Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
File:                     X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft (raw, json)
Hash identifier:          erZTnMnpbfN/DjTvqURxwVjRGFDetBCEVkPcFreLer4=
Subject key identifier:   D7:E1:35:65:51:BA:79:FB:51:8C:77:D9:D6:C8:45:3E:8A:CB:78:FF
Authority key identifier: 5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C
Certificate issuer:       /CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
Certificate serial:       0197B9A1DABE27272A1117D7FBD234B44DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
Manifest number:          0BD1
Signing time:             Sun 29 Jun 2025 03:01:21 +0000
Manifest this update:     Sun 29 Jun 2025 03:01:21 +0000
Manifest next update:     Mon 30 Jun 2025 03:01:21 +0000
Files and hashes:         1: X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl (hash: htMDciQEnUMdN7gh5uxyIFj3LAGsctWrkprz16hZNa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:a1:da:be:27:27:2a:11:17:d7:fb:d2:34:b4:4d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fb7466d8e92b21c7b1aa135f30efe6e73e1f86c
        Validity
            Not Before: Jun 29 03:01:21 2025 GMT
            Not After : Jun 30 03:01:21 2025 GMT
        Subject: CN=d7e1356551ba79fb518c77d9d6c8453e8acb78ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:21:2f:39:43:08:e9:d6:b4:17:64:41:f3:79:
                    0e:16:ab:29:bb:e0:7d:d0:8f:04:11:84:2e:da:5e:
                    17:45:54:87:9d:35:ef:7f:ae:93:07:7b:91:3a:3c:
                    b0:45:b0:e3:98:8b:1c:11:23:b9:70:e1:5a:da:52:
                    1a:de:f2:09:a2:92:7b:e4:95:8d:89:d7:c9:69:da:
                    86:04:ff:f7:92:7f:6e:f4:e3:93:b8:81:88:8d:a0:
                    85:67:c9:a2:05:dd:ea:bb:60:1c:fa:8c:94:5e:30:
                    dc:5a:8a:f7:58:d1:d3:00:99:e8:94:43:bd:56:32:
                    fc:70:12:95:7d:4f:d9:83:c7:21:2a:dc:10:4f:02:
                    2c:3a:75:14:99:e5:75:6e:a3:ab:ff:60:20:a8:e4:
                    89:7f:5a:07:91:bb:32:f6:d6:02:f8:bf:a1:ac:aa:
                    42:aa:b2:09:2b:e9:d6:4f:c6:aa:01:1e:4f:bb:d0:
                    53:49:ec:06:11:ec:0b:02:79:da:73:b6:ac:05:49:
                    bc:1b:78:ac:84:fc:15:da:47:63:98:32:8c:46:84:
                    80:a3:f4:86:33:15:64:6f:be:1f:c8:c0:67:41:75:
                    b8:98:35:c0:52:20:fe:66:27:a3:e1:6a:1c:b7:30:
                    17:2c:5c:11:66:ed:c8:bd:b9:67:bc:15:8b:6b:cd:
                    6e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:E1:35:65:51:BA:79:FB:51:8C:77:D9:D6:C8:45:3E:8A:CB:78:FF
            X509v3 Authority Key Identifier:
