Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
File:                     JAy7mUeWHigo2EdLysoem5FVZWA.mft (raw, json)
Hash identifier:          CwQ1V8qRQL63gyAAjvIjSr1qLTP/jbMHH1WgRDISRwE=
Subject key identifier:   0A:7D:7C:4D:F1:EE:2C:0B:92:99:06:B6:A7:76:1B:10:BA:60:53:23
Authority key identifier: 24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60
Certificate issuer:       /CN=240cbb9947961e2828d8474bcaca1e9b91556560
Certificate serial:       0197B7B2E3883CF153AC2691252561B59633
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
Manifest number:          12F1
Signing time:             Sat 28 Jun 2025 18:00:43 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:43 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:43 +0000
Files and hashes:         1: JAy7mUeWHigo2EdLysoem5FVZWA.crl (hash: 7oMKzSbBTC8kAvlZrlYMr9dMA1f98jX0VwzoxRV+LyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b2:e3:88:3c:f1:53:ac:26:91:25:25:61:b5:96:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=240cbb9947961e2828d8474bcaca1e9b91556560
        Validity
            Not Before: Jun 28 18:00:43 2025 GMT
            Not After : Jun 29 18:00:43 2025 GMT
        Subject: CN=0a7d7c4df1ee2c0b929906b6a7761b10ba605323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b5:b6:c9:d8:61:76:c1:49:59:de:08:b7:a3:
                    bf:1f:f0:f6:fc:96:e8:e0:37:6f:84:64:49:8f:76:
                    27:ac:e8:d2:bd:93:23:7b:9b:28:1f:91:0e:4f:0c:
                    db:60:07:f9:97:d7:9a:60:e2:48:99:76:e6:3b:0a:
                    7d:22:64:e0:c9:0e:47:03:75:d6:ad:ef:7a:79:38:
                    35:ae:36:65:13:32:ac:85:da:94:7f:04:9f:d3:65:
                    d2:62:db:89:66:5b:b0:67:d8:ab:b6:24:75:36:8c:
                    27:f3:cb:75:ed:5f:40:a3:5f:e8:97:59:bb:35:df:
                    8f:65:53:54:ff:51:0a:3f:8f:47:6d:01:93:b0:7c:
                    80:af:9b:e2:cf:00:7c:f8:11:59:3b:3c:e7:9b:f4:
                    45:ba:85:b6:bc:d9:66:b1:13:b0:9a:73:ae:bd:3e:
                    a4:bc:ef:7b:a5:1e:ff:3c:92:28:38:38:be:0a:53:
                    a9:64:53:89:01:43:56:1a:27:a8:dc:92:45:10:94:
                    11:e8:78:07:ec:63:40:48:2d:c2:72:82:96:97:c1:
                    bb:bc:b5:7a:ed:af:ea:66:75:7c:7b:ec:9a:f1:94:
                    66:ac:4d:00:82:3b:38:dc:20:48:86:7d:fa:14:db:
                    00:00:e3:98:45:31:2b:59:74:61:03:3f:aa:fc:57:
                    ca:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7D:7C:4D:F1:EE:2C:0B:92:99:06:B6:A7:76:1B:10:BA:60:53:23
            X509v3 Authority Key Identifier:
