Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
File:                     j07qcuRTHJKm4A708ZGmEn6VbS0.mft (raw, json)
Hash identifier:          Qnuk1EMpFH+YP4OhdPLnKgGAbQX+MjnQ4q7TU921Hjo=
Subject key identifier:   6F:71:32:EC:B8:F3:FC:9E:32:86:C3:66:6D:00:DF:87:03:CF:F1:AA
Authority key identifier: 8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D
Certificate issuer:       /CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
Certificate serial:       0197B8904EAFD92DB2E2E51E7B3E1C786C75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
Manifest number:          0A6D
Signing time:             Sat 28 Jun 2025 22:02:34 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:34 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:34 +0000
Files and hashes:         1: j07qcuRTHJKm4A708ZGmEn6VbS0.crl (hash: +Z0qHdK7b29zMkbAlnExXyyRhtwVUnzK/Xx1DtXsK8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:4e:af:d9:2d:b2:e2:e5:1e:7b:3e:1c:78:6c:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4eea72e4531c92a6e00ef4f191a6127e956d2d
        Validity
            Not Before: Jun 28 22:02:34 2025 GMT
            Not After : Jun 29 22:02:34 2025 GMT
        Subject: CN=6f7132ecb8f3fc9e3286c3666d00df8703cff1aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cd:4c:e9:59:ec:b9:84:f1:3f:06:00:ac:e1:
                    37:c1:ce:8f:7f:67:86:24:fd:af:89:10:a2:1a:60:
                    cc:fd:7d:2d:49:df:63:ca:62:b4:53:22:b2:86:a2:
                    88:73:a6:28:c8:d2:11:3d:02:22:b2:76:46:2f:25:
                    e2:88:52:7e:6b:ad:b5:8f:69:38:1f:11:6c:60:98:
                    6b:73:3b:b6:ab:50:07:4f:11:85:e0:b4:f2:dc:ee:
                    d7:86:c7:74:1d:7d:a8:09:98:d4:bc:25:93:dc:2e:
                    f9:60:da:2a:c4:03:e1:be:d7:e5:49:3d:76:9b:f9:
                    fb:a4:02:6a:79:73:8c:58:e6:c2:51:e0:b6:43:1a:
                    77:86:58:a7:2a:2f:c4:dd:f7:b0:5b:a0:19:89:90:
                    0c:99:0c:8c:a6:36:a0:19:81:8f:3a:1a:04:c9:79:
                    e3:34:dd:be:1b:f7:83:d5:54:a7:f1:80:99:0a:93:
                    9f:49:f6:d8:bb:d0:88:60:bd:7c:93:94:ae:73:f6:
                    bb:61:c4:cd:e4:81:b0:8e:4b:d9:b5:6e:8b:94:00:
                    19:7c:78:49:f9:bc:ed:75:2b:7c:82:0f:84:8e:8b:
                    fb:47:a3:32:d4:31:83:66:d0:a8:27:20:98:17:37:
                    a0:75:c7:fa:8b:6f:0b:5c:33:3a:0f:92:b1:12:16:
                    d4:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:71:32:EC:B8:F3:FC:9E:32:86:C3:66:6D:00:DF:87:03:CF:F1:AA
            X509v3 Authority Key Identifier:
