Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          9xFHhVResqHM/t6VCXZBcvzy6sRmEHfXz7j9uL+E1gY=
Subject key identifier:   7E:EA:9B:99:2D:A9:04:31:64:82:49:ED:38:CF:71:51:E8:9D:8C:92
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       0197B6A19E04CFF093C6132B8E9C1DC36F10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          0204
Signing time:             Sat 28 Jun 2025 13:02:14 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:14 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:14 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: ZulogsgjzhtfTXp6UlLy4VwXXRCokgGKr21UpgQyDl0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:9e:04:cf:f0:93:c6:13:2b:8e:9c:1d:c3:6f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Jun 28 13:02:14 2025 GMT
            Not After : Jun 29 13:02:14 2025 GMT
        Subject: CN=7eea9b992da90431648249ed38cf7151e89d8c92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:29:4d:50:8f:0a:f4:95:74:3b:19:14:e6:63:
                    f3:83:78:4d:d5:79:d7:e7:b9:ef:6f:6e:45:3d:2c:
                    04:2d:30:62:c7:cb:cd:dc:8e:c4:0b:57:32:6b:0f:
                    64:0b:63:2f:ac:44:2c:e6:38:46:fd:90:8c:48:38:
                    11:68:1f:7c:2f:59:92:52:b5:4f:d2:40:98:25:79:
                    88:4c:3a:cc:88:8b:70:52:e4:e5:fa:dd:c7:9e:fb:
                    39:59:95:22:2c:95:e4:57:23:b4:dc:b2:c0:06:9f:
                    e3:cd:9d:6a:a0:61:ef:aa:c2:fa:03:a6:a2:9c:ea:
                    bb:65:fc:5d:86:bd:09:35:da:d6:e5:05:6c:e1:c1:
                    61:b5:4f:1b:26:e6:2f:f0:5c:49:00:98:2e:b1:d3:
                    df:bd:2f:0f:96:82:f6:1b:21:5a:49:6c:f7:9e:6d:
                    76:96:f9:5f:6c:0e:2d:8a:6d:8b:70:8d:84:5f:83:
                    fa:b8:3b:35:9c:2c:23:bb:6d:a2:19:e7:73:3a:9c:
                    ae:97:08:51:7d:ba:da:5a:f3:17:46:35:e5:81:78:
                    4d:6e:7f:63:cc:bb:dc:a2:3b:34:b0:d7:4d:13:72:
                    2a:fe:93:70:ca:bb:25:f8:a8:b5:53:aa:e8:d6:dd:
                    3d:cf:e9:34:39:2a:85:7a:ac:5c:b9:b8:4f:5b:19:
                    99:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EA:9B:99:2D:A9:04:31:64:82:49:ED:38:CF:71:51:E8:9D:8C:92
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:11:b9:e1:8c:f0:18:9b:2e:71:e2:f4:b0:5c:4d:a5:30:fb:
         8c:32:f4:9f:57:26:10:e0:b6:71:50:74:00:a9:e7:3c:15:10:
         a6:ea:00:89:29:f6:91:d2:6f:84:d4:76:45:b1:66:67:ad:40:
         13:35:20:06:25:7c:f9:0a:98:f7:c8:57:10:94:df:91:dc:3f:
         b5:23:65:11:d6:af:bf:e9:1c:37:66:f7:da:26:e4:26:65:a0:
         c6:00:5f:f7:56:48:bc:49:92:27:c1:d7:f6:f1:c9:ea:40:47:
         d3:10:2e:24:b8:62:5f:c0:71:2b:73:82:27:60:73:c1:a4:15:
         53:b9:a1:9b:e5:10:64:bf:1f:ec:2c:55:63:23:dc:cc:2f:ab:
         36:5b:c0:52:aa:45:dc:27:1d:33:87:a5:95:cb:3e:b0:c1:cb:
         bb:d3:cb:2a:91:92:fd:50:53:3f:d1:c3:b3:1a:51:b0:4d:42:
         65:34:43:e9:02:1c:3b:24:71:b0:d3:e5:74:9d:1b:ec:8c:b3:
         20:c2:3f:75:d8:90:3e:83:ec:c6:00:0c:ab:4a:c4:81:50:78:
         b0:c7:ce:1d:8f:2d:6d:76:d3:1f:a8:3b:82:67:e9:90:70:06:
         1c:76:90:9a:73:b5:fb:59:e6:03:d4:d4:33:e9:a9:b3:e5:08:
         bc:25:40:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZ4Ez/CTxhMrjpwdw28QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjUwNjI4MTMwMjE0WhcNMjUwNjI5MTMwMjE0WjAzMTEwLwYDVQQD
Eyg3ZWVhOWI5OTJkYTkwNDMxNjQ4MjQ5ZWQzOGNmNzE1MWU4OWQ4YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnylNUI8K9JV0OxkU5mPzg3hN1XnX
57nvb25FPSwELTBix8vN3I7EC1cyaw9kC2MvrEQs5jhG/ZCMSDgRaB98L1mSUrVP
0kCYJXmITDrMiItwUuTl+t3Hnvs5WZUiLJXkVyO03LLABp/jzZ1qoGHvqsL6A6ai
nOq7Zfxdhr0JNdrW5QVs4cFhtU8bJuYv8FxJAJgusdPfvS8PloL2GyFaSWz3nm12
lvlfbA4tim2LcI2EX4P6uDs1nCwju22iGedzOpyulwhRfbraWvMXRjXlgXhNbn9j
zLvcojs0sNdNE3Iq/pNwyrsl+Ki1U6ro1t09z+k0OSqFeqxcubhPWxmZWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7qm5ktqQQxZIJJ7TjPcVHonYySMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhG54Yzw
GJsuceL0sFxNpTD7jDL0n1cmEOC2cVB0AKnnPBUQpuoAiSn2kdJvhNR2RbFmZ61A
EzUgBiV8+QqY98hXEJTfkdw/tSNlEdavv+kcN2b32ibkJmWgxgBf91ZIvEmSJ8HX
9vHJ6kBH0xAuJLhiX8BxK3OCJ2BzwaQVU7mhm+UQZL8f7CxVYyPczC+rNlvAUqpF
3CcdM4ellcs+sMHLu9PLKpGS/VBTP9HDsxpRsE1CZTRD6QIcOyRxsNPldJ0b7Iyz
IMI/ddiQPoPsxgAMq0rEgVB4sMfOHY8tbXbTH6g7gmfpkHAGHHaQmnO1+1nmA9TU
M+mps+UIvCVAzw==
-----END CERTIFICATE-----