Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
File:                     DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft (raw, json)
Hash identifier:          n2vT6I1ayq6+M4eibfjlnxC2VEXWYydeJ9KlSa9r/PY=
Subject key identifier:   8C:30:0E:3F:A0:36:A2:01:38:B7:F8:A3:C0:8F:50:64:05:40:3C:8F
Authority key identifier: 0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53
Certificate issuer:       /CN=0c874a5f52734e260e7bfa4d45114add9277e353
Certificate serial:       0197B6A064FA45909C3A09676631F7EE8ADB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
Manifest number:          07A1
Signing time:             Sat 28 Jun 2025 13:00:54 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:54 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:54 +0000
Files and hashes:         1: DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl (hash: o9fDuIV4pwDYXvadNDaUxq1IgODcAMnZgNnQuqVOBlo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:64:fa:45:90:9c:3a:09:67:66:31:f7:ee:8a:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c874a5f52734e260e7bfa4d45114add9277e353
        Validity
            Not Before: Jun 28 13:00:54 2025 GMT
            Not After : Jun 29 13:00:54 2025 GMT
        Subject: CN=8c300e3fa036a20138b7f8a3c08f506405403c8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d9:fa:9f:2b:20:49:b7:f9:46:da:1b:f5:23:
                    f4:69:39:d6:38:bf:5e:74:87:c6:ab:9d:fd:39:0c:
                    4c:ef:55:e3:3f:f1:03:44:3c:58:3e:dd:18:51:ac:
                    0a:2a:e0:df:0e:b8:56:7b:c2:68:dd:dc:83:ed:64:
                    b7:98:d7:d9:2b:d0:cc:80:bb:a7:61:71:4f:66:b2:
                    47:94:01:25:39:c7:b1:37:42:33:8f:55:74:b5:a7:
                    30:7d:d8:76:40:db:32:4b:b5:ac:1a:9b:f4:e7:46:
                    ac:ab:de:24:52:a0:52:85:4f:cd:3d:b3:06:75:65:
                    fd:02:93:d3:99:55:48:3f:39:f3:e0:f3:ee:9c:09:
                    0a:73:45:fe:61:b7:5b:f4:5a:5e:96:8c:2b:17:24:
                    97:3c:67:a1:93:02:cd:94:c0:db:00:b9:0f:a7:0f:
                    ff:9f:2c:6d:a4:fd:ad:4e:3a:63:ce:4b:14:d9:81:
                    52:1c:c8:39:2c:f7:f2:ce:ff:cc:2b:b8:97:a7:e1:
                    66:68:c7:17:e0:96:ec:e2:8f:07:ae:20:3c:c5:a1:
                    6b:40:e3:0c:15:50:09:24:8a:79:ba:d3:7e:fd:bc:
                    c3:fb:3c:6c:b1:f0:4e:5c:f3:55:81:84:87:64:4d:
                    0c:6b:40:1c:c4:2b:c8:d4:b8:27:57:ec:2f:b5:e4:
                    75:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:30:0E:3F:A0:36:A2:01:38:B7:F8:A3:C0:8F:50:64:05:40:3C:8F
            X509v3 Authority Key Identifier:
                keyid:0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:62:bf:d8:f4:ff:22:96:72:64:d9:c0:1d:8a:51:09:a7:33:
         c3:b9:83:e8:55:98:68:22:09:03:2c:98:ae:69:b3:af:df:46:
         4f:f7:74:13:75:51:d1:8f:24:c3:4b:89:4f:5d:57:df:d8:64:
         0c:06:5a:7f:96:ae:58:62:63:de:c6:c6:8a:b1:6e:f7:98:3f:
         ab:32:13:bd:41:67:69:8a:d1:08:c5:ed:dc:8a:b9:21:fa:aa:
         bd:10:20:28:ff:35:0b:a3:23:47:d4:62:3c:93:7b:be:fe:6f:
         d3:bc:b3:3c:0a:6d:84:ed:8f:65:04:aa:5c:f1:50:d2:c5:b1:
         2d:a6:df:2b:ec:0d:69:4b:73:27:ee:51:83:9e:87:25:92:95:
         ad:e5:fb:d9:25:b0:a0:03:d2:1a:5c:7b:ed:f0:3d:46:bb:1d:
         b4:de:6f:a6:74:cb:b5:3f:4d:a4:d3:95:b3:89:4c:35:68:3e:
         50:ec:fd:aa:81:5e:1c:7e:e6:75:f3:4b:6d:aa:a8:b4:e7:45:
         94:0c:83:52:aa:27:38:82:c5:3c:c4:27:53:a2:d6:e8:65:57:
         c1:47:f2:78:02:70:31:9d:e8:b6:3d:61:17:13:85:dc:12:14:
         c9:28:91:d7:0c:ab:fc:02:5e:f1:04:83:37:39:21:7f:e6:e6:
         e8:45:26:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oGT6RZCcOglnZjH37orbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjODc0YTVmNTI3MzRlMjYwZTdiZmE0ZDQ1MTE0YWRkOTI3
N2UzNTMwHhcNMjUwNjI4MTMwMDU0WhcNMjUwNjI5MTMwMDU0WjAzMTEwLwYDVQQD
Eyg4YzMwMGUzZmEwMzZhMjAxMzhiN2Y4YTNjMDhmNTA2NDA1NDAzYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtn6nysgSbf5Rtob9SP0aTnWOL9e
dIfGq539OQxM71XjP/EDRDxYPt0YUawKKuDfDrhWe8Jo3dyD7WS3mNfZK9DMgLun
YXFPZrJHlAElOcexN0Izj1V0tacwfdh2QNsyS7WsGpv050asq94kUqBShU/NPbMG
dWX9ApPTmVVIPznz4PPunAkKc0X+Ybdb9FpelowrFySXPGehkwLNlMDbALkPpw//
nyxtpP2tTjpjzksU2YFSHMg5LPfyzv/MK7iXp+FmaMcX4Jbs4o8HriA8xaFrQOMM
FVAJJIp5utN+/bzD+zxssfBOXPNVgYSHZE0Ma0AcxCvI1LgnV+wvteR1RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwwDj+gNqIBOLf4o8CPUGQFQDyPMB8GA1UdIwQY
MBaAFAyHSl9Sc04mDnv6TUURSt2Sd+NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEt
YTBlMzdmMjVhNTE1LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEtYTBlMzdmMjVhNTE1
LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2K/2PT/
IpZyZNnAHYpRCaczw7mD6FWYaCIJAyyYrmmzr99GT/d0E3VR0Y8kw0uJT11X39hk
DAZaf5auWGJj3sbGirFu95g/qzITvUFnaYrRCMXt3Iq5IfqqvRAgKP81C6MjR9Ri
PJN7vv5v07yzPApthO2PZQSqXPFQ0sWxLabfK+wNaUtzJ+5Rg56HJZKVreX72SWw
oAPSGlx77fA9RrsdtN5vpnTLtT9NpNOVs4lMNWg+UOz9qoFeHH7mdfNLbaqotOdF
lAyDUqonOILFPMQnU6LW6GVXwUfyeAJwMZ3otj1hFxOF3BIUySiR1wyr/AJe8QSD
Nzkhf+bm6EUm1w==
-----END CERTIFICATE-----