Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          QQsERBxJVW4pqXc5VSEl8n+H64k1MLEPxikMI33EDpg=
Subject key identifier:   14:52:22:4F:4A:26:7B:77:26:BC:D3:E3:BA:45:26:66:CC:80:14:90
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       01974A7AD02ED247370D205FB155B1433208
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0C1F
Signing time:             Sat 07 Jun 2025 13:00:52 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:52 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:52 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: u9tYxmRRXJoVei636rW+W+0sBfMFnYiSSPYwM9QdYFs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:d0:2e:d2:47:37:0d:20:5f:b1:55:b1:43:32:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Jun  7 13:00:52 2025 GMT
            Not After : Jun  8 13:00:52 2025 GMT
        Subject: CN=1452224f4a267b7726bcd3e3ba452666cc801490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:9c:f9:87:aa:cf:6e:08:13:3d:38:9f:9d:56:
                    32:4c:67:89:fa:47:5a:d8:31:54:a8:18:21:45:04:
                    6e:1c:05:a9:e8:74:a6:cd:c4:1a:8b:4a:f1:f4:5c:
                    80:b7:25:71:6f:b0:0d:ae:4f:74:50:e4:c8:8a:85:
                    5b:32:1d:ca:8d:05:fd:f3:58:81:d3:bc:18:b8:52:
                    c8:e2:b7:54:ed:70:bf:25:bd:a0:21:91:d0:1b:64:
                    50:6f:6c:db:d6:80:3c:29:94:d4:cd:a1:6d:3a:8d:
                    fd:0a:a2:fc:f4:6c:12:84:66:4e:4b:0f:76:55:a0:
                    2c:90:2f:87:30:31:92:69:8a:f4:ad:17:88:fc:9a:
                    93:a7:71:ac:7e:6b:7f:b1:1c:b2:94:46:ea:b5:05:
                    08:6c:bf:b4:bd:70:be:a7:57:69:3d:4a:51:09:79:
                    55:86:87:42:bb:4a:b7:e1:b0:67:d8:f5:cd:7d:67:
                    79:8b:01:94:4a:ee:2a:df:88:85:a7:ee:d1:9e:68:
                    5f:d3:95:67:33:37:1e:67:4e:4f:14:9a:02:6c:0b:
                    5c:10:cd:03:7f:37:72:50:29:2f:5f:09:fd:10:45:
                    7b:a7:f1:05:db:74:0d:b2:20:ab:e7:b3:24:21:3e:
                    13:5d:e7:6f:c4:73:5e:ae:1c:a2:3d:08:85:b6:fb:
                    80:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:52:22:4F:4A:26:7B:77:26:BC:D3:E3:BA:45:26:66:CC:80:14:90
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:88:42:77:d6:d7:c1:ca:1a:d2:b8:64:80:b5:20:0d:f2:e2:
         a9:a9:55:e0:6e:f9:7c:19:e9:78:dd:26:fc:96:c0:80:9c:cd:
         69:bb:bc:03:87:fc:40:9d:a6:7b:1f:66:1e:77:d1:72:bc:9f:
         14:77:0b:ec:72:cb:e5:4d:14:19:ef:78:53:e4:2d:f4:6a:54:
         61:33:27:28:be:55:98:b1:26:5c:f9:9e:ba:90:c8:14:4d:f1:
         6f:e8:78:5d:78:66:fd:9c:b2:2d:6a:b9:9b:df:dd:e6:28:f7:
         61:32:ee:14:9b:10:28:1d:6b:c0:d7:5a:99:64:06:d8:af:e8:
         ac:ff:00:fa:69:62:99:47:45:25:19:f3:ee:e3:2c:10:fd:43:
         f4:27:84:e6:10:25:b7:00:c8:a2:7d:5e:1a:f6:35:98:d9:74:
         3d:37:98:ab:bf:6b:44:4a:80:e1:3f:f9:47:8f:89:8b:55:b7:
         df:7f:bf:47:99:d7:8d:8b:e1:14:10:6f:e9:4a:11:76:f0:6e:
         be:24:81:1a:a8:d9:b8:ac:63:11:0d:94:08:6f:67:bb:bd:fd:
         5c:25:0e:26:d8:e6:60:71:e6:3a:c5:11:aa:63:3e:bc:3f:ce:
         b3:a7:81:fd:28:9e:ff:14:e8:8a:80:89:60:4f:1b:60:e9:c9:
         1f:89:11:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKetAu0kc3DSBfsVWxQzIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjUwNjA3MTMwMDUyWhcNMjUwNjA4MTMwMDUyWjAzMTEwLwYDVQQD
EygxNDUyMjI0ZjRhMjY3Yjc3MjZiY2QzZTNiYTQ1MjY2NmNjODAxNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZz5h6rPbggTPTifnVYyTGeJ+kda
2DFUqBghRQRuHAWp6HSmzcQai0rx9FyAtyVxb7ANrk90UOTIioVbMh3KjQX981iB
07wYuFLI4rdU7XC/Jb2gIZHQG2RQb2zb1oA8KZTUzaFtOo39CqL89GwShGZOSw92
VaAskC+HMDGSaYr0rReI/JqTp3Gsfmt/sRyylEbqtQUIbL+0vXC+p1dpPUpRCXlV
hodCu0q34bBn2PXNfWd5iwGUSu4q34iFp+7Rnmhf05VnMzceZ05PFJoCbAtcEM0D
fzdyUCkvXwn9EEV7p/EF23QNsiCr57MkIT4TXedvxHNerhyiPQiFtvuAaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRSIk9KJnt3JrzT47pFJmbMgBSQMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwIhCd9bX
wcoa0rhkgLUgDfLiqalV4G75fBnpeN0m/JbAgJzNabu8A4f8QJ2mex9mHnfRcryf
FHcL7HLL5U0UGe94U+Qt9GpUYTMnKL5VmLEmXPmeupDIFE3xb+h4XXhm/ZyyLWq5
m9/d5ij3YTLuFJsQKB1rwNdamWQG2K/orP8A+mlimUdFJRnz7uMsEP1D9CeE5hAl
twDIon1eGvY1mNl0PTeYq79rREqA4T/5R4+Ji1W333+/R5nXjYvhFBBv6UoRdvBu
viSBGqjZuKxjEQ2UCG9nu739XCUOJtjmYHHmOsURqmM+vD/Os6eB/Sie/xToioCJ
YE8bYOnJH4kRQg==
-----END CERTIFICATE-----