Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
File:                     eYCaQAStlYNQpkbViavLPP3z7S4.mft (raw, json)
Hash identifier:          nNuJayw/SzyUafafE/bphwSjHe3Z0+oJMH2QfdVBvdI=
Subject key identifier:   27:9E:9D:48:18:DE:A0:D3:44:E1:0A:3A:98:62:CC:E5:CA:F1:D3:0E
Authority key identifier: 79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E
Certificate issuer:       /CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
Certificate serial:       0197B77CC8611C162BD32E31E7FF9FAE2E0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
Manifest number:          0738
Signing time:             Sat 28 Jun 2025 17:01:37 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:37 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:37 +0000
Files and hashes:         1: eYCaQAStlYNQpkbViavLPP3z7S4.crl (hash: Rq0RhFqGPcL/1LEy6kqKVOIjJZWLqz9WX8Hg49YV05s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:c8:61:1c:16:2b:d3:2e:31:e7:ff:9f:ae:2e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79809a4004ad958350a646d589abcb3cfdf3ed2e
        Validity
            Not Before: Jun 28 17:01:37 2025 GMT
            Not After : Jun 29 17:01:37 2025 GMT
        Subject: CN=279e9d4818dea0d344e10a3a9862cce5caf1d30e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ec:f5:21:47:b2:12:52:93:b5:b4:63:be:cf:
                    a2:31:60:81:0c:48:94:ef:b5:53:7a:12:22:c8:df:
                    90:c0:d1:a0:48:fa:1f:27:86:b0:13:63:ce:a1:43:
                    78:7d:bc:2e:6e:b1:dd:75:24:b3:62:74:97:7d:3f:
                    83:d8:f8:f6:95:e3:bd:97:49:a8:f3:c6:8e:fa:c4:
                    c0:21:43:95:86:68:49:3e:5a:34:ed:a7:b3:c8:e4:
                    c4:79:f7:91:11:47:8d:62:3a:3d:4e:a1:4b:94:1f:
                    c8:e8:74:2d:22:0e:43:7b:27:bf:0f:dd:08:09:46:
                    55:bc:3c:f2:19:b2:db:f3:41:e9:91:00:c2:37:95:
                    f9:c2:1c:d4:d5:92:32:9b:c3:fd:11:fe:72:27:0d:
                    4e:52:c6:ca:9a:6a:e2:60:12:ac:bc:4a:ed:db:64:
                    3c:44:77:c1:ff:49:87:bd:24:b9:42:1d:db:73:86:
                    a7:cd:01:09:c0:08:25:29:00:86:b3:58:b4:2a:3c:
                    00:da:02:f0:ac:2c:0f:fc:3f:12:3e:b1:01:65:dd:
                    a9:f9:b9:20:4a:64:63:67:9b:33:20:da:69:e9:fd:
                    70:03:e4:8a:fc:54:ca:2c:d5:d9:f4:a8:df:1c:25:
                    96:03:46:5c:34:da:3e:78:6b:77:b5:ff:e8:4d:30:
                    30:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:9E:9D:48:18:DE:A0:D3:44:E1:0A:3A:98:62:CC:E5:CA:F1:D3:0E
            X509v3 Authority Key Identifier:
