Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          7kGj/C7kSlw7MwZ/arOb0jhJkGC5ZD4RniHdWdCBmVo=
Subject key identifier:   B3:B7:1F:12:E7:58:B7:8B:8C:B3:EA:DA:D2:E3:25:D2:2F:F9:19:80
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       0197B6A1DDB38AF87AE1D9F1A7A1E2EBF934
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          0531
Signing time:             Sat 28 Jun 2025 13:02:30 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:30 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:30 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: bl7tA89Dr952ej/JqtjKjtKRVREqZaWTPwIvUo6CeNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:dd:b3:8a:f8:7a:e1:d9:f1:a7:a1:e2:eb:f9:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Jun 28 13:02:30 2025 GMT
            Not After : Jun 29 13:02:30 2025 GMT
        Subject: CN=b3b71f12e758b78b8cb3eadad2e325d22ff91980
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:8b:85:35:01:8c:c9:21:9d:72:91:45:6d:68:
                    c6:c9:65:dc:ff:a8:92:b6:9a:70:fe:d8:a9:90:5b:
                    5a:c1:3c:c7:a8:25:d2:8c:47:72:88:64:67:56:fe:
                    a1:c9:21:56:e4:ba:d3:65:67:26:45:a9:6a:a2:62:
                    71:a6:cf:bb:ae:1a:f0:1d:da:e8:cf:1b:69:64:5a:
                    05:d2:0e:ac:05:7b:b6:1c:d5:9f:42:65:36:36:f5:
                    87:87:38:39:7c:03:ff:00:af:64:29:0d:d7:ef:cf:
                    ad:5c:9e:1c:11:77:91:c3:e0:fe:c2:6a:a6:33:94:
                    b2:72:16:3e:3a:af:a3:c8:98:fd:23:90:bc:fd:c0:
                    ca:8b:b5:1a:60:c2:b1:cf:09:c4:8a:2e:06:4e:e8:
                    d4:29:dd:fc:ab:ce:fa:0e:60:27:c4:f3:95:6e:ee:
                    9f:fa:69:f7:b2:33:83:11:de:e4:7f:a7:21:15:88:
                    4c:43:8e:14:43:08:90:52:a5:12:13:48:82:c0:e1:
                    0d:fd:0b:be:18:74:17:03:16:b2:03:37:20:7c:97:
                    22:a9:ee:17:74:3e:ae:47:d4:9e:85:c1:a4:e5:74:
                    cc:d7:3c:05:51:8d:95:1f:62:70:b3:98:cd:55:01:
                    26:6f:55:0d:66:68:07:d1:d3:15:25:d0:3a:97:cf:
                    7d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:B7:1F:12:E7:58:B7:8B:8C:B3:EA:DA:D2:E3:25:D2:2F:F9:19:80
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:86:7e:58:21:0b:be:c8:33:27:44:cd:47:34:93:56:aa:79:
         96:6d:46:97:2d:f5:91:bd:1b:07:52:44:71:00:37:d8:96:07:
         a8:f7:04:e1:c1:3a:b9:3c:3f:88:1e:9d:91:4e:ae:77:8f:0d:
         9c:32:53:83:60:35:23:20:a2:4d:a9:4c:35:09:50:e1:30:de:
         e7:71:a9:64:0d:ea:46:1b:06:54:26:0c:b4:5e:d8:b3:81:aa:
         b2:ae:e9:64:ba:f5:d7:d9:80:a0:9e:12:76:8a:f9:12:88:39:
         5b:50:d4:ce:f2:b3:3c:cb:01:a0:dd:f8:aa:89:bc:8e:07:cc:
         15:25:e8:86:d0:29:8b:c3:8c:37:ee:2f:6c:92:83:f7:c5:ef:
         e3:47:5c:ff:c6:cd:0b:05:b2:a2:da:a6:55:6b:7b:e6:f4:b6:
         e8:74:b5:25:c3:20:7e:b7:5b:aa:03:55:f1:36:82:b6:9c:60:
         75:f1:14:72:0e:72:9a:a9:16:d9:2e:51:6c:fa:d5:ae:e1:e2:
         cd:62:f2:3f:ea:e4:fe:13:7a:88:a8:d2:6a:60:8b:a1:df:a1:
         2d:f9:ad:54:12:ab:30:19:ed:65:ba:74:96:de:85:ce:9d:97:
         51:58:02:ba:da:f7:4f:89:8d:b4:69:57:7f:e8:fe:f8:70:cc:
         ba:7b:2c:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2od2zivh64dnxp6Hi6/k0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjUwNjI4MTMwMjMwWhcNMjUwNjI5MTMwMjMwWjAzMTEwLwYDVQQD
EyhiM2I3MWYxMmU3NThiNzhiOGNiM2VhZGFkMmUzMjVkMjJmZjkxOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IuFNQGMySGdcpFFbWjGyWXc/6iS
tppw/tipkFtawTzHqCXSjEdyiGRnVv6hySFW5LrTZWcmRalqomJxps+7rhrwHdro
zxtpZFoF0g6sBXu2HNWfQmU2NvWHhzg5fAP/AK9kKQ3X78+tXJ4cEXeRw+D+wmqm
M5SychY+Oq+jyJj9I5C8/cDKi7UaYMKxzwnEii4GTujUKd38q876DmAnxPOVbu6f
+mn3sjODEd7kf6chFYhMQ44UQwiQUqUSE0iCwOEN/Qu+GHQXAxayAzcgfJciqe4X
dD6uR9SehcGk5XTM1zwFUY2VH2Jws5jNVQEmb1UNZmgH0dMVJdA6l899YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLO3HxLnWLeLjLPq2tLjJdIv+RmAMB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv4Z+WCEL
vsgzJ0TNRzSTVqp5lm1Gly31kb0bB1JEcQA32JYHqPcE4cE6uTw/iB6dkU6ud48N
nDJTg2A1IyCiTalMNQlQ4TDe53GpZA3qRhsGVCYMtF7Ys4Gqsq7pZLr119mAoJ4S
dor5Eog5W1DUzvKzPMsBoN34qom8jgfMFSXohtApi8OMN+4vbJKD98Xv40dc/8bN
CwWyotqmVWt75vS26HS1JcMgfrdbqgNV8TaCtpxgdfEUcg5ymqkW2S5RbPrVruHi
zWLyP+rk/hN6iKjSamCLod+hLfmtVBKrMBntZbp0lt6Fzp2XUVgCutr3T4mNtGlX
f+j++HDMunsssQ==
-----END CERTIFICATE-----