Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          0l8S1i3GnqUQ4L7HeD0mwhUn8lJ/AYyd/0YWkeYgOwo=
Subject key identifier:   B0:AC:7A:46:B0:46:DE:37:B4:38:46:23:2D:14:3A:2B:52:49:11:13
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       0197BA7D2E2426000C88A509BF8F4F3914CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          1507
Signing time:             Sun 29 Jun 2025 07:00:55 +0000
Manifest this update:     Sun 29 Jun 2025 07:00:55 +0000
Manifest next update:     Mon 30 Jun 2025 07:00:55 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: EcQpCIpq0Nttfi1ztHwoan3MF7sIbMBkqieX+qvQwXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:2e:24:26:00:0c:88:a5:09:bf:8f:4f:39:14:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Jun 29 07:00:55 2025 GMT
            Not After : Jun 30 07:00:55 2025 GMT
        Subject: CN=b0ac7a46b046de37b43846232d143a2b52491113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2a:c1:a6:f1:ff:f8:4a:07:20:cc:5b:ee:3a:
                    4e:94:a4:40:a8:a8:9b:00:fa:b5:b9:95:11:86:04:
                    a0:f7:62:3d:c1:34:3b:f0:3d:09:35:b7:35:33:54:
                    21:25:4c:78:8e:ad:42:23:41:c4:66:a0:2f:6c:12:
                    6f:50:a2:5a:80:54:53:fe:c0:5e:90:78:a1:43:32:
                    97:de:81:7b:b1:db:67:90:2b:87:d6:79:9e:08:23:
                    a4:75:3b:85:98:a1:72:a2:89:08:de:f3:0b:20:57:
                    ee:a0:9a:ec:3e:ce:9d:40:0e:ae:3b:40:52:a3:23:
                    20:05:e0:41:97:b6:f9:16:51:a2:7f:5b:0f:28:6d:
                    5b:13:ca:22:df:01:7d:93:46:6c:8e:93:8d:03:96:
                    49:a1:89:65:94:7c:de:58:89:62:46:3c:de:ac:68:
                    70:4a:98:db:1f:a1:e5:0e:b8:09:f9:97:fe:15:9a:
                    1d:a1:94:b9:64:41:c2:d9:d2:d8:5a:5d:d8:91:ef:
                    af:f0:0b:e1:da:b1:cd:6e:31:3e:4e:c1:77:ea:60:
                    bc:b0:0f:30:31:44:51:14:46:6a:32:20:72:23:3e:
                    6b:b5:19:bf:54:33:fa:1c:2c:9b:bb:1a:23:a2:79:
                    49:7d:12:d4:2c:2b:a9:dd:36:d3:49:81:d0:61:aa:
                    c4:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:AC:7A:46:B0:46:DE:37:B4:38:46:23:2D:14:3A:2B:52:49:11:13
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:cf:c1:25:4e:b6:c5:16:d7:30:f9:43:43:ba:23:73:87:08:
         53:3a:0d:da:09:99:6b:c6:c5:e9:b8:0e:c5:9f:d4:8b:20:3c:
         ad:67:54:3c:60:68:0f:2d:5d:73:8a:68:00:1c:8c:bc:68:91:
         29:58:48:e6:9a:c6:d0:ae:20:4a:a5:bf:e5:d6:7d:32:cb:a2:
         30:f4:6b:1a:85:fb:9f:bb:34:98:2c:9d:ad:86:21:d3:8c:0a:
         f0:6c:25:a3:2e:d2:ec:56:3e:52:62:f8:e9:3b:57:58:59:64:
         d8:04:d6:2f:ec:fe:ab:29:eb:8c:43:fa:7d:ec:76:0c:35:89:
         5c:ad:3c:e0:6f:90:f1:85:9a:50:29:71:8d:01:c6:3e:83:b6:
         fa:b0:43:f8:de:4b:c8:73:6c:c8:76:f0:76:5e:14:e5:a7:fd:
         e5:89:f6:40:32:26:97:2c:90:8c:66:43:ad:ca:f2:03:48:d4:
         fa:80:ab:5c:a8:5f:77:20:bc:bc:52:2b:2e:cf:09:4a:bc:20:
         e8:6b:c6:ee:4f:ee:e8:17:16:ae:a0:a9:98:3b:e7:c6:d5:3f:
         7b:0b:84:20:f2:32:35:c9:78:bf:ee:aa:eb:77:d4:34:b4:16:
         fa:b0:31:5a:89:b7:86:6d:3a:08:37:2d:98:a3:f4:7c:ec:ee:
         2f:65:4c:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fS4kJgAMiKUJv49PORTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjUwNjI5MDcwMDU1WhcNMjUwNjMwMDcwMDU1WjAzMTEwLwYDVQQD
EyhiMGFjN2E0NmIwNDZkZTM3YjQzODQ2MjMyZDE0M2EyYjUyNDkxMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzirBpvH/+EoHIMxb7jpOlKRAqKib
APq1uZURhgSg92I9wTQ78D0JNbc1M1QhJUx4jq1CI0HEZqAvbBJvUKJagFRT/sBe
kHihQzKX3oF7sdtnkCuH1nmeCCOkdTuFmKFyookI3vMLIFfuoJrsPs6dQA6uO0BS
oyMgBeBBl7b5FlGif1sPKG1bE8oi3wF9k0ZsjpONA5ZJoYlllHzeWIliRjzerGhw
SpjbH6HlDrgJ+Zf+FZodoZS5ZEHC2dLYWl3Yke+v8Avh2rHNbjE+TsF36mC8sA8w
MURRFEZqMiByIz5rtRm/VDP6HCybuxojonlJfRLULCup3TbTSYHQYarEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCsekawRt43tDhGIy0UOitSSRETMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASc/BJU62
xRbXMPlDQ7ojc4cIUzoN2gmZa8bF6bgOxZ/UiyA8rWdUPGBoDy1dc4poAByMvGiR
KVhI5prG0K4gSqW/5dZ9MsuiMPRrGoX7n7s0mCydrYYh04wK8Gwloy7S7FY+UmL4
6TtXWFlk2ATWL+z+qynrjEP6fex2DDWJXK084G+Q8YWaUClxjQHGPoO2+rBD+N5L
yHNsyHbwdl4U5af95Yn2QDImlyyQjGZDrcryA0jU+oCrXKhfdyC8vFIrLs8JSrwg
6GvG7k/u6BcWrqCpmDvnxtU/ewuEIPIyNcl4v+6q63fUNLQW+rAxWom3hm06CDct
mKP0fOzuL2VMNQ==
-----END CERTIFICATE-----