Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
File:                     D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft (raw, json)
Hash identifier:          RI0JVCEfSvYwFd05Plz80TIj4oUECgU3o19THIJNzgU=
Subject key identifier:   25:1B:30:CC:9F:5A:41:AD:FE:F4:E7:D4:B0:A8:EB:02:E5:DA:D6:6E
Authority key identifier: 0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3
Certificate issuer:       /CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
Certificate serial:       0197B77C5BCB5045F9A87044C885FCD9CC6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
Manifest number:          0710
Signing time:             Sat 28 Jun 2025 17:01:09 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:09 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:09 +0000
Files and hashes:         1: D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl (hash: MgaStekvq3F6CvDZpy/AS4aymu55ZLMWfoHPxTQ/XAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:5b:cb:50:45:f9:a8:70:44:c8:85:fc:d9:cc:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
        Validity
            Not Before: Jun 28 17:01:09 2025 GMT
            Not After : Jun 29 17:01:09 2025 GMT
        Subject: CN=251b30cc9f5a41adfef4e7d4b0a8eb02e5dad66e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:65:97:7a:4f:c0:ba:87:4a:7c:d9:2b:1d:8d:
                    0f:c5:23:0f:8e:45:69:7a:dd:8b:c2:f4:53:bd:c5:
                    0f:ca:c4:9e:e2:ca:e5:01:7c:19:6a:c2:cd:dc:12:
                    70:27:61:d6:34:c2:bc:c3:d9:71:57:dc:05:08:4d:
                    a5:c9:b6:e6:43:bb:e0:52:12:e5:8b:5c:91:14:bd:
                    92:a4:34:dc:41:5b:a8:f0:fe:8d:c3:fb:37:5e:2a:
                    63:b7:b6:eb:58:c6:21:58:a1:14:7c:71:59:c6:a8:
                    61:e9:82:41:e2:78:64:86:d4:c8:8e:2c:31:f5:c3:
                    33:b7:95:3e:30:e2:79:c1:17:15:f9:ca:bd:5f:72:
                    1a:53:00:44:91:a8:0f:bb:1b:96:21:8b:e6:2f:1c:
                    be:14:b4:46:93:2a:96:27:8c:fd:f3:c9:5d:e8:0e:
                    d7:87:51:83:59:b3:eb:e4:40:b3:2f:d7:53:f6:a0:
                    c8:eb:15:1f:16:ba:6e:4a:98:82:72:e3:23:03:48:
                    33:e8:c2:a3:0c:02:b7:6f:ed:c8:31:ff:24:3d:5a:
                    04:52:65:bf:15:82:ee:03:88:79:12:5a:6b:48:98:
                    8d:eb:11:6e:ba:bf:9e:07:fb:46:b4:3e:fb:53:9f:
                    26:eb:fe:4e:22:2e:41:7e:b0:33:d4:c4:76:06:51:
                    80:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:1B:30:CC:9F:5A:41:AD:FE:F4:E7:D4:B0:A8:EB:02:E5:DA:D6:6E
            X509v3 Authority Key Identifier:
                keyid:0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:90:e5:e6:49:fc:a0:0c:08:e8:29:d0:9d:08:55:46:08:a2:
         57:cc:b4:aa:3f:a1:76:da:3a:6a:7b:ef:d7:a2:29:bf:f2:91:
         9d:2c:e0:e6:46:9b:70:4f:b8:ab:05:99:57:6c:e7:88:5a:dc:
         56:16:c1:a4:d2:a2:7c:d7:c0:ab:aa:3a:9e:14:4b:59:c3:59:
         e0:48:2f:19:f9:9d:e6:ac:5c:8e:0d:3a:de:29:22:cc:a0:c1:
         a8:3a:0d:ec:44:7c:e5:18:d0:28:60:71:86:bf:1d:85:13:1d:
         ef:15:9f:31:39:92:76:08:21:d9:e9:bb:7c:a7:81:40:0d:6e:
         25:42:89:8d:b8:09:4a:e6:1a:c3:64:44:d5:25:0b:0d:18:e2:
         ca:e3:7d:d7:b3:b7:7f:c1:8e:1b:9d:ab:9a:63:97:d3:07:cd:
         fe:15:b8:a2:a0:62:65:6d:b6:6c:f9:5e:54:7a:1d:89:71:d9:
         12:30:b8:04:ba:c9:c9:d4:9b:78:71:56:19:15:8a:79:84:9c:
         01:b0:4c:f3:ed:bd:87:be:7e:ce:3f:5a:14:4e:23:a3:c1:db:
         e9:d9:d8:d9:1e:ab:7a:df:5c:ed:6c:e0:4f:b8:ed:da:63:71:
         20:94:57:93:28:e0:ec:17:26:55:00:91:e0:48:96:0b:cb:6d:
         e1:fa:05:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fFvLUEX5qHBEyIX82cxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYjdmMWZkODc2OGUyMTE2MzU0MmFmY2Y1NWE4M2M2OTgw
MjE1YTMwHhcNMjUwNjI4MTcwMTA5WhcNMjUwNjI5MTcwMTA5WjAzMTEwLwYDVQQD
EygyNTFiMzBjYzlmNWE0MWFkZmVmNGU3ZDRiMGE4ZWIwMmU1ZGFkNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumWXek/AuodKfNkrHY0PxSMPjkVp
et2LwvRTvcUPysSe4srlAXwZasLN3BJwJ2HWNMK8w9lxV9wFCE2lybbmQ7vgUhLl
i1yRFL2SpDTcQVuo8P6Nw/s3Xipjt7brWMYhWKEUfHFZxqhh6YJB4nhkhtTIjiwx
9cMzt5U+MOJ5wRcV+cq9X3IaUwBEkagPuxuWIYvmLxy+FLRGkyqWJ4z988ld6A7X
h1GDWbPr5ECzL9dT9qDI6xUfFrpuSpiCcuMjA0gz6MKjDAK3b+3IMf8kPVoEUmW/
FYLuA4h5ElprSJiN6xFuur+eB/tGtD77U58m6/5OIi5BfrAz1MR2BlGAtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUbMMyfWkGt/vTn1LCo6wLl2tZuMB8GA1UdIwQY
MBaAFA+38f2HaOIRY1Qq/PVag8aYAhWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAt
YTBlMjhkY2ZmZmM3LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAtYTBlMjhkY2ZmZmM3
LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmJDl5kn8
oAwI6CnQnQhVRgiiV8y0qj+hdto6anvv16Ipv/KRnSzg5kabcE+4qwWZV2zniFrc
VhbBpNKifNfAq6o6nhRLWcNZ4EgvGfmd5qxcjg063ikizKDBqDoN7ER85RjQKGBx
hr8dhRMd7xWfMTmSdggh2em7fKeBQA1uJUKJjbgJSuYaw2RE1SULDRjiyuN917O3
f8GOG52rmmOX0wfN/hW4oqBiZW22bPleVHodiXHZEjC4BLrJydSbeHFWGRWKeYSc
AbBM8+29h75+zj9aFE4jo8Hb6dnY2R6ret9c7WzgT7jt2mNxIJRXkyjg7BcmVQCR
4EiWC8tt4foFKA==
-----END CERTIFICATE-----