Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
File:                     U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft (raw, json)
Hash identifier:          nKZa9bnFXnXVcdPT9s35LoeGyUXvOLk6AxqDsoV1FYs=
Subject key identifier:   34:A6:D4:67:B7:51:62:45:72:35:C5:54:46:1E:5D:C6:38:5F:82:51
Authority key identifier: 53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12
Certificate issuer:       /CN=53bf98d53522aa957081fdec28b172084394f112
Certificate serial:       0197B6A0613159A9FB23AC30AD9774370570
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
Manifest number:          0DC9
Signing time:             Sat 28 Jun 2025 13:00:53 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:53 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:53 +0000
Files and hashes:         1: U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl (hash: BA/9rt73vXjPGZjJ2oqY6qbFssBncUNqzgUjLk6ga1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:61:31:59:a9:fb:23:ac:30:ad:97:74:37:05:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53bf98d53522aa957081fdec28b172084394f112
        Validity
            Not Before: Jun 28 13:00:53 2025 GMT
            Not After : Jun 29 13:00:53 2025 GMT
        Subject: CN=34a6d467b75162457235c554461e5dc6385f8251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:2d:69:13:03:e8:de:e0:86:0e:55:2c:56:ba:
                    76:cd:3d:01:e5:cb:a0:de:eb:d0:85:7c:e0:0a:99:
                    f8:cf:37:e6:82:09:76:20:df:6b:db:c5:9f:8e:ef:
                    dd:d2:7b:52:d8:c3:32:03:e7:29:d5:73:b4:cc:ba:
                    c5:66:ca:91:ac:ba:fc:53:c4:d4:05:45:4b:4c:8b:
                    6a:7b:05:f0:01:a8:44:3c:fa:ab:85:03:64:ba:f6:
                    72:5f:1d:4d:a3:98:71:8b:66:ac:e0:09:53:3b:d2:
                    1f:f5:7d:c2:f6:30:74:2c:54:b8:50:56:c6:57:f4:
                    f4:e0:3e:5e:b5:38:ae:66:c9:63:2a:07:35:ad:25:
                    fd:06:3c:f6:46:b7:23:00:e3:50:e3:63:72:d5:d5:
                    9a:5d:bf:4b:ba:40:b0:4f:47:cf:c9:9c:e5:1a:aa:
                    de:e5:fc:ce:bd:01:fd:57:62:58:a0:12:99:92:ec:
                    bd:50:7a:1e:46:ca:65:df:6f:2e:c3:04:0f:8a:d4:
                    7b:13:36:ac:24:4e:e4:25:b8:a0:5c:b3:17:98:ce:
                    32:e5:72:44:14:dc:45:ac:59:9f:b6:6b:b2:03:aa:
                    7e:f2:5e:bd:98:1e:91:5a:1d:2a:c7:d4:7d:ce:31:
                    0a:99:ef:bc:37:8a:e0:28:93:0c:b6:75:4a:48:8c:
                    6f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A6:D4:67:B7:51:62:45:72:35:C5:54:46:1E:5D:C6:38:5F:82:51
            X509v3 Authority Key Identifier:
                keyid:53:BF:98:D5:35:22:AA:95:70:81:FD:EC:28:B1:72:08:43:94:F1:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/063b1b-7bde-48cc-b1ac-fad707d9c4f6/1/U7-Y1TUiqpVwgf3sKLFyCEOU8RI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:72:f6:11:69:f6:f7:26:bf:40:0b:fd:ee:d7:e4:2a:21:3d:
         e3:e7:c2:8e:47:70:49:ac:20:8f:6d:aa:b0:8d:e2:b7:63:5b:
         83:77:4a:c9:49:25:fd:01:c4:c1:c1:88:58:74:fd:55:a4:74:
         74:95:06:2b:3a:52:04:fc:ea:2e:05:94:39:3e:58:27:0c:9e:
         ae:5b:7c:4f:ca:af:54:e3:e8:c3:52:e3:65:37:4a:72:e3:a9:
         5e:81:54:35:06:dc:9b:0a:cc:38:82:3f:7f:61:c1:ab:06:20:
         f5:52:32:ac:50:02:af:5b:40:86:a3:bc:29:da:b9:c1:f8:e6:
         85:61:45:22:45:13:0c:44:6a:79:d3:31:fd:4b:93:a2:87:69:
         5a:84:57:33:77:36:85:1f:8f:75:45:e6:69:57:7c:ed:ae:50:
         a3:29:29:68:a9:20:f3:8d:c4:ed:0a:db:45:47:fc:ec:77:03:
         23:60:46:99:b9:58:62:62:75:ca:5f:28:1f:5e:1c:bf:df:17:
         4e:29:f4:39:61:1b:eb:8c:d4:c1:01:68:c8:45:d5:b4:ee:88:
         01:c3:3f:36:88:d1:83:f4:1c:d9:d6:0a:47:f5:cd:15:02:06:
         cc:b2:1e:2f:02:08:a6:61:e9:0f:54:eb:49:2d:4c:f4:5c:d0:
         bd:68:52:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oGExWan7I6wwrZd0NwVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmY5OGQ1MzUyMmFhOTU3MDgxZmRlYzI4YjE3MjA4NDM5
NGYxMTIwHhcNMjUwNjI4MTMwMDUzWhcNMjUwNjI5MTMwMDUzWjAzMTEwLwYDVQQD
EygzNGE2ZDQ2N2I3NTE2MjQ1NzIzNWM1NTQ0NjFlNWRjNjM4NWY4MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2C1pEwPo3uCGDlUsVrp2zT0B5cug
3uvQhXzgCpn4zzfmggl2IN9r28Wfju/d0ntS2MMyA+cp1XO0zLrFZsqRrLr8U8TU
BUVLTItqewXwAahEPPqrhQNkuvZyXx1No5hxi2as4AlTO9If9X3C9jB0LFS4UFbG
V/T04D5etTiuZsljKgc1rSX9Bjz2RrcjAONQ42Ny1dWaXb9LukCwT0fPyZzlGqre
5fzOvQH9V2JYoBKZkuy9UHoeRspl328uwwQPitR7EzasJE7kJbigXLMXmM4y5XJE
FNxFrFmftmuyA6p+8l69mB6RWh0qx9R9zjEKme+8N4rgKJMMtnVKSIxvnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSm1Ge3UWJFcjXFVEYeXcY4X4JRMB8GA1UdIwQY
MBaAFFO/mNU1IqqVcIH97CixcghDlPESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMt
ZmFkNzA3ZDljNGY2LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wNjNiMWItN2JkZS00OGNjLWIxYWMtZmFkNzA3ZDljNGY2
LzEvVTctWTFUVWlxcFZ3Z2Yzc0tMRnlDRU9VOFJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQnL2EWn2
9ya/QAv97tfkKiE94+fCjkdwSawgj22qsI3it2Nbg3dKyUkl/QHEwcGIWHT9VaR0
dJUGKzpSBPzqLgWUOT5YJwyerlt8T8qvVOPow1LjZTdKcuOpXoFUNQbcmwrMOII/
f2HBqwYg9VIyrFACr1tAhqO8Kdq5wfjmhWFFIkUTDERqedMx/UuToodpWoRXM3c2
hR+PdUXmaVd87a5QoykpaKkg843E7QrbRUf87HcDI2BGmblYYmJ1yl8oH14cv98X
Tin0OWEb64zUwQFoyEXVtO6IAcM/NojRg/Qc2dYKR/XNFQIGzLIeLwIIpmHpD1Tr
SS1M9FzQvWhSJg==
-----END CERTIFICATE-----