Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          KDwJkYMVyTq7vLj1POMfiEx/jr1SRZFytDHCZDblNAc=
Subject key identifier:   D7:F0:86:DB:9B:24:CA:3C:44:AF:E6:0B:8A:64:58:02:0E:04:B3:46
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       0198D473B7F91057B42FADD209C2197E363E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0F09
Signing time:             Sat 23 Aug 2025 01:03:30 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:30 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:30 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: Q4WaGj+U1JuG6mq5SoaOVxmEvMSGApuUy5A8TZOd9u0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:b7:f9:10:57:b4:2f:ad:d2:09:c2:19:7e:36:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Aug 23 01:03:30 2025 GMT
            Not After : Aug 24 01:03:30 2025 GMT
        Subject: CN=d7f086db9b24ca3c44afe60b8a6458020e04b346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ea:62:0f:d3:fb:4a:e2:9f:9e:d9:1f:bc:97:
                    95:26:c4:26:81:93:86:f6:91:af:e2:02:62:00:76:
                    2a:37:28:fc:da:6d:5a:2b:b5:74:c9:f4:8c:d6:c5:
                    a4:9d:32:8e:5e:d3:d0:ff:d3:81:e2:76:d6:98:10:
                    93:bf:57:7c:53:c4:6a:e9:67:83:fd:0a:29:12:86:
                    19:b2:6b:bc:72:76:d9:ae:5e:5c:a2:a5:de:10:a9:
                    d2:a0:6a:da:fc:43:5e:f3:0e:88:b3:cb:56:1d:7f:
                    23:85:98:22:07:d1:42:51:c3:6a:a2:e0:84:8f:db:
                    58:b1:e7:78:a0:b5:75:12:56:dc:56:63:ca:48:8a:
                    d0:c7:09:72:f2:72:aa:cf:16:d7:4b:e0:a3:16:95:
                    dc:7b:e0:48:cb:f8:7b:84:52:11:a3:e9:94:e5:27:
                    eb:bd:e7:f5:41:50:7c:05:9f:5b:2c:6b:c3:ba:38:
                    1f:52:53:99:a4:3b:f2:f3:18:7b:14:52:a0:c4:e6:
                    77:48:65:ef:69:86:c8:05:1b:e7:67:99:ab:cf:0d:
                    b8:41:05:78:de:ae:e8:c5:59:82:7e:6b:ab:82:7a:
                    87:71:1c:7c:1d:11:3b:3b:69:55:45:ea:f0:c0:6d:
                    b7:5a:d7:48:34:0c:06:52:d6:37:6e:e4:75:e8:ca:
                    f3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:F0:86:DB:9B:24:CA:3C:44:AF:E6:0B:8A:64:58:02:0E:04:B3:46
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:64:d8:4b:40:03:3e:1d:0d:2a:c0:dd:3d:92:d9:52:fc:ee:
         7e:ff:b3:79:8e:90:98:86:1e:33:98:6b:82:d8:40:f8:49:43:
         a5:60:24:96:3c:bc:68:60:49:9f:50:c9:a6:e9:8d:9f:2b:15:
         78:15:79:98:4e:f8:b1:76:e0:fc:4f:63:58:42:61:42:10:46:
         97:3e:de:66:a0:f9:1b:ff:24:89:33:03:e8:71:71:31:b5:f7:
         e9:3e:ac:6f:98:23:23:d2:09:ea:23:02:9e:62:61:31:4a:2b:
         65:de:0a:f8:dc:cb:87:02:f0:a5:eb:42:97:a5:7b:77:3d:34:
         de:4e:fe:62:69:f0:bf:a7:89:1b:61:4a:c5:3d:8f:b8:d3:73:
         26:63:44:93:e6:75:01:84:ea:94:08:bd:54:a8:25:bc:e2:81:
         53:76:09:ff:58:ea:7f:f4:6a:92:cc:fc:70:9e:bb:26:77:29:
         f3:0e:7d:36:00:1c:b8:fe:db:ce:b4:f6:b7:9c:c7:da:05:13:
         a4:d6:41:75:82:45:ef:b5:55:af:ab:6a:ed:a5:bf:32:2e:59:
         b9:25:d4:a2:8d:9c:7c:38:fd:4e:31:3e:2e:54:d7:62:73:e5:
         e5:e9:b9:c9:06:25:b9:5c:12:72:6b:ee:09:c8:9f:da:7d:e6:
         91:01:20:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc7f5EFe0L63SCcIZfjY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwODIzMDEwMzMwWhcNMjUwODI0MDEwMzMwWjAzMTEwLwYDVQQD
EyhkN2YwODZkYjliMjRjYTNjNDRhZmU2MGI4YTY0NTgwMjBlMDRiMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyepiD9P7SuKfntkfvJeVJsQmgZOG
9pGv4gJiAHYqNyj82m1aK7V0yfSM1sWknTKOXtPQ/9OB4nbWmBCTv1d8U8Rq6WeD
/QopEoYZsmu8cnbZrl5coqXeEKnSoGra/ENe8w6Is8tWHX8jhZgiB9FCUcNqouCE
j9tYsed4oLV1ElbcVmPKSIrQxwly8nKqzxbXS+CjFpXce+BIy/h7hFIRo+mU5Sfr
vef1QVB8BZ9bLGvDujgfUlOZpDvy8xh7FFKgxOZ3SGXvaYbIBRvnZ5mrzw24QQV4
3q7oxVmCfmurgnqHcRx8HRE7O2lVRerwwG23WtdINAwGUtY3buR16MrzzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfwhtubJMo8RK/mC4pkWAIOBLNGMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmTYS0AD
Ph0NKsDdPZLZUvzufv+zeY6QmIYeM5hrgthA+ElDpWAkljy8aGBJn1DJpumNnysV
eBV5mE74sXbg/E9jWEJhQhBGlz7eZqD5G/8kiTMD6HFxMbX36T6sb5gjI9IJ6iMC
nmJhMUorZd4K+NzLhwLwpetCl6V7dz003k7+Ymnwv6eJG2FKxT2PuNNzJmNEk+Z1
AYTqlAi9VKglvOKBU3YJ/1jqf/Rqksz8cJ67Jncp8w59NgAcuP7bzrT2t5zH2gUT
pNZBdYJF77VVr6tq7aW/Mi5ZuSXUoo2cfDj9TjE+LlTXYnPl5em5yQYluVwScmvu
Ccif2n3mkQEgWw==
-----END CERTIFICATE-----