Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
File:                     z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json)
Hash identifier:          0bHOlNp7gjIBj/G5DsUpsqoQRUofHnIbmb2SRzIJx7k=
Subject key identifier:   0B:C9:C9:B9:4A:6C:5E:3F:B4:88:83:30:9B:6E:14:75:D0:CE:8C:69
Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06
Certificate issuer:       /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
Certificate serial:       0197C501A3380FC55FB99A7959E0C80F0916
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
Manifest number:          045B
Signing time:             Tue 01 Jul 2025 08:01:48 +0000
Manifest this update:     Tue 01 Jul 2025 08:01:48 +0000
Manifest next update:     Wed 02 Jul 2025 08:01:48 +0000
Files and hashes:         1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: XqrYAcm/TcyfqEW/UXYh1Ja8tKXwe6B8njNUHmi2GKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 07:53:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c5:01:a3:38:0f:c5:5f:b9:9a:79:59:e0:c8:0f:09:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906
        Validity
            Not Before: Jul  1 08:01:48 2025 GMT
            Not After : Jul  2 08:01:48 2025 GMT
        Subject: CN=0bc9c9b94a6c5e3fb48883309b6e1475d0ce8c69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:04:40:e0:2c:59:21:99:c3:af:e0:a4:aa:90:
                    60:5f:af:76:22:df:ff:e6:4a:6a:8d:15:90:d7:e2:
                    cf:78:2b:10:9c:bd:a9:1e:38:64:7e:72:2d:d0:27:
                    0e:3a:56:09:db:3f:0c:ff:f9:8f:3d:54:a7:5e:6a:
                    76:eb:2c:48:41:00:98:77:df:80:5e:76:d3:2b:a0:
                    b8:52:be:75:7e:97:48:2b:ac:1e:53:78:90:16:2a:
                    db:3a:c6:a9:87:17:46:cd:22:f2:10:64:0d:a3:d9:
                    f8:bf:a2:50:a4:aa:25:9b:f3:cd:4f:7c:7c:13:7e:
                    ea:5e:ac:93:d1:da:8a:ac:3b:a3:0b:b5:1f:80:a8:
                    f9:92:d4:af:57:7c:04:0b:56:6b:c8:e3:d6:6b:16:
                    32:ed:15:68:37:c7:c1:04:f3:9f:dd:93:95:7d:b6:
                    ba:00:e7:8c:24:dd:a4:f7:92:4a:70:f9:18:cd:e1:
                    69:86:c6:a4:fa:eb:3d:ef:4d:2a:7f:d6:a1:a6:8c:
                    e4:cc:ba:2d:29:69:d1:2f:11:18:9f:a1:51:9f:30:
                    41:6b:9f:c7:46:7e:c6:41:7e:b1:87:cf:89:a1:f8:
                    ce:30:69:d8:4d:db:27:bd:5e:08:5e:7f:8e:ee:05:
                    c3:35:77:99:1f:49:d9:5e:e3:b3:b1:b8:99:e0:6f:
                    00:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:C9:C9:B9:4A:6C:5E:3F:B4:88:83:30:9B:6E:14:75:D0:CE:8C:69
            X509v3 Authority Key Identifier:
                keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ca:00:01:4d:b8:59:11:33:d2:95:ab:76:c9:07:61:28:f5:
         bd:3a:55:76:cb:85:f8:ae:32:77:ea:30:c6:e6:87:19:df:4a:
         cb:4f:0c:a9:43:c4:05:48:4b:b4:26:c1:f2:ac:59:54:e0:61:
         37:e2:59:2f:ec:f5:cc:7d:8f:fb:09:d9:62:95:c9:69:aa:23:
         11:d0:68:b6:3c:81:dd:e0:dd:b7:3a:f7:0d:97:54:99:bc:9f:
         c8:2f:7b:89:98:72:6d:24:31:45:86:63:54:15:63:d4:35:e4:
         35:dd:3e:7a:a9:04:88:bb:a1:1d:4c:b9:c3:95:4d:89:3e:66:
         4f:76:db:e3:57:ef:bd:d1:0c:ef:36:3f:6d:4b:38:28:65:3e:
         fa:5a:58:c8:83:8e:9c:c5:d2:7d:cc:2c:b4:9c:17:ba:77:da:
         85:ad:f7:8a:6c:3d:f5:be:9e:9d:9d:8e:2c:93:20:71:1e:f4:
         55:fb:a2:69:b3:3d:da:9b:79:70:58:42:93:00:a2:aa:9c:2d:
         b1:97:86:00:ad:6a:a3:a3:10:14:d1:6a:7c:5f:b3:3d:78:64:
         58:cb:6e:96:12:18:60:19:ae:11:24:39:cf:65:73:73:9b:2a:
         c1:ef:c4:28:16:42:d3:f9:6c:55:dd:09:2d:f6:37:95:3c:48:
         82:fb:eb:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfFAaM4D8VfuZp5WeDIDwkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl
MTk5MDYwHhcNMjUwNzAxMDgwMTQ4WhcNMjUwNzAyMDgwMTQ4WjAzMTEwLwYDVQQD
EygwYmM5YzliOTRhNmM1ZTNmYjQ4ODgzMzA5YjZlMTQ3NWQwY2U4YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQRA4CxZIZnDr+CkqpBgX692It//
5kpqjRWQ1+LPeCsQnL2pHjhkfnIt0CcOOlYJ2z8M//mPPVSnXmp26yxIQQCYd9+A
XnbTK6C4Ur51fpdIK6weU3iQFirbOsaphxdGzSLyEGQNo9n4v6JQpKolm/PNT3x8
E37qXqyT0dqKrDujC7UfgKj5ktSvV3wEC1ZryOPWaxYy7RVoN8fBBPOf3ZOVfba6
AOeMJN2k95JKcPkYzeFphsak+us9700qf9ahpozkzLotKWnRLxEYn6FRnzBBa5/H
Rn7GQX6xh8+JofjOMGnYTdsnvV4IXn+O7gXDNXeZH0nZXuOzsbiZ4G8ApQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvJyblKbF4/tIiDMJtuFHXQzoxpMB8GA1UdIwQY
MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt
ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm
LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADsoAAU24
WREz0pWrdskHYSj1vTpVdsuF+K4yd+owxuaHGd9Ky08MqUPEBUhLtCbB8qxZVOBh
N+JZL+z1zH2P+wnZYpXJaaojEdBotjyB3eDdtzr3DZdUmbyfyC97iZhybSQxRYZj
VBVj1DXkNd0+eqkEiLuhHUy5w5VNiT5mT3bb41fvvdEM7zY/bUs4KGU++lpYyIOO
nMXSfcwstJwXunfaha33imw99b6enZ2OLJMgcR70VfuiabM92pt5cFhCkwCiqpwt
sZeGAK1qo6MQFNFqfF+zPXhkWMtulhIYYBmuESQ5z2Vzc5sqwe/EKBZC0/lsVd0J
LfY3lTxIgvvrnw==
-----END CERTIFICATE-----