Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
File:                     l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft (raw, json)
Hash identifier:          Rb0qfEkkYkudkbm5sDkIUbA6MEHmPOODdqo6pFRNTzs=
Subject key identifier:   98:DF:C6:62:99:64:AF:7E:AB:16:6A:D5:5A:D1:46:82:24:02:D0:2F
Authority key identifier: 97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF
Certificate issuer:       /CN=97b6cb48841ce519b28359caf1bce340e33681ef
Certificate serial:       01984A41A28C5BD34BB1419D64B85C965E12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
Manifest number:          07AC
Signing time:             Sun 27 Jul 2025 05:01:11 +0000
Manifest this update:     Sun 27 Jul 2025 05:01:11 +0000
Manifest next update:     Mon 28 Jul 2025 05:01:11 +0000
Files and hashes:         1: l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl (hash: ySB1qiOcf54NfrtLC6WlTjJy1QyFFUvWc8sWzK81R2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:41:a2:8c:5b:d3:4b:b1:41:9d:64:b8:5c:96:5e:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97b6cb48841ce519b28359caf1bce340e33681ef
        Validity
            Not Before: Jul 27 05:01:11 2025 GMT
            Not After : Jul 28 05:01:11 2025 GMT
        Subject: CN=98dfc6629964af7eab166ad55ad146822402d02f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:33:c8:66:38:1d:3c:1e:1c:ee:37:77:da:dc:
                    df:84:ee:53:d8:c6:32:99:a2:6d:5d:8b:c8:10:5b:
                    73:9a:33:4f:3d:10:b8:e6:34:8f:7b:46:52:60:ff:
                    ce:3d:bd:77:8b:37:a5:7e:98:c7:04:ae:8f:49:d2:
                    7b:d3:d8:a4:5c:e8:1f:62:85:79:de:7c:31:2e:27:
                    0a:47:76:ed:fd:ce:62:80:94:da:39:14:f4:2d:dd:
                    f1:a0:28:92:2b:e8:73:9a:32:30:36:f4:09:19:74:
                    59:db:61:e6:8d:b5:9e:f1:eb:35:c0:6f:d6:3d:76:
                    92:51:b1:5f:85:a5:7e:9f:37:63:86:35:b7:03:28:
                    0a:f8:91:53:a5:3a:be:35:cd:8f:00:9e:ad:19:67:
                    9e:e4:93:1e:f7:05:60:cb:4d:d6:cd:7e:b5:59:4b:
                    ab:1a:13:4e:d7:73:62:10:35:1c:e9:91:f5:56:ce:
                    1d:d8:69:68:5a:a6:94:6b:7b:2b:46:37:2e:d2:ff:
                    ff:d9:db:df:8c:4c:ac:1d:bb:89:b4:8e:18:34:f8:
                    05:da:d1:c4:cb:b4:9e:fe:f5:8a:a4:93:78:cb:65:
                    a7:b8:5f:69:a0:15:c9:91:f8:c9:eb:83:fa:8a:e8:
                    5f:f5:c4:a0:98:ad:81:7a:dc:d4:46:d1:09:ab:65:
                    c3:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:DF:C6:62:99:64:AF:7E:AB:16:6A:D5:5A:D1:46:82:24:02:D0:2F
            X509v3 Authority Key Identifier:
                keyid:97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:b0:21:2f:4f:2e:8c:d1:05:8d:49:f1:92:7e:5e:a9:f5:5f:
         ca:4f:0f:00:ef:23:20:a3:df:d2:6c:66:0c:e4:bb:38:52:48:
         8a:d7:eb:80:88:32:6a:95:be:6d:9d:cf:d1:32:3d:4c:59:d2:
         18:9f:fc:09:d3:52:e3:9f:5a:04:37:0b:1b:bf:63:c1:3c:16:
         37:09:7a:3f:69:2f:c1:4e:d6:da:a5:06:fb:9f:cc:02:65:4a:
         0a:45:7b:03:ae:bb:f4:c2:ae:89:ec:43:56:e3:ea:4e:1e:92:
         74:25:55:34:b4:51:33:c5:a6:fe:fc:69:0b:79:84:72:b6:e0:
         a7:f5:6b:24:e2:b7:30:09:db:09:8d:0d:ed:01:ac:97:8b:01:
         92:13:b5:41:fe:e6:9a:a2:f6:94:6f:23:50:87:3b:8d:7e:1a:
         37:0c:8c:8c:ef:6b:77:c5:ee:ba:71:bb:07:fd:4e:bb:91:bc:
         dc:cb:94:19:c1:d7:c8:5a:ad:34:6f:71:5f:64:86:7a:59:01:
         a4:05:e4:76:e8:c5:4f:a2:6b:57:39:af:9d:85:25:36:85:19:
         8a:ab:f8:1c:bf:b2:6c:70:41:b8:44:dd:be:8c:73:b2:03:9d:
         8c:08:19:37:68:a4:88:34:7c:83:ec:0a:26:0c:04:5f:b7:b1:
         b1:ab:12:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKQaKMW9NLsUGdZLhcll4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YjZjYjQ4ODQxY2U1MTliMjgzNTljYWYxYmNlMzQwZTMz
NjgxZWYwHhcNMjUwNzI3MDUwMTExWhcNMjUwNzI4MDUwMTExWjAzMTEwLwYDVQQD
Eyg5OGRmYzY2Mjk5NjRhZjdlYWIxNjZhZDU1YWQxNDY4MjI0MDJkMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TPIZjgdPB4c7jd32tzfhO5T2MYy
maJtXYvIEFtzmjNPPRC45jSPe0ZSYP/OPb13izelfpjHBK6PSdJ709ikXOgfYoV5
3nwxLicKR3bt/c5igJTaORT0Ld3xoCiSK+hzmjIwNvQJGXRZ22HmjbWe8es1wG/W
PXaSUbFfhaV+nzdjhjW3AygK+JFTpTq+Nc2PAJ6tGWee5JMe9wVgy03WzX61WUur
GhNO13NiEDUc6ZH1Vs4d2GloWqaUa3srRjcu0v//2dvfjEysHbuJtI4YNPgF2tHE
y7Se/vWKpJN4y2WnuF9poBXJkfjJ64P6iuhf9cSgmK2BetzURtEJq2XDEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjfxmKZZK9+qxZq1VrRRoIkAtAvMB8GA1UdIwQY
MBaAFJe2y0iEHOUZsoNZyvG840DjNoHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMt
NDZlYTY1NmJmMzg5LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMtNDZlYTY1NmJmMzg5
LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQrAhL08u
jNEFjUnxkn5eqfVfyk8PAO8jIKPf0mxmDOS7OFJIitfrgIgyapW+bZ3P0TI9TFnS
GJ/8CdNS459aBDcLG79jwTwWNwl6P2kvwU7W2qUG+5/MAmVKCkV7A6679MKuiexD
VuPqTh6SdCVVNLRRM8Wm/vxpC3mEcrbgp/VrJOK3MAnbCY0N7QGsl4sBkhO1Qf7m
mqL2lG8jUIc7jX4aNwyMjO9rd8XuunG7B/1Ou5G83MuUGcHXyFqtNG9xX2SGelkB
pAXkdujFT6JrVzmvnYUlNoUZiqv4HL+ybHBBuETdvoxzsgOdjAgZN2ikiDR8g+wK
JgwEX7exsasSbg==
-----END CERTIFICATE-----