Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
File:                     T7murXluvL6SUPqiksQOioWIx50.mft (raw, json)
Hash identifier:          Z0bd1KROS9rN9QDgwb2uMozbWyus6rVzjRV+YyH0njg=
Subject key identifier:   7D:7C:3F:71:EA:6E:EA:58:1F:62:8A:79:D7:97:D5:04:A9:92:A2:A7
Authority key identifier: 4F:B9:AE:AD:79:6E:BC:BE:92:50:FA:A2:92:C4:0E:8A:85:88:C7:9D
Certificate issuer:       /CN=4fb9aead796ebcbe9250faa292c40e8a8588c79d
Certificate serial:       0197B6A1170F6A0C3FE221CCC6715319D711
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
Manifest number:          1099
Signing time:             Sat 28 Jun 2025 13:01:39 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:39 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:39 +0000
Files and hashes:         1: T7murXluvL6SUPqiksQOioWIx50.crl (hash: MpHq46Ig0qFiKm3UZ3UszrunlsPBnTjCI5W5CwvHcBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:17:0f:6a:0c:3f:e2:21:cc:c6:71:53:19:d7:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fb9aead796ebcbe9250faa292c40e8a8588c79d
        Validity
            Not Before: Jun 28 13:01:39 2025 GMT
            Not After : Jun 29 13:01:39 2025 GMT
        Subject: CN=7d7c3f71ea6eea581f628a79d797d504a992a2a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3c:6d:e9:37:0a:fa:aa:3b:58:af:8f:10:03:
                    4a:22:a6:1f:f5:04:96:ff:13:9a:f9:0f:e3:80:8c:
                    dc:74:5e:4a:2e:0f:ad:7d:9d:1e:32:52:01:a9:62:
                    2b:b8:c9:1c:03:40:cf:74:56:52:fc:a9:65:9b:39:
                    7c:82:08:61:a6:80:ee:2e:04:18:10:de:a3:a5:ee:
                    00:7f:4f:8c:5f:8c:a3:e2:9b:dd:bd:e6:d1:82:46:
                    a6:d4:15:03:de:da:c0:4b:07:df:9e:9c:88:ea:bd:
                    7e:3c:72:08:09:48:6f:06:e7:4c:fc:16:e6:a7:0a:
                    2b:ea:b0:c2:55:ee:51:b2:c8:04:0f:02:5c:76:f2:
                    5d:d8:82:92:84:af:65:25:7e:eb:4f:a9:0c:54:bf:
                    79:f2:8a:67:1e:11:59:b5:49:95:36:9c:89:7a:b4:
                    ae:eb:58:6c:a7:41:cb:12:01:81:a1:cd:5d:a3:ce:
                    de:da:32:c0:4b:86:85:b6:96:8a:b0:85:9a:dc:ad:
                    19:3c:70:57:52:02:73:0b:7e:87:0b:7c:fb:d5:1b:
                    f2:62:bf:58:1d:e9:16:17:13:f5:26:44:73:c5:c5:
                    72:30:31:47:46:50:ae:08:da:c8:d2:3e:02:65:80:
                    53:2a:96:11:e8:36:68:0c:b7:3b:e5:0e:ed:29:b1:
                    2f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7C:3F:71:EA:6E:EA:58:1F:62:8A:79:D7:97:D5:04:A9:92:A2:A7
