Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.mft
File:                     RD1PlXMp3zFJj6hUPCPxLIdMxg0.mft (raw, json)
Hash identifier:          jpd7cIsEPHM+cmImAJtZxWhR+KjfEYGhuj4WX5JXL7Q=
Subject key identifier:   67:F3:8F:23:2F:E7:7F:5D:75:AA:A0:41:40:14:48:52:13:89:8D:6E
Authority key identifier: 44:3D:4F:95:73:29:DF:31:49:8F:A8:54:3C:23:F1:2C:87:4C:C6:0D
Certificate issuer:       /CN=443d4f957329df31498fa8543c23f12c874cc60d
Certificate serial:       0197C9F0611FE85CC21006AEFEE72D384928
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RD1PlXMp3zFJj6hUPCPxLIdMxg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.mft
Manifest number:          2B
Signing time:             Wed 02 Jul 2025 07:01:03 +0000
Manifest this update:     Wed 02 Jul 2025 07:01:03 +0000
Manifest next update:     Thu 03 Jul 2025 07:01:03 +0000
Files and hashes:         1: RD1PlXMp3zFJj6hUPCPxLIdMxg0.crl (hash: YbGd+1SmdGh3V2Y7c7jBWlb4hZ9vjBOZ0BXMUv4K344=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RD1PlXMp3zFJj6hUPCPxLIdMxg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:61:1f:e8:5c:c2:10:06:ae:fe:e7:2d:38:49:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=443d4f957329df31498fa8543c23f12c874cc60d
        Validity
            Not Before: Jul  2 07:01:03 2025 GMT
            Not After : Jul  3 07:01:03 2025 GMT
        Subject: CN=67f38f232fe77f5d75aaa0414014485213898d6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a0:08:8d:47:bd:88:7d:23:1e:a8:20:a2:3a:
                    df:da:d1:be:e5:29:23:1c:03:02:05:cc:8a:ee:27:
                    68:1c:fb:6f:7b:1c:0d:f8:20:4e:64:63:76:c6:78:
                    e7:a9:ee:a7:20:bb:c9:b5:f1:cb:fc:b2:11:be:c4:
                    ac:22:34:93:47:37:fe:c4:19:da:f3:ea:7f:bc:46:
                    c6:5e:e0:ff:66:fd:46:30:64:1a:6a:15:9a:e7:05:
                    09:0f:dd:42:62:81:6c:ac:a1:34:cf:2d:8b:16:a4:
                    35:2b:9b:b5:9b:cc:be:ea:29:6b:a2:d5:3d:8e:79:
                    70:be:17:12:31:b9:81:01:1f:e2:de:a9:b7:31:52:
                    ac:b2:71:62:ca:26:d9:2b:ed:12:ea:15:53:68:aa:
                    e3:00:be:76:34:36:a3:a6:ba:97:e6:47:b7:11:aa:
                    0d:d3:76:69:17:d3:16:f3:bb:8b:6d:1b:d4:a7:3c:
                    b6:a4:94:82:aa:ff:4a:9c:a1:25:ef:00:b4:57:38:
                    36:39:25:c7:f7:a4:d5:85:f9:23:a4:11:52:05:c6:
                    07:16:87:5b:03:0a:52:26:8e:5b:fe:44:ec:f7:2a:
                    71:ea:ad:2f:64:c1:19:a3:40:19:90:96:a5:83:c4:
                    1f:1d:46:45:8b:cf:99:f9:dd:99:b4:cf:6e:0a:56:
                    03:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F3:8F:23:2F:E7:7F:5D:75:AA:A0:41:40:14:48:52:13:89:8D:6E
            X509v3 Authority Key Identifier:
