Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
File:                     7_vi0INCz7z3p9dOiOvQMeEgItk.mft (raw, json)
Hash identifier:          JOd5tZ9/Rq1RG0MQD82w0oxHAL471jcl8H7CxKDgJss=
Subject key identifier:   39:02:C7:D8:6D:B7:95:C5:46:F7:DD:E3:D1:E0:86:4D:FF:D8:2C:64
Authority key identifier: EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9
Certificate issuer:       /CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
Certificate serial:       01969F3F1443C156F3ADD755CE148AB3A248
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
Manifest number:          0319
Signing time:             Mon 05 May 2025 07:00:33 +0000
Manifest this update:     Mon 05 May 2025 07:00:33 +0000
Manifest next update:     Tue 06 May 2025 07:00:33 +0000
Files and hashes:         1: 7_vi0INCz7z3p9dOiOvQMeEgItk.crl (hash: p6mKWuWFTkIrEILpmM1yJIQcCxtJHoGrRByGmQe/n/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 07:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:3f:14:43:c1:56:f3:ad:d7:55:ce:14:8a:b3:a2:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=effbe2d08342cfbcf7a7d74e88ebd031e12022d9
        Validity
            Not Before: May  5 07:00:33 2025 GMT
            Not After : May  6 07:00:33 2025 GMT
        Subject: CN=3902c7d86db795c546f7dde3d1e0864dffd82c64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:91:13:9b:18:b1:03:1d:78:4f:95:c8:c4:50:
                    91:19:8c:43:16:f0:90:a8:d5:17:24:04:86:34:07:
                    99:6c:e2:93:f6:fe:5a:7f:9a:3e:c0:ab:3f:d0:af:
                    9c:69:9e:2b:65:79:f2:14:28:41:79:c7:20:d7:9d:
                    84:a3:5b:c4:80:b5:ad:f4:a1:e1:92:9a:0b:19:d7:
                    5e:85:8d:f0:c8:a6:80:ae:a0:f2:d2:7a:f8:f3:80:
                    70:7e:c9:f2:a8:1d:8c:fe:06:56:59:52:14:71:46:
                    6d:23:bf:c6:f3:d2:34:5d:c9:81:fc:e0:97:bd:73:
                    af:04:7f:29:af:af:fa:64:fe:e2:32:9b:4f:20:28:
                    19:4b:8d:65:2a:da:bc:75:ea:a0:8a:65:ac:24:d8:
                    bc:60:bc:ff:34:3f:b3:3f:95:2c:9a:69:7c:20:bb:
                    e8:91:07:c2:1c:4f:91:e1:ba:36:bf:6d:56:a7:21:
                    44:e2:70:ac:ce:d6:64:4c:b4:ca:f5:07:60:9d:85:
                    62:f1:bc:f6:2e:c4:41:9e:07:35:ef:c1:4c:27:54:
                    d5:17:0a:1f:cb:39:36:32:98:8a:54:67:cd:54:43:
                    b6:fa:a7:ba:ca:bf:43:b1:a2:76:c5:a3:a7:56:96:
                    b0:00:bb:e7:05:47:ef:21:6c:01:dc:ae:2b:5c:92:
                    26:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:02:C7:D8:6D:B7:95:C5:46:F7:DD:E3:D1:E0:86:4D:FF:D8:2C:64
            X509v3 Authority Key Identifier:
