Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          qv6kuwYyij9OZWkQZr8zHCmjH8SoRppBcn50CbbDGFc=
Subject key identifier:   F3:24:72:34:8F:0C:2A:72:7D:1B:2C:91:D2:3E:7A:02:4C:A1:A3:8A
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       0199239F8DCDFFB76F33B2440FC189002AD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0D14
Signing time:             Sun 07 Sep 2025 10:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:23 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: dS+rXGr/Z3aEgWLMZ/rXkomYJ74vkIjdEcNpnPYCUDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:8d:cd:ff:b7:6f:33:b2:44:0f:c1:89:00:2a:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Sep  7 10:01:23 2025 GMT
            Not After : Sep  8 10:01:23 2025 GMT
        Subject: CN=f32472348f0c2a727d1b2c91d23e7a024ca1a38a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d9:e9:fd:2f:6a:95:49:85:6e:00:1e:95:2f:
                    71:fd:3d:75:a1:35:8e:a8:9b:60:f5:4c:16:ab:85:
                    03:bb:e8:ce:3b:05:9f:99:b7:71:11:81:f4:46:e0:
                    44:67:86:cd:57:3e:f3:6e:87:ff:8d:57:e9:40:65:
                    b3:b3:14:f0:8a:49:19:fa:4a:35:2c:48:ef:cb:84:
                    e9:70:61:ad:42:35:61:1e:c4:a2:31:2b:1d:4c:5a:
                    c8:87:95:02:62:8d:8d:d4:05:d8:95:48:1f:13:bf:
                    da:9f:d0:bc:55:5b:8d:74:d0:3c:b7:60:8b:ab:37:
                    8d:6d:98:87:a4:49:ce:b3:7e:34:1f:b4:1c:2b:a7:
                    33:a1:65:65:1a:b0:dc:8e:cd:7f:ad:b7:10:34:67:
                    89:51:56:34:69:db:f2:28:65:bf:ea:03:ca:89:fe:
                    64:dc:a2:9d:05:0c:b5:38:e4:38:af:7e:40:0a:72:
                    c4:74:29:1f:5d:8f:69:ac:bb:35:a6:f9:72:84:82:
                    30:a5:13:a0:2d:10:4d:59:dd:d2:27:18:6a:38:5c:
                    58:0b:ce:4e:f3:53:7e:35:c1:6e:98:32:08:fd:79:
                    a4:34:99:ad:e4:d3:db:e1:59:41:46:e7:fa:c4:97:
                    37:87:49:fc:26:5d:d3:26:8b:d3:f0:04:f4:b1:f5:
                    7a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:24:72:34:8F:0C:2A:72:7D:1B:2C:91:D2:3E:7A:02:4C:A1:A3:8A
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:3a:26:e7:58:86:d0:23:2d:c8:15:65:4f:00:25:87:ae:5c:
         64:e9:98:25:bb:59:e1:89:33:05:e0:b2:ee:d5:83:be:79:b2:
         3f:f0:80:f0:b1:d2:9a:2f:da:4c:b6:90:95:12:6f:3e:a2:5e:
         97:bf:c5:00:32:b3:94:c9:54:a9:63:b5:27:b7:70:02:12:72:
         28:52:a3:c7:05:de:8f:75:ea:22:df:bc:30:3f:29:01:38:50:
         1c:2b:4c:96:48:bc:32:d4:c7:73:3a:28:e5:7c:8b:04:5b:77:
         7c:89:9d:11:c6:00:47:89:cd:74:d3:bf:68:86:a7:40:43:98:
         d4:b0:ec:60:a4:2f:09:97:7b:82:ca:e1:2b:ec:44:d7:53:f8:
         2c:fb:2a:fc:55:43:90:37:fc:5f:ca:06:9e:16:09:7d:5b:3f:
         16:70:23:47:f2:9c:7d:0c:c7:41:1e:32:3b:8d:95:c1:4d:b8:
         be:b9:37:ba:55:fd:fe:d2:55:19:56:01:22:6c:27:72:d6:28:
         55:c0:34:71:d0:aa:24:22:67:5c:eb:8f:9c:eb:93:6d:38:3c:
         f2:cb:72:d0:6b:40:be:c3:22:60:ee:d8:38:3d:40:91:5a:a7:
         c8:58:af:d9:73:61:03:ef:b5:18:38:46:c5:cf:53:0b:02:66:
         d5:42:3d:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn43N/7dvM7JED8GJACrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwOTA3MTAwMTIzWhcNMjUwOTA4MTAwMTIzWjAzMTEwLwYDVQQD
EyhmMzI0NzIzNDhmMGMyYTcyN2QxYjJjOTFkMjNlN2EwMjRjYTFhMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNnp/S9qlUmFbgAelS9x/T11oTWO
qJtg9UwWq4UDu+jOOwWfmbdxEYH0RuBEZ4bNVz7zbof/jVfpQGWzsxTwikkZ+ko1
LEjvy4TpcGGtQjVhHsSiMSsdTFrIh5UCYo2N1AXYlUgfE7/an9C8VVuNdNA8t2CL
qzeNbZiHpEnOs340H7QcK6czoWVlGrDcjs1/rbcQNGeJUVY0advyKGW/6gPKif5k
3KKdBQy1OOQ4r35ACnLEdCkfXY9prLs1pvlyhIIwpROgLRBNWd3SJxhqOFxYC85O
81N+NcFumDII/XmkNJmt5NPb4VlBRuf6xJc3h0n8Jl3TJovT8AT0sfV6qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMkcjSPDCpyfRsskdI+egJMoaOKMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDom51iG
0CMtyBVlTwAlh65cZOmYJbtZ4YkzBeCy7tWDvnmyP/CA8LHSmi/aTLaQlRJvPqJe
l7/FADKzlMlUqWO1J7dwAhJyKFKjxwXej3XqIt+8MD8pAThQHCtMlki8MtTHczoo
5XyLBFt3fImdEcYAR4nNdNO/aIanQEOY1LDsYKQvCZd7gsrhK+xE11P4LPsq/FVD
kDf8X8oGnhYJfVs/FnAjR/KcfQzHQR4yO42VwU24vrk3ulX9/tJVGVYBImwnctYo
VcA0cdCqJCJnXOuPnOuTbTg88sty0GtAvsMiYO7YOD1AkVqnyFiv2XNhA++1GDhG
xc9TCwJm1UI9FA==
-----END CERTIFICATE-----