Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          xakBDKDKucSBCzmPg0Sq/AChPDJ9pEhMNOMUK54YvHw=
Subject key identifier:   46:FE:26:D6:F8:28:F5:32:ED:88:10:1E:9D:5A:D7:2B:E6:64:BA:C4
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       0197BD106D71E5D253DAFD4DD701899A3B48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0DA7
Signing time:             Sun 29 Jun 2025 19:00:59 +0000
Manifest this update:     Sun 29 Jun 2025 19:00:59 +0000
Manifest next update:     Mon 30 Jun 2025 19:00:59 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: UKULQ929HuiU1eylgcvYJCfXcK4rhUTfOHhHtI/zKTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:bd:10:6d:71:e5:d2:53:da:fd:4d:d7:01:89:9a:3b:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Jun 29 19:00:59 2025 GMT
            Not After : Jun 30 19:00:59 2025 GMT
        Subject: CN=46fe26d6f828f532ed88101e9d5ad72be664bac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:5f:26:0e:41:bc:04:53:dd:20:f8:9e:aa:5d:
                    a3:11:5a:4d:62:9b:61:bd:15:16:e8:7b:03:39:3c:
                    e5:3b:08:8e:61:76:0b:ba:bf:b5:48:b6:9e:b3:d3:
                    5c:53:8e:fe:3a:3c:21:1a:d9:e3:f5:7d:d2:b9:98:
                    99:ea:05:7d:e0:e8:84:e8:aa:25:08:49:b3:f1:1b:
                    56:e3:4f:bb:3e:b6:a9:da:22:a8:1e:fe:1e:0a:ba:
                    74:e6:d5:8c:db:98:ac:5f:c1:f1:0a:48:98:d8:fd:
                    6b:dc:47:6f:3b:f9:b9:73:c8:b3:dd:19:17:2a:c1:
                    3e:8a:26:d0:a0:38:16:47:9b:16:09:16:df:64:92:
                    ff:a9:cf:77:62:1b:85:2a:f6:6d:58:0a:b2:e2:3e:
                    7c:3e:fd:d9:6a:d2:df:56:61:3b:5e:f6:69:6d:22:
                    30:cf:e9:12:4b:e1:8c:b4:25:8f:87:19:46:89:10:
                    ed:8e:45:3c:b9:a6:d9:de:d8:48:f5:39:76:a5:b7:
                    60:14:13:1e:07:44:d4:08:a7:a1:68:2d:3b:23:bf:
                    bf:41:d8:38:05:1a:e4:62:d3:d2:3f:1b:39:60:45:
                    50:ed:e0:5c:28:22:71:85:33:76:f5:65:5a:90:76:
                    62:b3:6e:29:09:a8:a1:8d:ff:04:4c:b4:38:2c:ab:
                    a5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:FE:26:D6:F8:28:F5:32:ED:88:10:1E:9D:5A:D7:2B:E6:64:BA:C4
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:6a:06:c8:1b:e8:b1:3e:a8:ad:97:f1:76:48:5b:f0:13:89:
         fd:0d:55:fd:fa:53:bc:02:0d:fd:46:44:73:93:85:3b:0b:d8:
         0b:1c:8c:52:69:e4:06:d1:3d:8a:fa:5b:90:13:02:c9:24:49:
         50:19:e6:38:e3:16:3a:f1:22:31:5a:99:69:56:68:91:d1:fd:
         cf:90:e7:db:63:26:59:3e:2a:0c:98:93:fc:c2:cd:a1:53:70:
         54:e3:bd:34:c6:bc:82:d0:c0:8d:f1:83:92:e8:1a:eb:ba:33:
         84:1b:51:ce:31:d9:06:60:71:a4:07:f8:ae:4d:2c:11:d2:9f:
         9d:c0:de:fb:b7:58:ff:48:60:74:25:1b:3f:c3:d1:eb:36:64:
         0a:c8:1c:1e:0e:c1:09:50:93:42:26:e5:6f:d4:69:fd:b5:d9:
         db:41:36:51:6f:c6:a7:0a:e3:6b:1b:cb:e0:43:a9:97:d9:dd:
         85:bf:23:93:54:d4:00:b5:fb:30:03:fc:e1:9c:21:43:e8:eb:
         ef:3e:5e:3f:45:2c:0c:67:c9:65:8b:50:90:9c:f9:0e:4c:9f:
         08:21:04:43:c1:f1:86:5e:60:db:9b:83:2f:8e:70:93:2d:ba:
         04:09:b8:44:2b:6a:53:e5:0f:b7:b4:f0:22:c6:94:21:84:46:
         97:0f:67:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe9EG1x5dJT2v1N1wGJmjtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwNjI5MTkwMDU5WhcNMjUwNjMwMTkwMDU5WjAzMTEwLwYDVQQD
Eyg0NmZlMjZkNmY4MjhmNTMyZWQ4ODEwMWU5ZDVhZDcyYmU2NjRiYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll8mDkG8BFPdIPieql2jEVpNYpth
vRUW6HsDOTzlOwiOYXYLur+1SLaes9NcU47+OjwhGtnj9X3SuZiZ6gV94OiE6Kol
CEmz8RtW40+7Prap2iKoHv4eCrp05tWM25isX8HxCkiY2P1r3EdvO/m5c8iz3RkX
KsE+iibQoDgWR5sWCRbfZJL/qc93YhuFKvZtWAqy4j58Pv3ZatLfVmE7XvZpbSIw
z+kSS+GMtCWPhxlGiRDtjkU8uabZ3thI9Tl2pbdgFBMeB0TUCKehaC07I7+/Qdg4
BRrkYtPSPxs5YEVQ7eBcKCJxhTN29WVakHZis24pCaihjf8ETLQ4LKulVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEb+Jtb4KPUy7YgQHp1a1yvmZLrEMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGoGyBvo
sT6orZfxdkhb8BOJ/Q1V/fpTvAIN/UZEc5OFOwvYCxyMUmnkBtE9ivpbkBMCySRJ
UBnmOOMWOvEiMVqZaVZokdH9z5Dn22MmWT4qDJiT/MLNoVNwVOO9NMa8gtDAjfGD
kuga67ozhBtRzjHZBmBxpAf4rk0sEdKfncDe+7dY/0hgdCUbP8PR6zZkCsgcHg7B
CVCTQiblb9Rp/bXZ20E2UW/GpwrjaxvL4EOpl9ndhb8jk1TUALX7MAP84ZwhQ+jr
7z5eP0UsDGfJZYtQkJz5DkyfCCEEQ8Hxhl5g25uDL45wky26BAm4RCtqU+UPt7Tw
IsaUIYRGlw9nLQ==
-----END CERTIFICATE-----