Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          ffZL4kOujcL7LRlx1FbtKh6jVCAzCh3JPQDAGMsDwno=
Subject key identifier:   7F:B4:03:C5:0F:B2:12:08:92:A5:55:F3:E6:34:1F:49:A9:42:47:B5
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       0197B7EA3475CE22B851E2ED56B8972EC649
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0DCB
Signing time:             Sat 28 Jun 2025 19:01:08 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:08 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:08 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: /QIkUnF4SBVlbr5InkO98pSIhkhg4M52tBiTcpi2rMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:34:75:ce:22:b8:51:e2:ed:56:b8:97:2e:c6:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Jun 28 19:01:08 2025 GMT
            Not After : Jun 29 19:01:08 2025 GMT
        Subject: CN=7fb403c50fb2120892a555f3e6341f49a94247b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:53:41:2c:ea:b7:a2:a1:54:b6:44:05:61:02:
                    83:9e:c5:44:c8:fe:05:7b:13:ab:f8:21:8e:4e:05:
                    63:7b:17:c8:92:0b:4e:15:8b:6b:e6:06:91:56:9f:
                    42:c5:ce:7f:bc:d9:56:d4:66:e0:e4:4f:6b:73:8c:
                    db:c3:92:b0:bb:6a:67:af:b4:33:46:aa:d8:f5:0d:
                    0f:43:6a:4c:6a:51:09:58:07:65:e4:6d:ec:1b:de:
                    46:0f:c8:3a:15:a2:14:ff:44:bb:64:cd:4e:0f:15:
                    c3:18:60:ff:28:68:9c:1d:d7:c1:a3:12:43:66:e4:
                    35:b9:39:13:33:a6:aa:e8:73:fd:91:06:4a:55:5b:
                    d7:46:c9:59:c5:45:f6:4e:e4:a9:c7:41:78:9b:86:
                    a9:b9:7a:f7:86:16:36:40:3f:17:fe:f3:c6:13:fb:
                    28:fb:07:d8:9c:d4:1f:e2:9f:42:47:e7:8d:cd:83:
                    27:4e:b6:9b:80:f9:40:d7:f6:34:b1:aa:88:fc:47:
                    62:18:2a:20:b3:d8:4b:4c:10:4d:af:39:a7:b4:9d:
                    63:b1:66:1d:b1:25:32:43:41:9a:80:07:bd:62:dc:
                    dd:92:d5:64:dc:b1:4a:e9:88:ce:fb:3d:0e:16:e8:
                    85:f0:4f:71:7d:4f:11:0c:5d:4a:99:86:75:0d:e0:
                    d5:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:B4:03:C5:0F:B2:12:08:92:A5:55:F3:E6:34:1F:49:A9:42:47:B5
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c7:42:0c:db:71:2c:4f:dd:56:18:68:c5:60:88:86:9b:78:
         1e:b9:c7:28:84:8e:96:2b:48:dc:9f:c8:5e:0f:7a:81:d5:a2:
         dc:db:79:68:a6:27:f5:97:37:76:74:f0:da:13:bc:be:b0:68:
         47:9f:62:e6:00:bf:a2:87:ef:2e:7a:69:5d:80:57:a8:a3:73:
         4b:e8:8b:72:ae:9d:56:63:aa:8a:a0:66:dc:25:30:46:fe:2e:
         91:f0:2c:83:7b:58:8f:af:22:04:32:86:d1:a1:ec:1d:23:89:
         13:c1:48:ca:b8:72:f9:67:85:9d:7f:0b:f3:f2:fb:97:65:91:
         d8:e1:35:cb:cf:0c:30:64:3f:2b:19:6c:17:b4:e4:17:82:01:
         80:93:f6:9c:81:a8:d2:a0:2c:2f:f2:b4:fe:25:ed:37:e8:21:
         ba:54:72:7f:4b:cb:f5:60:88:41:a6:29:b1:4a:17:0b:82:9a:
         32:6f:28:5d:dd:d4:a1:42:4e:ac:84:5a:63:5b:d5:53:f2:b6:
         e7:39:67:2f:8d:0b:46:6b:a8:51:19:23:30:88:68:42:b2:db:
         4b:15:16:9c:82:5f:d7:1b:d5:d9:29:b6:1b:6b:96:6e:1e:5c:
         3b:b0:90:e8:4d:ac:48:ca:ee:de:8c:18:b8:02:f4:fc:c3:76:
         98:63:d7:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36jR1ziK4UeLtVriXLsZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUwNjI4MTkwMTA4WhcNMjUwNjI5MTkwMTA4WjAzMTEwLwYDVQQD
Eyg3ZmI0MDNjNTBmYjIxMjA4OTJhNTU1ZjNlNjM0MWY0OWE5NDI0N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51NBLOq3oqFUtkQFYQKDnsVEyP4F
exOr+CGOTgVjexfIkgtOFYtr5gaRVp9Cxc5/vNlW1Gbg5E9rc4zbw5Kwu2pnr7Qz
RqrY9Q0PQ2pMalEJWAdl5G3sG95GD8g6FaIU/0S7ZM1ODxXDGGD/KGicHdfBoxJD
ZuQ1uTkTM6aq6HP9kQZKVVvXRslZxUX2TuSpx0F4m4apuXr3hhY2QD8X/vPGE/so
+wfYnNQf4p9CR+eNzYMnTrabgPlA1/Y0saqI/EdiGCogs9hLTBBNrzmntJ1jsWYd
sSUyQ0GagAe9YtzdktVk3LFK6YjO+z0OFuiF8E9xfU8RDF1KmYZ1DeDV0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+0A8UPshIIkqVV8+Y0H0mpQke1MB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8dCDNtx
LE/dVhhoxWCIhpt4HrnHKISOlitI3J/IXg96gdWi3Nt5aKYn9Zc3dnTw2hO8vrBo
R59i5gC/oofvLnppXYBXqKNzS+iLcq6dVmOqiqBm3CUwRv4ukfAsg3tYj68iBDKG
0aHsHSOJE8FIyrhy+WeFnX8L8/L7l2WR2OE1y88MMGQ/KxlsF7TkF4IBgJP2nIGo
0qAsL/K0/iXtN+ghulRyf0vL9WCIQaYpsUoXC4KaMm8oXd3UoUJOrIRaY1vVU/K2
5zlnL40LRmuoURkjMIhoQrLbSxUWnIJf1xvV2Sm2G2uWbh5cO7CQ6E2sSMru3owY
uAL0/MN2mGPXFA==
-----END CERTIFICATE-----