Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          Y6HAcsK7cSaMnCX044My3GXz6zcUbFI8F01XVxxOVEM=
Subject key identifier:   72:12:E6:EF:0D:36:BD:69:77:93:DC:B5:1D:90:2F:47:A3:3F:0B:34
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       0197B8FCF6EDFF6156B265F4FED558FF43F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0C32
Signing time:             Sun 29 Jun 2025 00:01:15 +0000
Manifest this update:     Sun 29 Jun 2025 00:01:15 +0000
Manifest next update:     Mon 30 Jun 2025 00:01:15 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: Dli8PloaVMEjeMa8MG7BgqZSZwYqdRHQS+nE5ADLQ0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 19:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:fc:f6:ed:ff:61:56:b2:65:f4:fe:d5:58:ff:43:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Jun 29 00:01:15 2025 GMT
            Not After : Jun 30 00:01:15 2025 GMT
        Subject: CN=7212e6ef0d36bd697793dcb51d902f47a33f0b34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:54:8a:62:fe:74:f2:28:92:f4:17:a5:6d:b1:
                    2e:94:d5:f2:fc:57:36:a1:8f:0d:1a:90:23:e1:92:
                    c8:ed:5b:8f:15:73:61:bf:ca:dc:97:a3:db:11:60:
                    f8:b6:ff:cd:84:67:a3:54:7f:b6:c3:ad:40:d4:a8:
                    7e:fa:5a:55:06:5e:ef:fc:af:23:c5:8e:ee:ce:f6:
                    45:77:21:c8:0e:93:b6:84:b9:6e:c2:9d:c1:c0:fa:
                    8a:ed:ba:35:34:67:cd:68:d6:39:9d:b2:f8:f1:07:
                    24:4e:c6:f2:98:20:29:9a:db:77:1f:07:3d:e8:66:
                    65:e5:08:2b:b2:06:35:e2:79:4d:fa:d7:a7:ab:41:
                    91:31:ed:42:7b:cf:18:cd:57:13:1a:c3:ed:b8:60:
                    88:09:20:13:89:c7:2b:09:ba:dc:48:a6:dd:4a:c2:
                    39:53:0e:48:0a:87:d8:7e:93:9c:1a:23:b7:28:47:
                    d8:77:80:3f:84:a5:5e:79:6e:c2:e1:04:97:c7:b9:
                    7b:3e:be:c5:37:e5:2e:37:04:6a:28:cb:00:b9:f7:
                    8a:d8:00:0e:02:3a:53:4c:7c:00:43:80:08:86:11:
                    eb:2c:30:46:ba:75:b6:d8:8e:cd:da:ad:b6:15:b5:
                    24:0a:59:27:44:f5:4c:17:29:7f:66:6a:24:3d:e3:
                    47:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:12:E6:EF:0D:36:BD:69:77:93:DC:B5:1D:90:2F:47:A3:3F:0B:34
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:9c:f9:a2:19:ce:ef:ea:1d:75:57:4d:9d:02:c0:11:8e:72:
         c9:01:ba:1a:3a:31:15:58:2e:97:72:d0:1c:d0:23:1d:75:61:
         94:89:ca:3f:7f:37:cb:cc:b4:4e:50:e8:3d:69:11:5d:8e:50:
         80:11:8e:b0:94:d6:9a:9b:ab:54:50:93:d5:b1:ae:b4:1d:74:
         9c:ad:24:b4:81:31:0a:ad:67:ad:ff:7e:24:72:40:2e:65:fa:
         5b:b2:4b:9a:45:a6:34:61:b4:55:34:fa:ed:39:6e:96:16:f3:
         bf:43:90:3b:53:3e:bf:27:26:ad:9b:f2:44:ff:3d:15:dc:03:
         cd:bc:4a:b8:0e:31:5a:33:d5:68:e5:db:a2:b6:8d:9c:cc:ff:
         84:0f:1b:ad:4e:79:53:4c:0d:3a:47:7d:9b:0c:d5:30:8b:80:
         dc:3e:9f:c7:8a:34:98:71:f4:db:b2:39:ed:05:60:1f:7c:4a:
         09:32:c8:07:0d:0e:b6:6f:4a:96:ee:f0:46:fc:c7:67:ce:d5:
         41:64:a9:f6:6a:86:ec:04:fe:3c:30:fd:88:01:56:f0:0d:02:
         e3:77:83:56:6a:71:57:83:8c:24:06:0c:f2:64:a6:20:de:3e:
         ca:65:54:cd:85:d0:6b:15:84:8d:03:a1:68:be:09:c0:7c:75:
         c0:f6:68:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4/Pbt/2FWsmX0/tVY/0P3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjUwNjI5MDAwMTE1WhcNMjUwNjMwMDAwMTE1WjAzMTEwLwYDVQQD
Eyg3MjEyZTZlZjBkMzZiZDY5Nzc5M2RjYjUxZDkwMmY0N2EzM2YwYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1SKYv508iiS9BelbbEulNXy/Fc2
oY8NGpAj4ZLI7VuPFXNhv8rcl6PbEWD4tv/NhGejVH+2w61A1Kh++lpVBl7v/K8j
xY7uzvZFdyHIDpO2hLluwp3BwPqK7bo1NGfNaNY5nbL48QckTsbymCApmtt3Hwc9
6GZl5QgrsgY14nlN+tenq0GRMe1Ce88YzVcTGsPtuGCICSATiccrCbrcSKbdSsI5
Uw5ICofYfpOcGiO3KEfYd4A/hKVeeW7C4QSXx7l7Pr7FN+UuNwRqKMsAufeK2AAO
AjpTTHwAQ4AIhhHrLDBGunW22I7N2q22FbUkClknRPVMFyl/ZmokPeNHYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIS5u8NNr1pd5PctR2QL0ejPws0MB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJz5ohnO
7+oddVdNnQLAEY5yyQG6GjoxFVgul3LQHNAjHXVhlInKP383y8y0TlDoPWkRXY5Q
gBGOsJTWmpurVFCT1bGutB10nK0ktIExCq1nrf9+JHJALmX6W7JLmkWmNGG0VTT6
7Tlulhbzv0OQO1M+vycmrZvyRP89FdwDzbxKuA4xWjPVaOXboraNnMz/hA8brU55
U0wNOkd9mwzVMIuA3D6fx4o0mHH027I57QVgH3xKCTLIBw0Otm9Klu7wRvzHZ87V
QWSp9mqG7AT+PDD9iAFW8A0C43eDVmpxV4OMJAYM8mSmIN4+ymVUzYXQaxWEjQOh
aL4JwHx1wPZofw==
-----END CERTIFICATE-----