                keyid:8F:4E:EA:72:E4:53:1C:92:A6:E0:0E:F4:F1:91:A6:12:7E:95:6D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j07qcuRTHJKm4A708ZGmEn6VbS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/67e623-7945-409e-ad32-4618fbfa4c89/1/j07qcuRTHJKm4A708ZGmEn6VbS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:5f:8f:a0:94:52:5a:d7:22:a7:3c:11:2a:54:14:a3:6a:55:
         b7:93:9a:8b:fd:a5:d1:d8:3e:bf:77:fc:7c:36:27:15:0a:d8:
         03:18:15:ee:8a:a0:4d:5c:3a:f3:a0:4f:86:df:ee:97:4d:2e:
         80:fc:02:ad:1a:91:ee:95:99:ee:26:14:61:ab:68:6f:56:9e:
         e0:d3:e1:70:cd:29:27:40:69:fc:d8:4f:97:77:a8:60:8b:eb:
         97:74:e3:be:48:c1:16:f4:28:d6:03:14:8d:57:af:ad:0b:63:
         c4:4c:44:a3:0a:b4:58:f2:15:c4:f3:05:d9:a9:c3:89:1a:61:
         2f:6e:c2:83:0c:09:6e:f1:22:a5:5c:f4:70:b2:e6:08:80:ce:
         62:5f:ec:5b:e2:eb:c7:a9:f0:54:65:7e:1e:cb:5b:c4:84:e7:
         e8:4c:65:4e:b7:37:f5:3a:4e:da:51:18:dc:09:bf:8c:99:45:
         ed:3b:d5:42:f9:87:5e:fa:36:e0:81:b3:40:fb:d6:41:50:b2:
         76:a3:fc:1f:23:4e:0d:0f:89:d5:8f:3f:3a:b9:2a:f2:43:7b:
         b1:24:cf:2a:3c:27:91:22:83:39:28:b8:a0:14:96:03:c3:ae:
         ce:21:a3:d7:b3:48:8d:20:5c:22:89:96:0d:32:a3:dc:7e:df:
         b4:60:9b:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kE6v2S2y4uUeez4ceGx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNGVlYTcyZTQ1MzFjOTJhNmUwMGVmNGYxOTFhNjEyN2U5
NTZkMmQwHhcNMjUwNjI4MjIwMjM0WhcNMjUwNjI5MjIwMjM0WjAzMTEwLwYDVQQD
Eyg2ZjcxMzJlY2I4ZjNmYzllMzI4NmMzNjY2ZDAwZGY4NzAzY2ZmMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM1M6VnsuYTxPwYArOE3wc6Pf2eG
JP2viRCiGmDM/X0tSd9jymK0UyKyhqKIc6YoyNIRPQIisnZGLyXiiFJ+a621j2k4
HxFsYJhrczu2q1AHTxGF4LTy3O7Xhsd0HX2oCZjUvCWT3C75YNoqxAPhvtflST12
m/n7pAJqeXOMWObCUeC2Qxp3hlinKi/E3fewW6AZiZAMmQyMpjagGYGPOhoEyXnj
NN2+G/eD1VSn8YCZCpOfSfbYu9CIYL18k5Suc/a7YcTN5IGwjkvZtW6LlAAZfHhJ
+bztdSt8gg+Ejov7R6My1DGDZtCoJyCYFzegdcf6i28LXDM6D5KxEhbUHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9xMuy48/yeMobDZm0A34cDz/GqMB8GA1UdIwQY
MBaAFI9O6nLkUxySpuAO9PGRphJ+lW0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzIt
NDYxOGZiZmE0Yzg5LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82N2U2MjMtNzk0NS00MDllLWFkMzItNDYxOGZiZmE0Yzg5
LzEvajA3cWN1UlRISkttNEE3MDhaR21FbjZWYlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANF+PoJRS
WtcipzwRKlQUo2pVt5Oai/2l0dg+v3f8fDYnFQrYAxgV7oqgTVw686BPht/ul00u
gPwCrRqR7pWZ7iYUYatob1ae4NPhcM0pJ0Bp/NhPl3eoYIvrl3TjvkjBFvQo1gMU
jVevrQtjxExEowq0WPIVxPMF2anDiRphL27CgwwJbvEipVz0cLLmCIDOYl/sW+Lr
x6nwVGV+HstbxITn6ExlTrc39TpO2lEY3Am/jJlF7TvVQvmHXvo24IGzQPvWQVCy
dqP8HyNODQ+J1Y8/Orkq8kN7sSTPKjwnkSKDOSi4oBSWA8OuziGj17NIjSBcIomW
DTKj3H7ftGCb3A==
-----END CERTIFICATE-----