Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
File:                     d7tRRrULW8gaNXR6K75lKqC3Fnw.mft (raw, json)
Hash identifier:          aq+7QV05IeuX4vSKkOgQNGH7ilcPa5vlJTV8XjB4rBE=
Subject key identifier:   DD:4C:B6:65:25:2B:CD:94:10:63:C5:30:34:7E:52:FD:09:9E:6D:E4
Authority key identifier: 77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C
Certificate issuer:       /CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
Certificate serial:       0197C312A2D4E3ACFCB1FE9CF43D35A31155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
Manifest number:          1260
Signing time:             Mon 30 Jun 2025 23:01:07 +0000
Manifest this update:     Mon 30 Jun 2025 23:01:07 +0000
Manifest next update:     Tue 01 Jul 2025 23:01:07 +0000
Files and hashes:         1: d7tRRrULW8gaNXR6K75lKqC3Fnw.crl (hash: IxR4yvsTw0pJA8q+LH9A1uFI2dn7rbnbjEYQq52ES9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 15:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c3:12:a2:d4:e3:ac:fc:b1:fe:9c:f4:3d:35:a3:11:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
        Validity
            Not Before: Jun 30 23:01:07 2025 GMT
            Not After : Jul  1 23:01:07 2025 GMT
        Subject: CN=dd4cb665252bcd941063c530347e52fd099e6de4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:81:f0:07:d6:11:57:64:e7:d6:0e:ca:9e:33:
                    16:49:fa:d2:38:93:84:9a:e9:6a:ab:2b:d4:89:bc:
                    17:f6:be:0c:d0:14:ba:a6:15:ef:25:db:16:c1:da:
                    d1:2f:7a:ad:3c:7f:43:c7:05:68:b3:ff:dd:31:54:
                    ae:49:68:69:4f:56:a3:b9:50:e2:d0:69:3c:fb:94:
                    7e:68:95:19:5d:b7:43:f1:21:3a:15:d8:f1:5a:2c:
                    a8:36:94:fa:38:f4:a1:70:44:e0:db:dc:22:87:ff:
                    07:36:b5:29:b8:aa:97:2d:3a:50:e1:53:a5:6a:1e:
                    10:b1:74:d0:2b:7b:77:1b:68:7c:7c:49:a3:62:62:
                    a4:58:ea:52:72:fa:b9:92:28:bf:0a:b4:71:50:95:
                    81:d5:d2:9f:5d:72:46:05:5b:87:dd:a1:42:47:ae:
                    63:13:76:69:dc:4f:d9:0f:9f:d3:47:2a:c6:6f:b8:
                    f2:0e:14:0e:48:f9:9b:73:d8:6a:77:35:bc:13:ee:
                    c2:fb:26:f0:c5:ae:12:ce:74:85:d0:15:41:b7:cd:
                    32:fc:6e:3f:ad:1c:d2:ce:83:21:fa:92:2a:bd:63:
                    ad:e7:46:cc:91:57:75:fc:6a:73:c3:d7:7b:11:97:
                    74:72:d6:4e:45:9e:b4:06:20:1a:a7:36:dd:d0:e3:
                    ca:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:4C:B6:65:25:2B:CD:94:10:63:C5:30:34:7E:52:FD:09:9E:6D:E4
            X509v3 Authority Key Identifier:
                keyid:77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:1c:c9:e4:ee:7a:f5:aa:1e:57:a1:0e:38:70:2f:5b:4d:95:
         7a:22:8f:c5:33:43:b3:5e:c0:a5:d8:9d:3b:93:d7:83:00:be:
         d9:c2:76:ad:a6:60:12:5b:36:a5:d5:79:a1:8e:16:ab:a6:b4:
         26:c3:e2:4f:56:e2:84:fa:9e:fe:df:d9:cf:f5:a5:31:dc:f6:
         d1:08:e0:72:63:3f:2c:d7:50:e7:97:88:cd:ec:0e:ae:61:fd:
         a0:d4:3e:06:fe:49:64:05:a9:0d:7a:25:2f:d0:79:30:3e:9c:
         79:ea:4f:b3:5a:e5:23:a1:89:a9:8b:fd:08:16:11:52:57:48:
         8e:11:cf:91:a8:92:b9:61:d2:bc:da:c5:14:2f:83:83:ec:41:
         75:bd:29:97:5c:63:12:bc:c7:86:4c:7d:ca:5b:52:83:24:78:
         38:5e:f8:c9:be:dd:af:47:c0:38:b7:7f:2a:6a:3b:bc:b1:a5:
         cd:e5:5d:73:96:3d:3b:2a:79:5f:53:d2:05:1a:ed:2c:aa:6a:
         67:5b:67:0c:ed:0a:bd:56:d4:f4:6d:2f:3b:dc:96:2e:8a:ab:
         ad:54:3b:a4:bc:7d:0c:7c:79:a0:ef:99:f7:be:35:d1:5f:3f:
         a3:c7:ac:56:12:c4:94:05:52:9d:30:37:88:8a:cb:d2:14:4d:
         bc:02:55:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfDEqLU46z8sf6c9D01oxFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmI1MTQ2YjUwYjViYzgxYTM1NzQ3YTJiYmU2NTJhYTBi
NzE2N2MwHhcNMjUwNjMwMjMwMTA3WhcNMjUwNzAxMjMwMTA3WjAzMTEwLwYDVQQD
EyhkZDRjYjY2NTI1MmJjZDk0MTA2M2M1MzAzNDdlNTJmZDA5OWU2ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24HwB9YRV2Tn1g7KnjMWSfrSOJOE
mulqqyvUibwX9r4M0BS6phXvJdsWwdrRL3qtPH9DxwVos//dMVSuSWhpT1ajuVDi
0Gk8+5R+aJUZXbdD8SE6FdjxWiyoNpT6OPShcETg29wih/8HNrUpuKqXLTpQ4VOl
ah4QsXTQK3t3G2h8fEmjYmKkWOpScvq5kii/CrRxUJWB1dKfXXJGBVuH3aFCR65j
E3Zp3E/ZD5/TRyrGb7jyDhQOSPmbc9hqdzW8E+7C+ybwxa4SznSF0BVBt80y/G4/
rRzSzoMh+pIqvWOt50bMkVd1/Gpzw9d7EZd0ctZORZ60BiAapzbd0OPKMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1MtmUlK82UEGPFMDR+Uv0Jnm3kMB8GA1UdIwQY
MBaAFHe7UUa1C1vIGjV0eiu+ZSqgtxZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYt
ZjA4N2U0Zjg1ZTUwLzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYtZjA4N2U0Zjg1ZTUw
LzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRzJ5O56
9aoeV6EOOHAvW02VeiKPxTNDs17ApdidO5PXgwC+2cJ2raZgEls2pdV5oY4Wq6a0
JsPiT1bihPqe/t/Zz/WlMdz20QjgcmM/LNdQ55eIzewOrmH9oNQ+Bv5JZAWpDXol
L9B5MD6ceepPs1rlI6GJqYv9CBYRUldIjhHPkaiSuWHSvNrFFC+Dg+xBdb0pl1xj
ErzHhkx9yltSgyR4OF74yb7dr0fAOLd/Kmo7vLGlzeVdc5Y9Oyp5X1PSBRrtLKpq
Z1tnDO0KvVbU9G0vO9yWLoqrrVQ7pLx9DHx5oO+Z97410V8/o8esVhLElAVSnTA3
iIrL0hRNvAJVNw==
-----END CERTIFICATE-----