Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          fYfkFK0UAIRE166D2CrsF0qUNL7MJe6SKUINXf5MErQ=
Subject key identifier:   5F:2D:34:D7:9C:B4:A0:6F:5E:76:1E:35:0D:17:ED:CD:31:1F:35:25
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       0197B88ED5AC1B7A6E2BB57B5AEC32DE2E85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0D2B
Signing time:             Sat 28 Jun 2025 22:00:57 +0000
Manifest this update:     Sat 28 Jun 2025 22:00:57 +0000
Manifest next update:     Sun 29 Jun 2025 22:00:57 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: i+h7g9TXXitGKXDdVtD24Ri/fSrjSPDFp5/bLlCP7Z4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8e:d5:ac:1b:7a:6e:2b:b5:7b:5a:ec:32:de:2e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Jun 28 22:00:57 2025 GMT
            Not After : Jun 29 22:00:57 2025 GMT
        Subject: CN=5f2d34d79cb4a06f5e761e350d17edcd311f3525
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ee:ad:69:2a:24:d8:72:5d:aa:a9:8f:92:2e:
                    89:0f:c4:d0:ec:96:ea:a5:d7:25:44:0d:50:b4:28:
                    5d:94:3b:8d:8e:63:db:11:07:b8:85:45:b0:65:57:
                    1f:94:65:69:f9:27:26:81:6f:d6:b1:11:98:ab:1e:
                    b3:ed:85:7c:4b:ae:20:f2:d7:2b:46:02:16:d3:e1:
                    7f:c4:3b:ea:3a:87:8e:84:25:ce:1f:c3:f4:39:ef:
                    12:74:3b:d7:be:dd:11:95:fd:8b:a1:be:c8:96:dd:
                    44:4a:56:f5:3e:34:b4:fe:77:d0:51:c8:08:e8:2e:
                    51:86:53:75:ab:c0:f5:07:a0:e6:1f:5f:20:07:ca:
                    ee:07:ea:e2:79:69:62:30:f5:d1:80:5f:fb:aa:43:
                    a9:4b:90:11:29:a4:7f:7d:21:7b:49:50:bd:c2:74:
                    e9:1c:6a:92:d1:15:40:7a:66:61:d4:2c:f5:42:ae:
                    72:c9:d3:0f:13:d1:5a:22:11:41:6d:c1:14:70:1c:
                    44:d3:b5:57:5e:8a:0d:e1:93:3c:f6:c7:a6:c5:28:
                    91:96:19:40:b0:36:df:f6:30:cf:e6:80:72:70:82:
                    5b:85:24:83:6a:89:47:3e:8b:45:73:54:e6:4b:7d:
                    aa:42:56:60:cd:96:c7:b5:3c:e3:d6:76:38:bd:ac:
                    a8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:2D:34:D7:9C:B4:A0:6F:5E:76:1E:35:0D:17:ED:CD:31:1F:35:25
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:4e:a1:5b:56:3c:44:12:47:d4:02:af:67:1d:ea:b2:23:16:
         e3:32:2f:44:05:96:e7:23:74:2b:4f:68:da:1e:05:80:f6:0c:
         10:c3:31:87:2e:57:c4:93:51:7e:a5:3d:07:c5:d0:91:e0:6d:
         ff:59:eb:33:6a:a3:e2:ea:6a:ee:fb:9e:5c:26:e7:5f:4b:4c:
         1a:fc:e3:fb:ba:ce:95:0e:b3:15:33:f0:59:f1:dc:89:fe:4d:
         11:6e:0f:73:c5:42:c2:2f:e1:5d:d8:4d:ba:1b:81:1a:d0:67:
         96:65:a9:65:a2:b0:e1:2e:c9:fe:0d:51:38:b3:3d:c0:28:64:
         19:58:e1:f0:e3:bb:0d:f1:6b:64:ba:e8:b9:59:f7:bf:90:96:
         5c:14:2d:01:8b:4f:10:7e:22:c6:65:4b:55:4c:20:00:8d:5a:
         52:bb:66:ba:97:5a:b7:f3:da:94:38:b4:0b:85:4d:8a:98:e5:
         d3:7b:80:a6:d4:31:e5:a3:f0:b6:9e:4c:33:c9:dc:e6:c7:43:
         33:f5:c2:1b:57:5f:00:b3:7b:e4:32:ac:ec:23:64:1b:e5:8a:
         02:1d:1d:5a:b5:46:b1:0d:19:63:e1:1d:2d:2e:08:a9:b3:38:
         de:f7:5a:bc:6e:7d:ad:05:18:5e:df:77:75:e6:43:32:67:b9:
         61:9b:f4:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4jtWsG3puK7V7Wuwy3i6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwNjI4MjIwMDU3WhcNMjUwNjI5MjIwMDU3WjAzMTEwLwYDVQQD
Eyg1ZjJkMzRkNzljYjRhMDZmNWU3NjFlMzUwZDE3ZWRjZDMxMWYzNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO6taSok2HJdqqmPki6JD8TQ7Jbq
pdclRA1QtChdlDuNjmPbEQe4hUWwZVcflGVp+ScmgW/WsRGYqx6z7YV8S64g8tcr
RgIW0+F/xDvqOoeOhCXOH8P0Oe8SdDvXvt0Rlf2Lob7Ilt1ESlb1PjS0/nfQUcgI
6C5RhlN1q8D1B6DmH18gB8ruB+rieWliMPXRgF/7qkOpS5ARKaR/fSF7SVC9wnTp
HGqS0RVAemZh1Cz1Qq5yydMPE9FaIhFBbcEUcBxE07VXXooN4ZM89semxSiRlhlA
sDbf9jDP5oBycIJbhSSDaolHPotFc1TmS32qQlZgzZbHtTzj1nY4vayolwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8tNNectKBvXnYeNQ0X7c0xHzUlMB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATk6hW1Y8
RBJH1AKvZx3qsiMW4zIvRAWW5yN0K09o2h4FgPYMEMMxhy5XxJNRfqU9B8XQkeBt
/1nrM2qj4upq7vueXCbnX0tMGvzj+7rOlQ6zFTPwWfHcif5NEW4Pc8VCwi/hXdhN
uhuBGtBnlmWpZaKw4S7J/g1ROLM9wChkGVjh8OO7DfFrZLrouVn3v5CWXBQtAYtP
EH4ixmVLVUwgAI1aUrtmupdat/PalDi0C4VNipjl03uAptQx5aPwtp5MM8nc5sdD
M/XCG1dfALN75DKs7CNkG+WKAh0dWrVGsQ0ZY+EdLS4IqbM43vdavG59rQUYXt93
deZDMme5YZv0YQ==
-----END CERTIFICATE-----