Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
File:                     J2zuYEMhsPEryjZ7VMBzmqil8To.mft (raw, json)
Hash identifier:          zb3bIp0NAtUJ79UMq11DM8ilTJjgkvbP6tCGiAMRNeE=
Subject key identifier:   75:F2:FD:E8:09:D7:DC:46:3C:9C:6D:30:B2:05:8F:1D:4E:C9:8B:1D
Authority key identifier: 27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A
Certificate issuer:       /CN=276cee604321b0f12bca367b54c0739aa8a5f13a
Certificate serial:       0197B6A0CB1A798B9BEAC47C655E1CDB342C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
Manifest number:          0F07
Signing time:             Sat 28 Jun 2025 13:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:20 +0000
Files and hashes:         1: J2zuYEMhsPEryjZ7VMBzmqil8To.crl (hash: sVcH7rvp6gcCoD92ZWntYQ2MrjdtxgBf1AoETXfr+D4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:cb:1a:79:8b:9b:ea:c4:7c:65:5e:1c:db:34:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=276cee604321b0f12bca367b54c0739aa8a5f13a
        Validity
            Not Before: Jun 28 13:01:20 2025 GMT
            Not After : Jun 29 13:01:20 2025 GMT
        Subject: CN=75f2fde809d7dc463c9c6d30b2058f1d4ec98b1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d0:5f:bd:51:5c:f4:72:8c:fa:75:0d:ea:83:
                    85:2b:d4:17:10:2b:98:1b:3e:67:0a:68:20:d2:fa:
                    80:49:0b:e4:27:91:a5:3b:0c:6f:bd:05:ff:5b:4e:
                    5a:0b:2d:2a:d5:c1:bb:d7:71:ac:31:d8:b7:af:c5:
                    3d:27:3e:70:ec:b2:cc:22:dd:3c:ac:d7:ec:52:40:
                    6d:37:63:13:2e:0a:76:fe:94:0d:9b:b1:3a:1b:2c:
                    ac:12:a7:a3:fb:fe:d4:30:0e:cf:74:9b:ba:80:ec:
                    a5:2b:1e:48:53:a1:5d:55:00:c0:d5:29:37:a4:37:
                    35:61:a8:22:91:71:7e:8b:0f:d4:18:c2:db:d1:78:
                    75:fc:e2:f8:93:39:dc:98:06:3b:18:d4:7b:d3:9a:
                    3f:31:d9:5b:54:f8:70:7b:47:b1:00:1e:e5:41:ab:
                    0e:56:2b:0f:4c:11:7f:93:a6:3a:0b:e6:36:54:6b:
                    72:5e:d2:98:5e:60:55:c1:2c:ba:26:18:c3:89:b5:
                    54:83:f4:2d:e8:af:0e:ce:fe:fd:5d:fc:01:f7:a9:
                    37:62:14:c8:05:b2:49:41:c8:f4:ee:22:4b:5d:1e:
                    dc:32:70:67:9b:91:d6:92:7a:40:23:56:f3:82:a7:
                    aa:64:f1:e0:a7:7c:34:f0:c5:7b:15:82:d3:38:64:
                    95:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F2:FD:E8:09:D7:DC:46:3C:9C:6D:30:B2:05:8F:1D:4E:C9:8B:1D
            X509v3 Authority Key Identifier:
