Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
File:                     FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft (raw, json)
Hash identifier:          cSO3WrVzTBVwerMorUTTTUSOSbWM7b3enqKgW7HTFic=
Subject key identifier:   7A:5F:76:78:08:CA:0D:7E:13:B4:1C:40:0E:D2:53:8D:33:C3:01:D0
Authority key identifier: 16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE
Certificate issuer:       /CN=1617d0afeabbf339b06db283c4b8e027a04abcae
Certificate serial:       01974779CE5C4DF748C19F84E09EDBCEA1D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
Manifest number:          032A
Signing time:             Fri 06 Jun 2025 23:00:54 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:54 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:54 +0000
Files and hashes:         1: FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl (hash: dLsAF3QEpoaPDDyZm+CcKQdTQ8Q89qusSlSTuC5tH9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:ce:5c:4d:f7:48:c1:9f:84:e0:9e:db:ce:a1:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1617d0afeabbf339b06db283c4b8e027a04abcae
        Validity
            Not Before: Jun  6 23:00:54 2025 GMT
            Not After : Jun  7 23:00:54 2025 GMT
        Subject: CN=7a5f767808ca0d7e13b41c400ed2538d33c301d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:60:3c:eb:a6:69:98:d7:b5:ec:09:9a:31:a4:
                    87:0b:00:ce:a8:db:29:4e:19:03:4b:e7:67:ba:51:
                    08:dd:6f:2c:5d:b3:ff:dc:d7:b4:e7:0e:6e:e8:66:
                    0d:31:57:24:30:02:ed:31:22:68:d0:3b:91:fe:40:
                    03:4d:e3:fe:35:d4:b7:7e:1c:5a:3a:c1:ff:f1:1a:
                    c9:ee:dd:fb:35:52:e0:5f:5d:b5:0e:4c:2c:cc:af:
                    f6:a2:81:ac:2e:9e:21:b5:40:a8:af:ec:16:94:9e:
                    42:cc:68:54:24:9e:26:0a:36:5d:35:f9:37:8e:15:
                    79:92:da:6b:7b:e8:59:28:63:95:bd:44:85:86:41:
                    83:34:5d:f5:73:2b:8c:05:b4:6d:42:f3:e3:c8:e2:
                    56:eb:ce:3e:02:1a:db:37:52:df:26:41:21:77:6d:
                    e6:30:09:9c:24:4c:f1:18:7c:15:24:67:ec:7f:de:
                    88:21:81:54:7d:2e:0e:24:86:98:87:36:b9:9c:0f:
                    ef:3a:fc:0a:c1:bb:14:ea:07:47:f8:27:6f:ba:32:
                    c8:d0:f2:74:38:36:e7:ff:57:a9:71:1d:6b:ff:e3:
                    33:9c:48:3e:1d:16:5b:1a:d9:7e:cf:f4:14:fd:3b:
                    30:df:c5:87:11:0e:bb:08:69:a3:66:e4:79:ad:fc:
                    70:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:5F:76:78:08:CA:0D:7E:13:B4:1C:40:0E:D2:53:8D:33:C3:01:D0
            X509v3 Authority Key Identifier:
                keyid:16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:22:1e:d3:f0:94:60:5c:21:5f:43:94:1e:db:66:b0:14:13:
         8f:3e:b8:a9:d7:d7:aa:a9:39:80:c6:be:51:00:82:e7:94:9f:
         f4:82:bf:2a:db:e8:fb:53:ce:47:b6:79:e7:a8:ad:d0:db:be:
         35:25:28:87:00:84:9c:0d:75:c1:2e:ad:5e:3a:7b:0a:61:79:
         a4:c0:76:67:be:c1:2a:02:e3:9c:16:ce:de:87:62:38:d7:5f:
         c4:02:c5:d6:da:fb:09:97:f2:ce:a9:45:02:12:5f:84:c5:bd:
         4b:d3:d3:94:f7:ae:55:20:97:05:1a:32:d5:9c:a1:6d:25:c6:
         22:c1:4d:39:ee:76:89:e2:db:f1:3e:bd:36:fd:c3:4f:e2:2c:
         ac:41:7a:03:eb:2a:12:95:bb:57:a6:ce:ad:f9:51:b0:27:20:
         5c:28:a7:01:13:cf:ef:55:eb:84:21:8a:48:17:bf:d3:a5:0a:
         9f:ca:9a:d8:89:a5:c2:4f:6b:7e:15:4c:d6:82:57:dd:29:0b:
         d4:da:21:ae:85:6a:aa:e1:1a:bd:29:54:d8:fa:e6:4b:a4:8b:
         f7:9b:c6:30:ec:03:4a:01:b1:d4:5f:04:de:49:05:8d:fa:85:
         92:7b:85:e1:22:2e:47:48:b8:14:f9:ec:05:f5:18:5e:c4:df:
         4c:56:c5:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHec5cTfdIwZ+E4J7bzqHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTdkMGFmZWFiYmYzMzliMDZkYjI4M2M0YjhlMDI3YTA0
YWJjYWUwHhcNMjUwNjA2MjMwMDU0WhcNMjUwNjA3MjMwMDU0WjAzMTEwLwYDVQQD
Eyg3YTVmNzY3ODA4Y2EwZDdlMTNiNDFjNDAwZWQyNTM4ZDMzYzMwMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWA866ZpmNe17AmaMaSHCwDOqNsp
ThkDS+dnulEI3W8sXbP/3Ne05w5u6GYNMVckMALtMSJo0DuR/kADTeP+NdS3fhxa
OsH/8RrJ7t37NVLgX121DkwszK/2ooGsLp4htUCor+wWlJ5CzGhUJJ4mCjZdNfk3
jhV5ktpre+hZKGOVvUSFhkGDNF31cyuMBbRtQvPjyOJW684+AhrbN1LfJkEhd23m
MAmcJEzxGHwVJGfsf96IIYFUfS4OJIaYhza5nA/vOvwKwbsU6gdH+CdvujLI0PJ0
ODbn/1epcR1r/+MznEg+HRZbGtl+z/QU/Tsw38WHEQ67CGmjZuR5rfxwqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpfdngIyg1+E7QcQA7SU40zwwHQMB8GA1UdIwQY
MBaAFBYX0K/qu/M5sG2yg8S44CegSryuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEt
ZDdmMjFmYzEzNTBlLzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEtZDdmMjFmYzEzNTBl
LzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAniIe0/CU
YFwhX0OUHttmsBQTjz64qdfXqqk5gMa+UQCC55Sf9IK/Ktvo+1POR7Z556it0Nu+
NSUohwCEnA11wS6tXjp7CmF5pMB2Z77BKgLjnBbO3odiONdfxALF1tr7CZfyzqlF
AhJfhMW9S9PTlPeuVSCXBRoy1ZyhbSXGIsFNOe52ieLb8T69Nv3DT+IsrEF6A+sq
EpW7V6bOrflRsCcgXCinARPP71XrhCGKSBe/06UKn8qa2Imlwk9rfhVM1oJX3SkL
1NohroVqquEavSlU2PrmS6SL95vGMOwDSgGx1F8E3kkFjfqFknuF4SIuR0i4FPns
BfUYXsTfTFbFJA==
-----END CERTIFICATE-----