                keyid:79:80:9A:40:04:AD:95:83:50:A6:46:D5:89:AB:CB:3C:FD:F3:ED:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYCaQAStlYNQpkbViavLPP3z7S4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/5b45f8-9a30-41d3-b611-d5aa6477efde/1/eYCaQAStlYNQpkbViavLPP3z7S4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:86:63:08:da:a8:43:1a:de:82:b8:ec:59:2d:ee:95:e9:34:
         19:b7:22:01:44:d5:88:c0:d4:dd:80:11:48:8c:38:dc:dd:55:
         60:d7:24:e5:e4:e7:b8:23:7d:48:7e:d9:f2:63:04:ab:0f:e2:
         be:ed:1a:26:ed:74:61:40:bb:06:2b:ae:69:a3:5b:fa:d2:96:
         d4:b4:0e:7e:c4:49:05:e3:bd:32:93:f0:f2:42:fa:83:e3:f7:
         70:e3:21:25:ef:42:ef:2e:4c:3c:4c:71:78:6c:bb:1f:5d:68:
         26:7c:f8:c7:08:4e:fd:ff:ab:92:50:f2:e3:ef:5e:46:f2:7f:
         bd:5c:f7:b3:a1:ca:38:ce:66:98:ec:da:0b:7a:39:1c:01:78:
         8a:bb:df:46:b2:25:d7:10:e6:b5:36:92:93:ba:3f:80:13:f2:
         97:f5:a9:c9:57:23:44:7e:d5:5f:44:14:a4:b2:3c:65:ad:2f:
         d4:67:3c:86:a1:10:31:4f:cd:3b:fe:a9:11:d5:25:78:d8:d1:
         17:e9:fe:f6:96:49:18:1a:89:ce:0d:71:fe:d5:c0:08:91:42:
         cd:59:1d:ba:41:27:a6:3f:b8:c5:36:e2:a8:61:93:6e:77:66:
         cd:2c:23:0a:e5:ac:11:8c:fa:9b:41:9d:89:6b:e9:e3:bc:9c:
         a4:65:3e:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fMhhHBYr0y4x5/+fri4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODA5YTQwMDRhZDk1ODM1MGE2NDZkNTg5YWJjYjNjZmRm
M2VkMmUwHhcNMjUwNjI4MTcwMTM3WhcNMjUwNjI5MTcwMTM3WjAzMTEwLwYDVQQD
EygyNzllOWQ0ODE4ZGVhMGQzNDRlMTBhM2E5ODYyY2NlNWNhZjFkMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+z1IUeyElKTtbRjvs+iMWCBDEiU
77VTehIiyN+QwNGgSPofJ4awE2POoUN4fbwubrHddSSzYnSXfT+D2Pj2leO9l0mo
88aO+sTAIUOVhmhJPlo07aezyOTEefeREUeNYjo9TqFLlB/I6HQtIg5Deye/D90I
CUZVvDzyGbLb80HpkQDCN5X5whzU1ZIym8P9Ef5yJw1OUsbKmmriYBKsvErt22Q8
RHfB/0mHvSS5Qh3bc4anzQEJwAglKQCGs1i0KjwA2gLwrCwP/D8SPrEBZd2p+bkg
SmRjZ5szINpp6f1wA+SK/FTKLNXZ9KjfHCWWA0ZcNNo+eGt3tf/oTTAwnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeenUgY3qDTROEKOphizOXK8dMOMB8GA1UdIwQY
MBaAFHmAmkAErZWDUKZG1Ymryzz98+0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEt
ZDVhYTY0NzdlZmRlLzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81YjQ1ZjgtOWEzMC00MWQzLWI2MTEtZDVhYTY0NzdlZmRl
LzEvZVlDYVFBU3RsWU5RcGtiVmlhdkxQUDN6N1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4ZjCNqo
QxregrjsWS3ulek0GbciAUTViMDU3YARSIw43N1VYNck5eTnuCN9SH7Z8mMEqw/i
vu0aJu10YUC7BiuuaaNb+tKW1LQOfsRJBeO9MpPw8kL6g+P3cOMhJe9C7y5MPExx
eGy7H11oJnz4xwhO/f+rklDy4+9eRvJ/vVz3s6HKOM5mmOzaC3o5HAF4irvfRrIl
1xDmtTaSk7o/gBPyl/WpyVcjRH7VX0QUpLI8Za0v1Gc8hqEQMU/NO/6pEdUleNjR
F+n+9pZJGBqJzg1x/tXACJFCzVkdukEnpj+4xTbiqGGTbndmzSwjCuWsEYz6m0Gd
iWvp47ycpGU+Mg==
-----END CERTIFICATE-----