Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
File:                     Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft (raw, json)
Hash identifier:          p7DcRDhFdX+pJlfPn3Or6dsD1JJzNdNJWu+ZFm0HLzM=
Subject key identifier:   21:D6:EC:E9:DA:32:EC:78:72:5C:3C:90:A2:EC:A0:08:9B:85:43:4F
Authority key identifier: 4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC
Certificate issuer:       /CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
Certificate serial:       0197B7456F35560274D5ADE27E98282F2F0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
Manifest number:          15B4
Signing time:             Sat 28 Jun 2025 16:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:10 +0000
Files and hashes:         1: Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl (hash: feeKtscAQzq5/uTTl0LUf1Dh74eFtZHpJG+dnOTBwYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:6f:35:56:02:74:d5:ad:e2:7e:98:28:2f:2f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
        Validity
            Not Before: Jun 28 16:01:10 2025 GMT
            Not After : Jun 29 16:01:10 2025 GMT
        Subject: CN=21d6ece9da32ec78725c3c90a2eca0089b85434f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3d:c1:9f:76:05:10:06:df:e0:e2:50:3d:85:
                    be:73:34:a7:cb:f7:ce:fb:5b:db:d9:64:7e:b1:1b:
                    bd:69:68:ff:e3:da:7b:3c:7d:42:03:de:9b:81:e5:
                    10:4b:e1:43:69:db:e0:78:eb:73:1a:47:e4:d0:6a:
                    30:13:5c:1d:71:51:2a:32:ae:a4:5d:a1:be:11:0c:
                    d8:90:b7:58:ef:f6:44:3b:c1:49:99:cf:c5:d8:99:
                    9c:be:04:18:d8:7b:6b:e7:00:0c:42:80:5e:b5:5f:
                    7f:cf:65:96:7f:5f:bb:77:82:6e:b0:76:f7:4f:5d:
                    0c:b4:cc:db:d1:77:f0:61:6e:aa:a8:2a:a5:bc:db:
                    75:40:51:c7:8f:8e:72:9c:7d:8c:cf:fc:6b:bc:7c:
                    af:17:17:11:f6:42:39:d4:0f:c8:f0:90:d3:42:9c:
                    e7:d1:9d:1d:e1:de:76:44:d6:bf:33:e1:8e:1f:20:
                    3e:8f:5f:60:18:f8:29:c8:03:f3:29:c5:d9:3f:2e:
                    d8:4d:1f:df:5b:99:2f:a2:11:12:b2:19:16:44:b0:
                    aa:c1:4e:7d:ee:f7:59:e2:cd:f0:0c:e4:3b:01:54:
                    82:e9:22:c2:62:d2:81:15:08:68:b9:e8:bc:a7:0b:
                    72:3f:9b:73:98:e0:49:de:fc:a6:3e:64:5d:d8:9e:
                    96:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D6:EC:E9:DA:32:EC:78:72:5C:3C:90:A2:EC:A0:08:9B:85:43:4F
            X509v3 Authority Key Identifier:
                keyid:4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:f7:e5:af:3b:5d:de:c5:23:bc:50:cc:20:29:e8:1d:04:6c:
         a7:9a:d1:0b:74:14:9b:dc:30:f2:8f:cc:77:17:a1:ce:21:e9:
         9d:70:41:e8:68:cb:03:12:8f:6f:36:43:5a:d3:55:05:ee:30:
         8d:df:fa:8c:11:9f:38:16:1c:51:f8:55:fa:d7:43:8b:05:d7:
         92:74:42:a8:ef:c6:a9:d3:4e:17:ec:c0:43:d8:3b:f0:36:cc:
         80:a2:ae:b1:73:75:62:85:2a:b4:f3:0a:2d:0f:19:77:c6:a9:
         3a:b2:18:e1:25:90:bd:42:7a:49:f6:06:97:9b:32:b6:af:ab:
         1f:ef:91:6a:d5:e0:96:30:ce:6e:5e:42:13:a6:e4:85:f7:0c:
         eb:91:ce:de:61:76:52:7c:18:14:ff:fc:90:f0:55:5e:99:e2:
         1a:99:74:b7:bc:e9:7a:d4:b5:fb:5a:fe:21:ed:45:68:dc:76:
         4e:d0:6d:26:33:ef:56:d9:f7:5e:94:b2:3f:af:99:d1:6c:0b:
         2b:a9:59:82:c6:84:2f:b8:95:e9:01:84:0e:6f:4d:ee:3d:43:
         75:ab:de:2a:26:f5:3d:3f:65:6e:d3:42:45:78:30:e8:4f:6a:
         55:6c:ce:b0:da:65:7b:29:ff:61:38:f9:94:d9:f2:11:e9:0b:
         a6:6c:dc:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RW81VgJ01a3ifpgoLy8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWVkNGJmNTAyYzBmMmQ4YmM4NzAyNmMxOGFjOTg1OWIw
ZjFkZWMwHhcNMjUwNjI4MTYwMTEwWhcNMjUwNjI5MTYwMTEwWjAzMTEwLwYDVQQD
EygyMWQ2ZWNlOWRhMzJlYzc4NzI1YzNjOTBhMmVjYTAwODliODU0MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT3Bn3YFEAbf4OJQPYW+czSny/fO
+1vb2WR+sRu9aWj/49p7PH1CA96bgeUQS+FDadvgeOtzGkfk0GowE1wdcVEqMq6k
XaG+EQzYkLdY7/ZEO8FJmc/F2JmcvgQY2Htr5wAMQoBetV9/z2WWf1+7d4JusHb3
T10MtMzb0XfwYW6qqCqlvNt1QFHHj45ynH2Mz/xrvHyvFxcR9kI51A/I8JDTQpzn
0Z0d4d52RNa/M+GOHyA+j19gGPgpyAPzKcXZPy7YTR/fW5kvohESshkWRLCqwU59
7vdZ4s3wDOQ7AVSC6SLCYtKBFQhouei8pwtyP5tzmOBJ3vymPmRd2J6WNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHW7OnaMux4clw8kKLsoAibhUNPMB8GA1UdIwQY
MBaAFEoe1L9QLA8ti8hwJsGKyYWbDx3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUt
MzU2YTE5ZjU1NTA2LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUtMzU2YTE5ZjU1NTA2
LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADvflrztd
3sUjvFDMICnoHQRsp5rRC3QUm9ww8o/MdxehziHpnXBB6GjLAxKPbzZDWtNVBe4w
jd/6jBGfOBYcUfhV+tdDiwXXknRCqO/GqdNOF+zAQ9g78DbMgKKusXN1YoUqtPMK
LQ8Zd8apOrIY4SWQvUJ6SfYGl5sytq+rH++RatXgljDObl5CE6bkhfcM65HO3mF2
UnwYFP/8kPBVXpniGpl0t7zpetS1+1r+Ie1FaNx2TtBtJjPvVtn3XpSyP6+Z0WwL
K6lZgsaEL7iV6QGEDm9N7j1DdaveKib1PT9lbtNCRXgw6E9qVWzOsNpleyn/YTj5
lNnyEekLpmzcBA==
-----END CERTIFICATE-----