                keyid:24:0C:BB:99:47:96:1E:28:28:D8:47:4B:CA:CA:1E:9B:91:55:65:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JAy7mUeWHigo2EdLysoem5FVZWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/95df81-fc9e-4c5f-bb43-ffb028f0a02f/1/JAy7mUeWHigo2EdLysoem5FVZWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:b3:59:7b:50:de:5d:77:19:6d:5d:99:63:2c:d1:58:21:e7:
         50:dd:16:4c:1e:16:32:8c:3e:6d:58:c6:e9:4b:a9:0b:0e:50:
         f9:3c:fb:30:b9:ea:cd:49:30:8e:53:05:44:ae:98:ce:9b:f2:
         be:4d:ff:bb:86:89:28:8e:95:35:3d:33:52:81:a9:f0:d2:0e:
         6a:26:ac:fb:f2:1e:04:df:17:0d:3d:0a:5e:eb:1d:d8:19:ab:
         53:c8:ce:06:c4:aa:f1:9d:1f:6a:a0:ff:6d:af:f8:82:ad:76:
         33:b1:27:17:7a:82:99:51:73:05:cf:37:bf:23:f3:24:9f:9b:
         28:0d:c3:2a:8b:55:2a:46:16:ed:19:39:4e:e7:a3:7c:ce:3a:
         3c:c4:5b:19:2e:f2:62:f0:49:a6:2d:6f:82:83:02:7c:1e:2b:
         a2:ea:91:7c:bf:44:61:9e:51:55:8a:ba:17:4d:da:a6:31:bc:
         58:a8:cc:74:84:91:d3:0a:d2:5d:39:3c:1f:d8:fb:7a:d2:2c:
         b5:bf:03:76:b2:c6:3c:46:b6:53:e2:93:98:41:68:db:02:91:
         fb:bd:77:fb:28:dc:82:d3:2e:c0:1c:fa:47:79:91:36:41:3f:
         63:d6:10:a7:3c:46:71:31:cb:49:73:87:41:96:f7:62:90:c7:
         de:62:d5:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3suOIPPFTrCaRJSVhtZYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MGNiYjk5NDc5NjFlMjgyOGQ4NDc0YmNhY2ExZTliOTE1
NTY1NjAwHhcNMjUwNjI4MTgwMDQzWhcNMjUwNjI5MTgwMDQzWjAzMTEwLwYDVQQD
EygwYTdkN2M0ZGYxZWUyYzBiOTI5OTA2YjZhNzc2MWIxMGJhNjA1MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07W2ydhhdsFJWd4It6O/H/D2/Jbo
4DdvhGRJj3YnrOjSvZMje5soH5EOTwzbYAf5l9eaYOJImXbmOwp9ImTgyQ5HA3XW
re96eTg1rjZlEzKshdqUfwSf02XSYtuJZluwZ9irtiR1Nown88t17V9Ao1/ol1m7
Nd+PZVNU/1EKP49HbQGTsHyAr5vizwB8+BFZOzznm/RFuoW2vNlmsROwmnOuvT6k
vO97pR7/PJIoODi+ClOpZFOJAUNWGieo3JJFEJQR6HgH7GNASC3CcoKWl8G7vLV6
7a/qZnV8e+ya8ZRmrE0Agjs43CBIhn36FNsAAOOYRTErWXRhAz+q/FfK9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAp9fE3x7iwLkpkGtqd2GxC6YFMjMB8GA1UdIwQY
MBaAFCQMu5lHlh4oKNhHS8rKHpuRVWVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMt
ZmZiMDI4ZjBhMDJmLzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85NWRmODEtZmM5ZS00YzVmLWJiNDMtZmZiMDI4ZjBhMDJm
LzEvSkF5N21VZVdIaWdvMkVkTHlzb2VtNUZWWldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALrNZe1De
XXcZbV2ZYyzRWCHnUN0WTB4WMow+bVjG6UupCw5Q+Tz7MLnqzUkwjlMFRK6Yzpvy
vk3/u4aJKI6VNT0zUoGp8NIOaias+/IeBN8XDT0KXusd2BmrU8jOBsSq8Z0faqD/
ba/4gq12M7EnF3qCmVFzBc83vyPzJJ+bKA3DKotVKkYW7Rk5TuejfM46PMRbGS7y
YvBJpi1vgoMCfB4rouqRfL9EYZ5RVYq6F03apjG8WKjMdISR0wrSXTk8H9j7etIs
tb8DdrLGPEa2U+KTmEFo2wKR+713+yjcgtMuwBz6R3mRNkE/Y9YQpzxGcTHLSXOH
QZb3YpDH3mLVKQ==
-----END CERTIFICATE-----