Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          A7RudVFl77KKYmTlLjpY5XFa/ExMf7TKyKI1XWwT8Kw=
Subject key identifier:   18:3C:9C:07:E1:07:A9:9C:D9:DE:14:77:52:81:B7:D5:2E:79:79:83
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0197B890755205C84D824BFD9F1C92123F3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          07DF
Signing time:             Sat 28 Jun 2025 22:02:44 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:44 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:44 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: uk3fcu40+lgeaWX3/XbmXckfcU/d4KpoNFdhKKgWTmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:75:52:05:c8:4d:82:4b:fd:9f:1c:92:12:3f:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Jun 28 22:02:44 2025 GMT
            Not After : Jun 29 22:02:44 2025 GMT
        Subject: CN=183c9c07e107a99cd9de14775281b7d52e797983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3e:8d:ce:47:c6:77:d5:a7:fd:18:ce:82:4c:
                    30:39:1b:c9:e1:36:04:5b:18:39:09:7e:96:e4:4e:
                    d4:81:14:cd:2a:87:64:d8:92:e6:91:06:79:58:17:
                    4d:3c:61:81:20:ac:04:06:a0:05:ac:ef:18:33:27:
                    dc:10:f6:da:7f:be:20:48:98:fe:22:58:22:00:d6:
                    a6:70:fb:00:67:86:45:62:a9:89:6a:14:b9:18:8e:
                    c2:39:eb:a2:34:7c:f1:25:53:dd:53:8b:72:1f:5c:
                    1f:21:c6:63:57:7c:ef:43:d6:e3:ac:29:6f:33:5f:
                    c9:69:12:86:b9:55:da:ec:7d:02:ac:14:da:33:b1:
                    5e:c0:2b:ef:7d:c0:67:22:06:47:a4:07:54:0e:80:
                    c6:c5:d9:c8:c4:67:10:2d:eb:17:d5:a9:89:43:28:
                    75:e2:58:c3:84:df:98:f2:25:a6:0f:c7:3a:e2:66:
                    a6:a4:93:04:c2:ec:5e:bf:19:d6:45:53:54:2a:b6:
                    cd:9e:a5:84:89:77:f2:ee:92:b7:6c:8b:de:48:34:
                    23:5e:7b:b1:73:33:f0:31:51:85:80:b3:bf:06:c0:
                    e2:7e:67:e5:17:b7:cd:7d:fa:7f:fb:7c:6c:02:14:
                    9a:f6:20:e1:0d:7f:82:12:ab:95:2e:9b:73:27:47:
                    44:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:3C:9C:07:E1:07:A9:9C:D9:DE:14:77:52:81:B7:D5:2E:79:79:83
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:29:b0:03:3b:9e:44:a7:a9:d7:81:dc:44:08:74:7a:92:69:
         f1:cd:63:66:f0:a3:7a:0a:08:01:d6:e9:9c:ac:8a:4c:25:b8:
         2f:ea:1c:9a:dc:fc:0a:d4:4d:94:d5:93:72:40:d7:32:4b:8e:
         0f:08:f4:00:04:e2:74:58:d5:a0:1f:35:15:b0:d0:11:b8:26:
         70:51:52:f5:25:0b:20:0d:37:9e:bd:83:f6:e3:5f:42:3b:8f:
         8c:da:c6:c3:fe:65:f1:45:fd:45:6e:9a:5c:96:1a:bc:e3:36:
         05:dc:2d:7b:ce:fa:70:f9:58:65:2f:4c:f3:d3:9b:d8:3d:7d:
         a6:8e:20:af:ce:2e:70:96:fa:e6:7b:ce:c1:5f:4d:7c:46:4b:
         9a:70:3c:1d:c6:85:1f:c3:0f:11:f5:3f:36:08:02:06:a2:cd:
         09:97:34:e8:9e:bd:d2:ac:58:9a:fc:f8:7e:b8:d8:94:f5:20:
         f4:6f:7b:d7:7a:81:0d:73:f4:78:2d:12:b1:7d:82:96:0c:68:
         5e:51:ec:83:2c:05:6e:2d:f1:4d:e4:3a:e2:cd:b6:4c:2d:53:
         c3:01:06:60:20:a5:91:cc:94:e2:e3:b4:f3:cb:9b:f2:92:f8:
         ba:36:58:59:40:98:9f:f2:34:e1:4e:11:a0:0c:ac:80:70:6d:
         10:6e:9c:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kHVSBchNgkv9nxySEj88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwNjI4MjIwMjQ0WhcNMjUwNjI5MjIwMjQ0WjAzMTEwLwYDVQQD
EygxODNjOWMwN2UxMDdhOTljZDlkZTE0Nzc1MjgxYjdkNTJlNzk3OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT6NzkfGd9Wn/RjOgkwwORvJ4TYE
Wxg5CX6W5E7UgRTNKodk2JLmkQZ5WBdNPGGBIKwEBqAFrO8YMyfcEPbaf74gSJj+
IlgiANamcPsAZ4ZFYqmJahS5GI7COeuiNHzxJVPdU4tyH1wfIcZjV3zvQ9bjrClv
M1/JaRKGuVXa7H0CrBTaM7FewCvvfcBnIgZHpAdUDoDGxdnIxGcQLesX1amJQyh1
4ljDhN+Y8iWmD8c64mampJMEwuxevxnWRVNUKrbNnqWEiXfy7pK3bIveSDQjXnux
czPwMVGFgLO/BsDifmflF7fNffp/+3xsAhSa9iDhDX+CEquVLptzJ0dE5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBg8nAfhB6mc2d4Ud1KBt9UueXmDMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSmwAzue
RKep14HcRAh0epJp8c1jZvCjegoIAdbpnKyKTCW4L+ocmtz8CtRNlNWTckDXMkuO
Dwj0AATidFjVoB81FbDQEbgmcFFS9SULIA03nr2D9uNfQjuPjNrGw/5l8UX9RW6a
XJYavOM2Bdwte876cPlYZS9M89Ob2D19po4gr84ucJb65nvOwV9NfEZLmnA8HcaF
H8MPEfU/NggCBqLNCZc06J690qxYmvz4frjYlPUg9G9713qBDXP0eC0SsX2Clgxo
XlHsgywFbi3xTeQ64s22TC1TwwEGYCClkcyU4uO088ub8pL4ujZYWUCYn/I04U4R
oAysgHBtEG6czg==
-----END CERTIFICATE-----