                keyid:44:3D:4F:95:73:29:DF:31:49:8F:A8:54:3C:23:F1:2C:87:4C:C6:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RD1PlXMp3zFJj6hUPCPxLIdMxg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/79dc3c-3633-4b47-9bd1-6e9b84b271e1/1/RD1PlXMp3zFJj6hUPCPxLIdMxg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:cd:14:4d:07:fd:bc:e6:61:61:92:0b:99:0e:2e:ea:7a:b4:
         c2:59:90:38:c9:49:7c:68:71:23:d6:b7:f0:84:08:f3:9c:2a:
         08:6a:f4:78:97:b4:ba:b7:6d:5e:5f:3e:a6:6e:1d:ea:3a:fe:
         1c:64:ec:da:47:28:7b:ca:93:78:05:8f:b8:19:e7:96:f4:b9:
         0a:36:71:c7:10:58:bc:ad:0a:e7:96:9e:01:f6:51:d9:ef:2b:
         ce:da:ce:01:81:9c:59:61:40:c8:73:f1:25:20:1b:e9:84:45:
         52:01:33:10:bd:37:c7:54:91:ef:d4:30:be:01:22:ff:33:35:
         37:94:09:b9:ef:a8:d0:7b:74:7e:04:08:a9:5b:95:7c:7c:fd:
         c4:c6:98:39:a0:6f:a5:14:03:0a:67:54:4c:53:a1:21:19:1b:
         02:38:2f:af:1f:63:f3:1d:7a:0d:c9:64:f8:8a:28:01:fc:0c:
         38:fd:24:96:d1:f6:8d:a0:cf:13:69:82:78:25:24:7e:c6:af:
         89:57:0a:b2:37:1b:5b:75:20:0d:d4:cb:02:c7:a3:98:a7:b5:
         b5:e0:b3:f6:ab:97:2a:2e:15:0b:6f:0f:61:eb:41:b3:a8:dd:
         55:df:dd:34:e0:a2:3f:d4:dd:31:a5:8c:9d:a3:95:bd:dd:2e:
         1f:8c:18:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8GEf6FzCEAau/uctOEkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0M2Q0Zjk1NzMyOWRmMzE0OThmYTg1NDNjMjNmMTJjODc0
Y2M2MGQwHhcNMjUwNzAyMDcwMTAzWhcNMjUwNzAzMDcwMTAzWjAzMTEwLwYDVQQD
Eyg2N2YzOGYyMzJmZTc3ZjVkNzVhYWEwNDE0MDE0NDg1MjEzODk4ZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6AIjUe9iH0jHqggojrf2tG+5Skj
HAMCBcyK7idoHPtvexwN+CBOZGN2xnjnqe6nILvJtfHL/LIRvsSsIjSTRzf+xBna
8+p/vEbGXuD/Zv1GMGQaahWa5wUJD91CYoFsrKE0zy2LFqQ1K5u1m8y+6ilrotU9
jnlwvhcSMbmBAR/i3qm3MVKssnFiyibZK+0S6hVTaKrjAL52NDajprqX5ke3EaoN
03ZpF9MW87uLbRvUpzy2pJSCqv9KnKEl7wC0Vzg2OSXH96TVhfkjpBFSBcYHFodb
AwpSJo5b/kTs9ypx6q0vZMEZo0AZkJalg8QfHUZFi8+Z+d2ZtM9uClYD7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfzjyMv539ddaqgQUAUSFITiY1uMB8GA1UdIwQY
MBaAFEQ9T5VzKd8xSY+oVDwj8SyHTMYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkQxUGxYTXAzekZKajZoVVBDUHhMSWRNeGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83OWRjM2MtMzYzMy00YjQ3LTliZDEt
NmU5Yjg0YjI3MWUxLzEvUkQxUGxYTXAzekZKajZoVVBDUHhMSWRNeGcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83OWRjM2MtMzYzMy00YjQ3LTliZDEtNmU5Yjg0YjI3MWUx
LzEvUkQxUGxYTXAzekZKajZoVVBDUHhMSWRNeGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAec0UTQf9
vOZhYZILmQ4u6nq0wlmQOMlJfGhxI9a38IQI85wqCGr0eJe0urdtXl8+pm4d6jr+
HGTs2kcoe8qTeAWPuBnnlvS5CjZxxxBYvK0K55aeAfZR2e8rztrOAYGcWWFAyHPx
JSAb6YRFUgEzEL03x1SR79QwvgEi/zM1N5QJue+o0Ht0fgQIqVuVfHz9xMaYOaBv
pRQDCmdUTFOhIRkbAjgvrx9j8x16Dclk+IooAfwMOP0kltH2jaDPE2mCeCUkfsav
iVcKsjcbW3UgDdTLAsejmKe1teCz9quXKi4VC28PYetBs6jdVd/dNOCiP9TdMaWM
naOVvd0uH4wYvg==
-----END CERTIFICATE-----