                keyid:EF:FB:E2:D0:83:42:CF:BC:F7:A7:D7:4E:88:EB:D0:31:E1:20:22:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7_vi0INCz7z3p9dOiOvQMeEgItk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6ae8b3-a390-4b51-b7f1-f2f1ca287141/1/7_vi0INCz7z3p9dOiOvQMeEgItk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:b9:58:83:64:96:c5:ab:dc:fb:2e:38:d5:f0:fe:62:38:ae:
         a7:ec:22:79:ea:32:fb:02:15:dc:91:d6:97:62:cb:0d:13:d7:
         42:91:27:84:0a:61:de:72:23:46:c2:ec:fd:d2:7d:36:95:36:
         aa:08:85:29:01:18:4b:36:5e:94:71:5d:36:3e:f7:39:b1:9a:
         fe:2a:cc:1a:57:fd:68:17:93:05:71:a6:48:a1:99:9a:01:80:
         3f:2d:d4:4d:90:8f:38:c3:9e:0b:64:a5:95:46:78:c7:d7:85:
         47:7a:9e:b2:6f:06:9f:29:40:cc:25:c7:74:97:9b:21:71:58:
         ad:e8:f5:6f:f5:e6:d4:b3:0a:64:81:00:36:5d:06:49:ae:fd:
         5f:0a:57:49:37:6a:f6:c8:c4:8f:b4:11:ab:dc:d5:09:2f:0a:
         e6:19:34:b3:ad:d8:89:e3:ac:c9:59:79:ec:c9:1e:52:b5:3c:
         c9:83:ad:61:64:d6:0a:a5:2c:4a:0f:1a:ee:4c:40:3f:f0:70:
         2e:03:21:80:4d:69:20:3f:90:57:7f:43:c1:f2:95:7c:ee:21:
         77:99:0d:fd:a4:bd:23:6d:32:49:5b:23:8c:5f:31:9d:fd:db:
         9a:7c:60:ad:6b:d2:91:15:c1:75:ae:e4:48:3e:fe:e4:4b:72:
         60:05:58:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafPxRDwVbzrddVzhSKs6JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZmJlMmQwODM0MmNmYmNmN2E3ZDc0ZTg4ZWJkMDMxZTEy
MDIyZDkwHhcNMjUwNTA1MDcwMDMzWhcNMjUwNTA2MDcwMDMzWjAzMTEwLwYDVQQD
EygzOTAyYzdkODZkYjc5NWM1NDZmN2RkZTNkMWUwODY0ZGZmZDgyYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZETmxixAx14T5XIxFCRGYxDFvCQ
qNUXJASGNAeZbOKT9v5af5o+wKs/0K+caZ4rZXnyFChBeccg152Eo1vEgLWt9KHh
kpoLGddehY3wyKaArqDy0nr484BwfsnyqB2M/gZWWVIUcUZtI7/G89I0XcmB/OCX
vXOvBH8pr6/6ZP7iMptPICgZS41lKtq8deqgimWsJNi8YLz/ND+zP5Usmml8ILvo
kQfCHE+R4bo2v21WpyFE4nCsztZkTLTK9QdgnYVi8bz2LsRBngc178FMJ1TVFwof
yzk2MpiKVGfNVEO2+qe6yr9DsaJ2xaOnVpawALvnBUfvIWwB3K4rXJImFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkCx9htt5XFRvfd49Hghk3/2CxkMB8GA1UdIwQY
MBaAFO/74tCDQs+896fXTojr0DHhICLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEt
ZjJmMWNhMjg3MTQxLzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YWU4YjMtYTM5MC00YjUxLWI3ZjEtZjJmMWNhMjg3MTQx
LzEvN192aTBJTkN6N3ozcDlkT2lPdlFNZUVnSXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwrlYg2SW
xavc+y441fD+Yjiup+wieeoy+wIV3JHWl2LLDRPXQpEnhAph3nIjRsLs/dJ9NpU2
qgiFKQEYSzZelHFdNj73ObGa/irMGlf9aBeTBXGmSKGZmgGAPy3UTZCPOMOeC2Sl
lUZ4x9eFR3qesm8GnylAzCXHdJebIXFYrej1b/Xm1LMKZIEANl0GSa79XwpXSTdq
9sjEj7QRq9zVCS8K5hk0s63YieOsyVl57MkeUrU8yYOtYWTWCqUsSg8a7kxAP/Bw
LgMhgE1pID+QV39DwfKVfO4hd5kN/aS9I20ySVsjjF8xnf3bmnxgrWvSkRXBda7k
SD7+5EtyYAVYTg==
-----END CERTIFICATE-----