                keyid:27:6C:EE:60:43:21:B0:F1:2B:CA:36:7B:54:C0:73:9A:A8:A5:F1:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2zuYEMhsPEryjZ7VMBzmqil8To.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a59955-86cf-4655-a1f8-258954b4fe5a/1/J2zuYEMhsPEryjZ7VMBzmqil8To.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:8d:77:0f:36:53:9f:9e:82:07:66:02:cc:7b:63:84:14:52:
         6c:07:34:1f:ba:3b:c4:5b:33:f6:a3:38:46:51:69:27:f2:de:
         df:24:61:86:be:20:87:01:97:a2:13:aa:1c:5f:af:04:f0:d3:
         16:c1:2c:a1:7a:1f:42:c1:5e:ac:33:1f:01:52:04:a4:21:85:
         25:74:99:6d:20:f6:be:1a:4b:88:65:90:3d:8e:17:56:3c:6b:
         20:e1:a1:1c:16:72:a2:ae:c8:9c:a9:e5:7a:17:35:3a:f5:e6:
         ce:c8:6c:fa:60:ef:99:82:e1:a6:b5:85:0e:9e:8c:cc:ea:ce:
         58:d2:fe:7e:16:11:73:cb:bd:ce:f0:b5:d3:bd:53:cc:49:3f:
         0e:1a:0a:1b:cc:42:91:ba:91:43:4a:bf:ca:e2:00:9f:c5:ab:
         47:9e:b4:91:7a:53:42:93:83:64:ed:66:7c:f1:74:6a:f7:04:
         87:fc:16:96:ec:e2:37:b4:36:ea:1b:a5:3e:fd:42:07:17:ea:
         47:9b:91:28:64:6e:e3:e6:37:ec:f4:df:c8:e2:ad:29:d5:78:
         eb:d8:91:1e:ad:61:01:19:c0:72:91:cf:7b:9f:5a:26:4b:ba:
         96:5d:f6:da:96:50:d1:8d:cf:f1:4d:77:35:24:ef:6d:de:ae:
         fb:29:93:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oMsaeYub6sR8ZV4c2zQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NmNlZTYwNDMyMWIwZjEyYmNhMzY3YjU0YzA3MzlhYThh
NWYxM2EwHhcNMjUwNjI4MTMwMTIwWhcNMjUwNjI5MTMwMTIwWjAzMTEwLwYDVQQD
Eyg3NWYyZmRlODA5ZDdkYzQ2M2M5YzZkMzBiMjA1OGYxZDRlYzk4YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNBfvVFc9HKM+nUN6oOFK9QXECuY
Gz5nCmgg0vqASQvkJ5GlOwxvvQX/W05aCy0q1cG713GsMdi3r8U9Jz5w7LLMIt08
rNfsUkBtN2MTLgp2/pQNm7E6GyysEqej+/7UMA7PdJu6gOylKx5IU6FdVQDA1Sk3
pDc1YagikXF+iw/UGMLb0Xh1/OL4kzncmAY7GNR705o/MdlbVPhwe0exAB7lQasO
VisPTBF/k6Y6C+Y2VGtyXtKYXmBVwSy6JhjDibVUg/Qt6K8Ozv79XfwB96k3YhTI
BbJJQcj07iJLXR7cMnBnm5HWknpAI1bzgqeqZPHgp3w08MV7FYLTOGSVMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXy/egJ19xGPJxtMLIFjx1OyYsdMB8GA1UdIwQY
MBaAFCds7mBDIbDxK8o2e1TAc5qopfE6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgt
MjU4OTU0YjRmZTVhLzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hNTk5NTUtODZjZi00NjU1LWExZjgtMjU4OTU0YjRmZTVh
LzEvSjJ6dVlFTWhzUEVyeWpaN1ZNQnptcWlsOFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeo13DzZT
n56CB2YCzHtjhBRSbAc0H7o7xFsz9qM4RlFpJ/Le3yRhhr4ghwGXohOqHF+vBPDT
FsEsoXofQsFerDMfAVIEpCGFJXSZbSD2vhpLiGWQPY4XVjxrIOGhHBZyoq7InKnl
ehc1OvXmzshs+mDvmYLhprWFDp6MzOrOWNL+fhYRc8u9zvC1071TzEk/DhoKG8xC
kbqRQ0q/yuIAn8WrR560kXpTQpODZO1mfPF0avcEh/wWluziN7Q26hulPv1CBxfq
R5uRKGRu4+Y37PTfyOKtKdV469iRHq1hARnAcpHPe59aJku6ll322pZQ0Y3P8U13
NSTvbd6u+ymTTA==
-----END CERTIFICATE-----