            X509v3 Authority Key Identifier:
                keyid:4F:B9:AE:AD:79:6E:BC:BE:92:50:FA:A2:92:C4:0E:8A:85:88:C7:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:d2:51:62:bc:e4:00:67:44:d2:97:52:24:84:65:39:86:48:
         0f:b0:c9:c5:0f:b6:1a:e0:a6:51:60:27:64:25:e8:39:5f:71:
         d7:bd:a0:ac:12:52:8e:b3:b3:27:e6:51:7f:a0:08:e7:8b:fc:
         7b:8f:b6:67:1f:91:9c:3d:92:6a:c3:64:a1:18:bc:0d:7f:2a:
         96:54:55:ec:cb:a8:5a:00:7d:0a:57:4d:ea:5b:b4:2b:e9:2b:
         97:0e:d6:91:0e:86:8f:7d:b7:c2:7d:3e:cc:3f:f0:e2:06:69:
         27:d4:35:74:46:76:c8:a1:f3:27:1b:64:9a:f5:de:fd:99:89:
         ef:ae:5e:67:18:48:ba:17:24:12:cb:9a:c1:4b:f4:5d:a4:3c:
         1e:e4:42:bd:20:03:13:9f:dc:2b:5c:18:37:7f:a4:f7:63:78:
         05:83:8a:a0:1f:5c:ca:f6:5a:e2:ec:95:96:6d:1a:58:2d:06:
         6b:d4:41:8c:02:97:a4:32:f1:1a:70:7f:f7:10:76:4a:9b:ea:
         fc:cb:cf:07:39:a4:cd:fa:fe:9d:65:ce:4e:1a:94:b8:c8:10:
         b9:56:b3:72:44:dd:7b:f0:5e:08:bf:47:18:49:cf:74:54:43:
         16:ff:59:c8:24:64:c8:7c:42:be:53:38:e4:88:06:aa:96:74:
         aa:c9:6c:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRcPagw/4iHMxnFTGdcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjlhZWFkNzk2ZWJjYmU5MjUwZmFhMjkyYzQwZThhODU4
OGM3OWQwHhcNMjUwNjI4MTMwMTM5WhcNMjUwNjI5MTMwMTM5WjAzMTEwLwYDVQQD
Eyg3ZDdjM2Y3MWVhNmVlYTU4MWY2MjhhNzlkNzk3ZDUwNGE5OTJhMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujxt6TcK+qo7WK+PEANKIqYf9QSW
/xOa+Q/jgIzcdF5KLg+tfZ0eMlIBqWIruMkcA0DPdFZS/Kllmzl8gghhpoDuLgQY
EN6jpe4Af0+MX4yj4pvdvebRgkam1BUD3trASwffnpyI6r1+PHIICUhvBudM/Bbm
pwor6rDCVe5RssgEDwJcdvJd2IKShK9lJX7rT6kMVL958opnHhFZtUmVNpyJerSu
61hsp0HLEgGBoc1do87e2jLAS4aFtpaKsIWa3K0ZPHBXUgJzC36HC3z71RvyYr9Y
HekWFxP1JkRzxcVyMDFHRlCuCNrI0j4CZYBTKpYR6DZoDLc75Q7tKbEvZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH18P3HqbupYH2KKedeX1QSpkqKnMB8GA1UdIwQY
MBaAFE+5rq15bry+klD6opLEDoqFiMedMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xMWYwMDQtNDQxZi00NzBkLTg5Mjct
NzZhOTEwOWE2MmU3LzEvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xMWYwMDQtNDQxZi00NzBkLTg5MjctNzZhOTEwOWE2MmU3
LzEvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHdJRYrzk
AGdE0pdSJIRlOYZID7DJxQ+2GuCmUWAnZCXoOV9x172grBJSjrOzJ+ZRf6AI54v8
e4+2Zx+RnD2SasNkoRi8DX8qllRV7MuoWgB9CldN6lu0K+krlw7WkQ6Gj323wn0+
zD/w4gZpJ9Q1dEZ2yKHzJxtkmvXe/ZmJ765eZxhIuhckEsuawUv0XaQ8HuRCvSAD
E5/cK1wYN3+k92N4BYOKoB9cyvZa4uyVlm0aWC0Ga9RBjAKXpDLxGnB/9xB2Spvq
/MvPBzmkzfr+nWXOThqUuMgQuVazckTde/BeCL9HGEnPdFRDFv9ZyCRkyHxCvlM4
5IgGqpZ0qsls+w==
-----END CERTIFICATE-----