Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
File:                     D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft (raw, json)
Hash identifier:          CMEWMQMaGkRDiRbG+swKaaRCd+f19Vzbr0DFiRM3Vlc=
Subject key identifier:   7B:EC:25:E2:4C:DC:FE:9C:67:4A:F0:6E:8B:69:82:00:CB:EC:4A:CB
Authority key identifier: 0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3
Certificate issuer:       /CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
Certificate serial:       01969F75B117B1D5E2975AF18BBA4C26327F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
Manifest number:          067F
Signing time:             Mon 05 May 2025 08:00:12 +0000
Manifest this update:     Mon 05 May 2025 08:00:12 +0000
Manifest next update:     Tue 06 May 2025 08:00:12 +0000
Files and hashes:         1: D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl (hash: 10zh513IMBAxxF+V4e8t0RjvjsUo247avV/xTUPT6ag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:9f:75:b1:17:b1:d5:e2:97:5a:f1:8b:ba:4c:26:32:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
        Validity
            Not Before: May  5 08:00:12 2025 GMT
            Not After : May  6 08:00:12 2025 GMT
        Subject: CN=7bec25e24cdcfe9c674af06e8b698200cbec4acb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:5c:41:59:72:69:bd:62:7f:f4:29:b6:a3:ed:
                    9e:02:1b:ac:e0:01:99:af:ff:db:08:91:1c:83:cc:
                    e0:b3:3a:3c:d7:e0:95:5d:da:a5:73:68:33:81:57:
                    bd:6c:68:6b:41:75:9e:67:9f:be:74:99:d8:66:db:
                    bb:c5:8c:ae:0b:4c:67:01:db:8f:82:81:ee:22:51:
                    3c:85:de:b0:cb:be:53:1e:81:2d:b6:89:c6:71:63:
                    5c:93:36:1d:82:4c:54:f7:67:d1:d0:67:5a:25:49:
                    b2:1f:68:ca:07:fe:9b:85:69:71:c4:f8:96:26:88:
                    53:7f:19:fe:f6:8e:5e:2d:e8:31:e1:d4:56:b0:2c:
                    4f:56:9d:13:a3:fc:84:4a:30:0f:8b:77:88:3d:59:
                    0b:75:1f:1c:18:d9:b9:cd:7a:37:d6:82:7e:06:9a:
                    1c:e4:24:dd:b9:d7:67:78:ff:7d:48:1b:a6:df:34:
                    8a:0a:15:f6:69:c7:2a:f2:34:67:97:74:83:35:05:
                    05:10:5f:a6:93:68:65:23:56:88:77:95:a9:ba:fc:
                    95:65:9e:9e:3a:12:6d:04:e9:e1:63:57:52:cd:12:
                    72:95:7f:54:34:b8:33:4c:a2:91:5f:f8:88:5d:10:
                    ad:89:a1:59:29:53:af:b7:ed:e7:4e:c8:a8:f9:16:
                    98:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EC:25:E2:4C:DC:FE:9C:67:4A:F0:6E:8B:69:82:00:CB:EC:4A:CB
            X509v3 Authority Key Identifier:
                keyid:0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:a1:14:19:c1:c3:5f:d7:a1:d9:71:72:35:e8:1d:d4:39:a4:
         62:70:e3:74:0d:52:ee:32:23:9b:4b:67:89:5d:08:6d:ff:98:
         5b:e9:de:81:62:aa:92:d9:a8:e0:d5:0e:27:fc:5c:cd:a5:8a:
         4c:5a:53:df:17:5b:e2:93:0b:43:8f:5d:1c:69:ea:c6:2b:b8:
         96:fc:05:ce:4b:b2:93:f0:6e:56:19:56:b6:b4:b3:88:75:1f:
         cb:a0:24:c5:4b:41:8f:66:cc:69:32:f4:46:39:f2:d2:64:d3:
         03:46:2a:90:dd:a0:91:e6:f4:04:e4:56:66:41:24:65:d1:a0:
         12:c9:df:ad:4a:7e:08:b9:48:43:a6:79:fa:3a:66:07:8a:37:
         fd:af:fb:a0:16:2b:dd:3d:72:dd:6b:9f:ed:ff:91:06:cc:24:
         6b:3b:d3:11:da:04:51:c0:64:e1:53:31:9d:f9:e6:52:c4:b5:
         a6:79:bf:8d:bf:e1:36:ca:46:a8:5f:8a:85:76:90:93:a1:f6:
         04:ea:c4:39:29:47:67:a6:2d:ff:3c:ca:4c:3e:c5:1a:72:d3:
         36:e7:03:87:69:41:2f:f6:c7:38:23:ec:bf:a1:1c:cf:63:5f:
         86:d2:4a:96:4b:5c:ab:65:25:00:df:f2:42:e8:74:06:5f:08:
         82:99:6f:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZafdbEXsdXil1rxi7pMJjJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYjdmMWZkODc2OGUyMTE2MzU0MmFmY2Y1NWE4M2M2OTgw
MjE1YTMwHhcNMjUwNTA1MDgwMDEyWhcNMjUwNTA2MDgwMDEyWjAzMTEwLwYDVQQD
Eyg3YmVjMjVlMjRjZGNmZTljNjc0YWYwNmU4YjY5ODIwMGNiZWM0YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlxBWXJpvWJ/9Cm2o+2eAhus4AGZ
r//bCJEcg8zgszo81+CVXdqlc2gzgVe9bGhrQXWeZ5++dJnYZtu7xYyuC0xnAduP
goHuIlE8hd6wy75THoEttonGcWNckzYdgkxU92fR0GdaJUmyH2jKB/6bhWlxxPiW
JohTfxn+9o5eLegx4dRWsCxPVp0To/yESjAPi3eIPVkLdR8cGNm5zXo31oJ+Bpoc
5CTduddneP99SBum3zSKChX2accq8jRnl3SDNQUFEF+mk2hlI1aId5WpuvyVZZ6e
OhJtBOnhY1dSzRJylX9UNLgzTKKRX/iIXRCtiaFZKVOvt+3nTsio+RaYEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvsJeJM3P6cZ0rwbotpggDL7ErLMB8GA1UdIwQY
MBaAFA+38f2HaOIRY1Qq/PVag8aYAhWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAt
YTBlMjhkY2ZmZmM3LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAtYTBlMjhkY2ZmZmM3
LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjaEUGcHD
X9eh2XFyNegd1DmkYnDjdA1S7jIjm0tniV0Ibf+YW+negWKqktmo4NUOJ/xczaWK
TFpT3xdb4pMLQ49dHGnqxiu4lvwFzkuyk/BuVhlWtrSziHUfy6AkxUtBj2bMaTL0
Rjny0mTTA0YqkN2gkeb0BORWZkEkZdGgEsnfrUp+CLlIQ6Z5+jpmB4o3/a/7oBYr
3T1y3Wuf7f+RBswkazvTEdoEUcBk4VMxnfnmUsS1pnm/jb/hNspGqF+KhXaQk6H2
BOrEOSlHZ6Yt/zzKTD7FGnLTNucDh2lBL/bHOCPsv6Ecz2NfhtJKlktcq2UlAN/y
Quh0Bl8Igplvyg==
-----END CERTIFICATE-----