Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          J82sQkUQpUhSkSjRBlm4yWurA9ipxAYkNvh8LoOxguc=
Subject key identifier:   F8:F8:1C:0D:51:BF:C6:78:5D:1B:93:E0:E3:77:49:B7:32:7C:A0:53
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       0197B77BF942757DEAFA5EEEB52CD49B2C46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          02F2
Signing time:             Sat 28 Jun 2025 17:00:44 +0000
Manifest this update:     Sat 28 Jun 2025 17:00:44 +0000
Manifest next update:     Sun 29 Jun 2025 17:00:44 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: 7W1D94dFP/AeYtOjrBaYp7YSCLy0Qtu1K0jxhWdmcSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7b:f9:42:75:7d:ea:fa:5e:ee:b5:2c:d4:9b:2c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Jun 28 17:00:44 2025 GMT
            Not After : Jun 29 17:00:44 2025 GMT
        Subject: CN=f8f81c0d51bfc6785d1b93e0e37749b7327ca053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:af:7b:a0:06:44:15:93:29:9b:66:25:1e:c0:
                    07:2a:42:4f:aa:20:cf:b4:6c:96:7d:ac:4e:17:af:
                    f0:9f:2b:52:95:66:68:5d:1e:cd:83:fb:cc:dc:37:
                    15:4c:69:78:15:52:1b:0e:81:ba:c1:1a:f9:72:c0:
                    d3:05:7c:c2:5e:11:0d:23:22:29:bd:8d:b3:ea:1f:
                    1f:47:cf:fe:ae:1d:bb:b3:93:ab:92:9e:84:99:5c:
                    5b:13:dd:a7:c0:6e:ca:23:7b:58:c7:3a:25:b5:2d:
                    c5:32:88:d7:1c:01:4a:b6:3b:8f:6a:06:fc:27:48:
                    3f:6a:44:3c:4c:16:b4:d9:c2:a5:7a:78:14:a7:d4:
                    f7:b1:9b:12:2a:e6:03:08:60:44:99:7e:af:a0:26:
                    96:43:18:fe:9b:b1:0a:d3:fe:1f:80:4d:41:32:72:
                    b2:57:c6:9f:13:00:f7:c7:48:73:20:4a:58:28:51:
                    20:c0:af:96:3b:2f:bf:ec:e0:3e:21:0d:36:fd:9d:
                    1c:6d:1c:cd:4d:ad:07:5f:5c:6c:88:14:d5:e9:b0:
                    04:26:66:9d:a4:3c:b6:a8:e8:cd:6f:60:7f:78:43:
                    5a:09:b7:db:ee:e1:6e:d3:c6:93:96:94:d4:40:05:
                    d2:f5:d7:00:bc:86:15:31:82:2d:b8:a5:d0:3e:91:
                    1c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:F8:1C:0D:51:BF:C6:78:5D:1B:93:E0:E3:77:49:B7:32:7C:A0:53
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:45:05:11:ec:27:37:36:32:70:e7:e4:cf:1a:01:69:a5:19:
         77:0c:7c:fb:28:8d:b6:88:9d:79:d2:d3:2c:a0:94:d2:3d:de:
         d4:25:cd:82:5f:05:9d:7b:b1:b9:58:5e:f2:df:f8:86:74:96:
         27:88:ca:f6:47:ef:48:85:f7:d5:2f:45:96:b5:57:f4:47:65:
         ee:26:c2:97:9a:7d:da:5e:29:e1:b3:1f:be:e4:8f:e5:e9:ba:
         df:28:6f:33:13:60:35:86:f9:7c:51:28:2a:16:3d:33:98:d7:
         b7:2e:b1:1c:bb:23:d8:35:43:01:f1:34:4f:48:09:9d:b2:ea:
         69:4d:4f:ea:0e:9e:d7:01:24:4c:3c:93:fa:8c:0c:76:b2:dc:
         39:17:25:65:c7:2a:6e:f3:50:87:ab:30:db:7f:ff:23:83:70:
         1e:1f:69:a7:7b:4a:a2:81:94:80:4c:c4:e5:28:14:7c:fb:c9:
         d3:3c:ed:f5:ca:a3:26:17:83:a6:7f:78:00:e2:39:b6:55:31:
         a9:b7:44:5f:c8:45:48:74:10:17:99:69:79:71:79:66:d6:7f:
         e0:3e:25:ee:5f:99:d8:e0:d5:29:ca:c2:7b:46:41:29:b7:9e:
         6b:7f:b6:a9:ea:4f:bf:f2:9b:b2:49:ce:8c:66:98:26:94:a4:
         52:e6:bd:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3e/lCdX3q+l7utSzUmyxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwNjI4MTcwMDQ0WhcNMjUwNjI5MTcwMDQ0WjAzMTEwLwYDVQQD
EyhmOGY4MWMwZDUxYmZjNjc4NWQxYjkzZTBlMzc3NDliNzMyN2NhMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa97oAZEFZMpm2YlHsAHKkJPqiDP
tGyWfaxOF6/wnytSlWZoXR7Ng/vM3DcVTGl4FVIbDoG6wRr5csDTBXzCXhENIyIp
vY2z6h8fR8/+rh27s5Orkp6EmVxbE92nwG7KI3tYxzoltS3FMojXHAFKtjuPagb8
J0g/akQ8TBa02cKlengUp9T3sZsSKuYDCGBEmX6voCaWQxj+m7EK0/4fgE1BMnKy
V8afEwD3x0hzIEpYKFEgwK+WOy+/7OA+IQ02/Z0cbRzNTa0HX1xsiBTV6bAEJmad
pDy2qOjNb2B/eENaCbfb7uFu08aTlpTUQAXS9dcAvIYVMYItuKXQPpEcywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPj4HA1Rv8Z4XRuT4ON3SbcyfKBTMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkUFEewn
NzYycOfkzxoBaaUZdwx8+yiNtoidedLTLKCU0j3e1CXNgl8FnXuxuVhe8t/4hnSW
J4jK9kfvSIX31S9FlrVX9Edl7ibCl5p92l4p4bMfvuSP5em63yhvMxNgNYb5fFEo
KhY9M5jXty6xHLsj2DVDAfE0T0gJnbLqaU1P6g6e1wEkTDyT+owMdrLcORclZccq
bvNQh6sw23//I4NwHh9pp3tKooGUgEzE5SgUfPvJ0zzt9cqjJheDpn94AOI5tlUx
qbdEX8hFSHQQF5lpeXF5ZtZ/4D4l7l+Z2ODVKcrCe0ZBKbeea3+2qepPv/KbsknO
jGaYJpSkUua9vA==
-----END CERTIFICATE-----