Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          +qqi7N7KQdykqlvTRaiFbD0aLvIHWFJ0Xxmhb3RPqGs=
Subject key identifier:   27:A7:F0:C1:51:03:F2:33:5C:30:61:DA:C3:9F:CB:82:5F:E7:B6:5D
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       0197CD28752016B33E21FD9B422B2E4148E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          106C
Signing time:             Wed 02 Jul 2025 22:01:10 +0000
Manifest this update:     Wed 02 Jul 2025 22:01:10 +0000
Manifest next update:     Thu 03 Jul 2025 22:01:10 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: KkCrIdsZ1e9g8HYziRY6yjEr8UjCw3Ga5fNlGHDyDBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 20:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cd:28:75:20:16:b3:3e:21:fd:9b:42:2b:2e:41:48:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: Jul  2 22:01:10 2025 GMT
            Not After : Jul  3 22:01:10 2025 GMT
        Subject: CN=27a7f0c15103f2335c3061dac39fcb825fe7b65d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:80:eb:4d:81:64:ac:7e:2f:d8:11:ff:cc:28:
                    e0:2e:3e:ff:ab:0f:15:6c:7b:83:d7:16:2b:4d:d3:
                    38:42:27:e0:56:f6:9f:42:ef:d9:60:1b:f1:9d:d1:
                    0f:62:76:ff:05:d4:c3:43:c1:49:44:85:25:42:0f:
                    7d:77:4a:f7:70:be:bb:8f:20:72:70:ea:2c:d0:67:
                    bd:16:f4:56:22:9a:a6:8c:cf:34:78:ec:58:f6:b2:
                    d1:5b:a4:5c:72:96:ce:ee:ca:75:9f:72:31:3a:39:
                    5d:48:ab:d9:d3:b1:7a:65:41:9b:78:b0:57:22:1f:
                    c7:85:09:be:7b:22:46:5e:3c:ee:d0:9f:49:ec:5d:
                    0b:eb:25:65:6d:35:cd:43:18:04:ef:13:39:aa:df:
                    95:02:3f:0e:7e:ee:f1:c7:50:1b:1e:d5:9e:49:70:
                    40:c5:29:35:1c:6a:52:78:c4:67:1e:ca:db:0e:34:
                    af:95:23:af:4b:d2:9b:4f:bf:32:1c:4c:a4:0c:a2:
                    7b:a6:27:15:2e:8b:61:0a:f0:3e:d0:86:bc:64:7d:
                    db:b0:cc:8e:ee:aa:c5:0c:ae:b4:0d:e1:a3:b7:2b:
                    64:df:89:c6:64:70:20:b0:10:be:13:e6:ff:df:b6:
                    91:da:40:b0:5f:e4:19:a1:9b:9c:12:d4:dd:f4:e2:
                    85:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A7:F0:C1:51:03:F2:33:5C:30:61:DA:C3:9F:CB:82:5F:E7:B6:5D
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:62:62:65:8f:6f:81:e5:a0:66:b4:fe:d9:8a:04:17:73:fa:
         d6:e1:33:f6:36:1e:de:08:ec:d1:86:8f:8e:51:12:f0:d3:f5:
         dc:94:ae:56:51:11:4c:d0:bb:e7:02:d8:3e:98:4c:a0:c8:9a:
         c4:28:f4:de:5d:0c:c0:9a:aa:fa:b3:cd:2b:6b:d3:02:36:d4:
         7c:b9:3c:5d:4b:d9:b1:94:a8:2b:86:82:4e:5c:8e:ad:2b:32:
         ba:23:a7:a3:87:94:a0:79:99:c2:a3:71:1a:f8:32:f2:28:f4:
         de:8f:bf:24:db:75:a7:52:03:b5:cc:20:7b:56:cd:c2:2f:1f:
         40:fa:f5:40:91:ad:4b:6d:85:17:c9:d9:d0:9a:90:fe:21:4a:
         5e:62:60:6a:56:33:b6:c1:b6:61:ed:c6:e5:d8:82:fa:bc:cb:
         66:2c:5f:7e:53:27:83:4e:73:0e:8b:3a:34:29:7b:45:09:bb:
         be:31:e1:9c:f7:3e:94:e9:9f:c6:ed:26:d3:4b:1b:ee:cd:8a:
         48:3b:7a:db:0f:c1:67:53:2c:80:45:c3:4d:a4:f5:37:28:75:
         62:bb:09:af:a1:d9:07:45:f6:bd:cc:02:21:e6:a9:93:ed:8c:
         bf:29:55:ce:ac:09:db:35:3d:7f:be:d8:9f:c7:11:b2:16:c6:
         b5:8f:3d:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfNKHUgFrM+If2bQisuQUjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjUwNzAyMjIwMTEwWhcNMjUwNzAzMjIwMTEwWjAzMTEwLwYDVQQD
EygyN2E3ZjBjMTUxMDNmMjMzNWMzMDYxZGFjMzlmY2I4MjVmZTdiNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oDrTYFkrH4v2BH/zCjgLj7/qw8V
bHuD1xYrTdM4QifgVvafQu/ZYBvxndEPYnb/BdTDQ8FJRIUlQg99d0r3cL67jyBy
cOos0Ge9FvRWIpqmjM80eOxY9rLRW6RccpbO7sp1n3IxOjldSKvZ07F6ZUGbeLBX
Ih/HhQm+eyJGXjzu0J9J7F0L6yVlbTXNQxgE7xM5qt+VAj8Ofu7xx1AbHtWeSXBA
xSk1HGpSeMRnHsrbDjSvlSOvS9KbT78yHEykDKJ7picVLothCvA+0Ia8ZH3bsMyO
7qrFDK60DeGjtytk34nGZHAgsBC+E+b/37aR2kCwX+QZoZucEtTd9OKFQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCen8MFRA/IzXDBh2sOfy4Jf57ZdMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2JiZY9v
geWgZrT+2YoEF3P61uEz9jYe3gjs0YaPjlES8NP13JSuVlERTNC75wLYPphMoMia
xCj03l0MwJqq+rPNK2vTAjbUfLk8XUvZsZSoK4aCTlyOrSsyuiOno4eUoHmZwqNx
Gvgy8ij03o+/JNt1p1IDtcwge1bNwi8fQPr1QJGtS22FF8nZ0JqQ/iFKXmJgalYz
tsG2Ye3G5diC+rzLZixfflMng05zDos6NCl7RQm7vjHhnPc+lOmfxu0m00sb7s2K
SDt62w/BZ1MsgEXDTaT1Nyh1YrsJr6HZB0X2vcwCIeapk+2MvylVzqwJ2zU9f77Y
n8cRshbGtY89PA==
-----END CERTIFICATE-----