Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          E0dnpWkgxAk9nx8CSPRQLfXtlmYlQQoqOudBdFMfKco=
Subject key identifier:   F7:74:6F:E5:44:2C:3A:9A:DF:1E:E5:20:F4:D3:0D:2A:30:B3:06:3D
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       019921B268241883F1BCB1F3E8700CCFBAFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          1323
Signing time:             Sun 07 Sep 2025 01:02:44 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:44 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:44 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: 58+f0TUvCyDVeIEB0w9eDzt2vZUksT1/1e/kR3+oGBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:68:24:18:83:f1:bc:b1:f3:e8:70:0c:cf:ba:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: Sep  7 01:02:44 2025 GMT
            Not After : Sep  8 01:02:44 2025 GMT
        Subject: CN=f7746fe5442c3a9adf1ee520f4d30d2a30b3063d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ce:b4:b1:fb:52:7f:e2:30:b2:1c:39:79:4c:
                    22:df:84:be:63:8d:91:5a:68:2c:1f:51:67:5d:3e:
                    bf:c9:c2:f2:bc:a6:b5:3c:09:5c:6a:0c:cc:38:0a:
                    20:66:35:f4:45:00:dc:5c:05:a8:95:a0:d0:f6:60:
                    b7:0b:a8:4f:ea:e7:b9:f2:09:7d:52:fe:7a:32:b1:
                    e2:89:a3:ed:83:32:26:c4:32:fa:70:7f:54:be:62:
                    77:8f:79:78:ff:fa:04:2c:21:c6:45:51:76:62:3d:
                    3d:06:1b:e1:8e:cd:56:fe:8d:92:78:59:30:fe:4c:
                    09:43:e5:f6:9a:ed:35:29:bd:3d:7a:a5:ed:09:ab:
                    a4:b0:24:c7:d2:ae:90:2f:de:72:02:44:4c:7a:c6:
                    66:89:0a:47:22:f7:d3:57:f2:68:71:c5:3f:ff:b1:
                    5b:2d:47:21:09:65:63:e9:3d:3a:29:08:30:91:bc:
                    f4:01:f9:c3:12:e1:db:cc:34:62:e2:6a:bd:09:e5:
                    4c:db:36:c3:f6:b1:fe:8a:c3:30:e8:88:ed:56:4e:
                    4c:8d:c3:f3:bf:1c:ac:52:56:c2:45:41:27:f8:5d:
                    87:65:47:c4:09:e7:48:56:ca:bd:a0:94:8b:0f:1e:
                    25:ce:6b:46:fa:2c:2e:48:c3:43:04:dd:39:07:e9:
                    46:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:74:6F:E5:44:2C:3A:9A:DF:1E:E5:20:F4:D3:0D:2A:30:B3:06:3D
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:9e:27:e9:36:75:c7:4c:e0:7a:e2:39:73:30:5b:a2:db:01:
         95:59:a3:09:bc:08:54:52:c7:73:ff:02:0d:96:49:38:24:e6:
         02:64:e2:b5:54:35:75:5a:f6:44:33:0e:ef:28:01:72:55:99:
         de:98:3a:07:b7:6a:a2:52:a3:d7:4a:53:96:98:50:08:4e:d8:
         a2:dd:38:4e:76:e1:02:10:3e:71:a4:7b:4c:05:ac:4d:61:8d:
         d3:88:74:3f:1c:ed:e5:9a:b5:c5:1b:0f:8d:ed:59:7d:56:33:
         81:d7:07:61:d0:01:21:90:d9:2d:bb:11:e3:19:98:7b:e0:14:
         0c:27:ca:d4:91:d9:fd:d0:ea:47:3e:7a:e6:9a:86:70:ff:79:
         c2:f8:33:7e:60:8b:b0:32:ec:3e:ae:07:8b:09:63:11:99:0b:
         ae:39:16:be:c6:d2:7e:b1:74:44:a4:cf:7f:71:42:3a:5e:a4:
         d3:b3:b6:a7:0c:80:dc:12:9a:df:91:60:62:7c:2f:51:89:87:
         22:c4:58:f9:b0:b5:6d:19:df:e7:8e:25:7d:36:50:25:e3:1b:
         a2:1a:0e:98:d8:8f:91:d8:ec:f7:00:34:d5:3b:5d:07:c4:dd:
         7a:01:4c:3d:6b:a1:b1:78:c3:e5:69:e1:ca:7d:ba:4a:e6:a3:
         94:2b:2a:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsmgkGIPxvLHz6HAMz7r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjUwOTA3MDEwMjQ0WhcNMjUwOTA4MDEwMjQ0WjAzMTEwLwYDVQQD
EyhmNzc0NmZlNTQ0MmMzYTlhZGYxZWU1MjBmNGQzMGQyYTMwYjMwNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s60sftSf+Iwshw5eUwi34S+Y42R
WmgsH1FnXT6/ycLyvKa1PAlcagzMOAogZjX0RQDcXAWolaDQ9mC3C6hP6ue58gl9
Uv56MrHiiaPtgzImxDL6cH9UvmJ3j3l4//oELCHGRVF2Yj09Bhvhjs1W/o2SeFkw
/kwJQ+X2mu01Kb09eqXtCauksCTH0q6QL95yAkRMesZmiQpHIvfTV/JoccU//7Fb
LUchCWVj6T06KQgwkbz0AfnDEuHbzDRi4mq9CeVM2zbD9rH+isMw6IjtVk5MjcPz
vxysUlbCRUEn+F2HZUfECedIVsq9oJSLDx4lzmtG+iwuSMNDBN05B+lGNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPd0b+VELDqa3x7lIPTTDSowswY9MB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC54n6TZ1
x0zgeuI5czBbotsBlVmjCbwIVFLHc/8CDZZJOCTmAmTitVQ1dVr2RDMO7ygBclWZ
3pg6B7dqolKj10pTlphQCE7Yot04TnbhAhA+caR7TAWsTWGN04h0Pxzt5Zq1xRsP
je1ZfVYzgdcHYdABIZDZLbsR4xmYe+AUDCfK1JHZ/dDqRz565pqGcP95wvgzfmCL
sDLsPq4HiwljEZkLrjkWvsbSfrF0RKTPf3FCOl6k07O2pwyA3BKa35FgYnwvUYmH
IsRY+bC1bRnf544lfTZQJeMbohoOmNiPkdjs9wA01TtdB8TdegFMPWuhsXjD5Wnh
yn26SuajlCsqJA==
-----END CERTIFICATE-----