                keyid:5F:B7:46:6D:8E:92:B2:1C:7B:1A:A1:35:F3:0E:FE:6E:73:E1:F8:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7dGbY6Sshx7GqE18w7-bnPh-Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ed289-d661-4343-a2e0-0b92679d3625/1/X7dGbY6Sshx7GqE18w7-bnPh-Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:75:29:24:f3:a2:f5:46:5e:6b:64:2c:19:ca:d3:9e:98:5e:
         f4:26:1f:77:d6:ef:87:29:89:67:23:11:3e:ee:ef:c3:80:96:
         f3:02:8a:20:d9:74:b8:9e:75:4c:b1:ae:d6:83:b9:84:e9:c6:
         05:c5:65:d6:10:c0:ce:f8:11:47:b0:5b:22:67:98:af:7a:da:
         35:62:7c:5b:7a:eb:65:ea:a4:dc:3f:c8:54:9d:c8:db:24:e5:
         00:59:89:dc:5c:54:18:45:4a:cd:c6:7c:bd:96:0a:02:4b:6d:
         f7:a9:73:78:cb:93:75:8d:ea:81:14:3a:ba:5f:81:fd:27:25:
         07:14:1d:fc:97:c6:33:b7:90:40:e2:61:fb:58:ae:cf:7b:09:
         37:83:9c:eb:f6:3f:d6:10:bb:eb:34:48:f1:c9:b9:1d:bc:fc:
         15:d1:a0:63:04:1a:01:b6:fc:1e:47:db:44:87:9e:fc:1d:20:
         82:1c:79:c7:4a:c2:bc:eb:15:92:27:be:68:b1:e4:6b:32:0c:
         98:93:75:46:f6:6a:71:90:bd:52:bc:f5:38:db:0f:f0:64:f3:
         25:7c:02:d8:f3:1d:dd:56:10:cb:2d:74:9f:e9:22:ec:74:2f:
         ec:2c:85:35:4b:96:e4:1f:14:1b:c7:b2:62:89:ef:f8:85:c2:
         0d:78:ef:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5odq+JycqERfX+9I0tE3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjc0NjZkOGU5MmIyMWM3YjFhYTEzNWYzMGVmZTZlNzNl
MWY4NmMwHhcNMjUwNjI5MDMwMTIxWhcNMjUwNjMwMDMwMTIxWjAzMTEwLwYDVQQD
EyhkN2UxMzU2NTUxYmE3OWZiNTE4Yzc3ZDlkNmM4NDUzZThhY2I3OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SEvOUMI6da0F2RB83kOFqspu+B9
0I8EEYQu2l4XRVSHnTXvf66TB3uROjywRbDjmIscESO5cOFa2lIa3vIJopJ75JWN
idfJadqGBP/3kn9u9OOTuIGIjaCFZ8miBd3qu2Ac+oyUXjDcWor3WNHTAJnolEO9
VjL8cBKVfU/Zg8chKtwQTwIsOnUUmeV1bqOr/2AgqOSJf1oHkbsy9tYC+L+hrKpC
qrIJK+nWT8aqAR5Pu9BTSewGEewLAnnac7asBUm8G3ishPwV2kdjmDKMRoSAo/SG
MxVkb74fyMBnQXW4mDXAUiD+Ziej4WoctzAXLFwRZu3IvblnvBWLa81uIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfhNWVRunn7UYx32dbIRT6Ky3j/MB8GA1UdIwQY
MBaAFF+3Rm2OkrIcexqhNfMO/m5z4fhsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAt
MGI5MjY3OWQzNjI1LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZWQyODktZDY2MS00MzQzLWEyZTAtMGI5MjY3OWQzNjI1
LzEvWDdkR2JZNlNzaHg3R3FFMTh3Ny1iblBoLUd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnUpJPOi
9UZea2QsGcrTnphe9CYfd9bvhymJZyMRPu7vw4CW8wKKINl0uJ51TLGu1oO5hOnG
BcVl1hDAzvgRR7BbImeYr3raNWJ8W3rrZeqk3D/IVJ3I2yTlAFmJ3FxUGEVKzcZ8
vZYKAktt96lzeMuTdY3qgRQ6ul+B/SclBxQd/JfGM7eQQOJh+1iuz3sJN4Oc6/Y/
1hC76zRI8cm5Hbz8FdGgYwQaAbb8HkfbRIee/B0gghx5x0rCvOsVkie+aLHkazIM
mJN1RvZqcZC9Urz1ONsP8GTzJXwC2PMd3VYQyy10n+ki7HQv7CyFNUuW5B8UG8ey
Yonv+IXCDXjvmg==
-----END CERTIFICATE-----