jAayUF6iKV9S41w2KW9AUXhfG3544vJ8bg+G
65emGdG2VsqazvWapu4sYOspqTQGUNrWYdANmk0ncozHUB34gGofI7iB6urHVU10
AE+aXIiA3ITeFw==
-----END CERTIFICATE-----