Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          YkyBLVcvTfWHn4N2YU05WM7xk3zvhl/Mk4OU4BRJUo0=
Subject key identifier:   12:29:B0:6F:C8:22:FE:17:80:1A:89:0D:E4:1D:5D:4A:1D:F6:F4:81
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       0197B6A1128A6857C0262D87EED98A6D0A82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          07C3
Signing time:             Sat 28 Jun 2025 13:01:38 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:38 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:38 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: bPAjQlIi/Wex9ts4qIceMfI+o4D2c+hEE6jkso74DgI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:12:8a:68:57:c0:26:2d:87:ee:d9:8a:6d:0a:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Jun 28 13:01:38 2025 GMT
            Not After : Jun 29 13:01:38 2025 GMT
        Subject: CN=1229b06fc822fe17801a890de41d5d4a1df6f481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:21:02:8c:e8:85:db:6a:e5:7c:f7:56:f2:5f:
                    90:29:00:2c:5f:b0:e0:78:b9:ac:3f:ff:b8:49:bb:
                    8f:72:a3:89:83:d8:8e:e1:38:5f:e0:b6:a2:34:06:
                    03:b3:4b:d8:42:84:86:59:a8:1f:72:39:d7:7d:dd:
                    9b:85:00:10:1d:97:ac:59:67:23:a0:3c:13:62:84:
                    b4:e1:dd:b4:bf:60:d8:51:47:0a:bc:2c:cf:68:49:
                    a0:64:a8:ec:db:ad:7e:b7:e9:41:48:65:b2:39:68:
                    c5:b2:61:76:5a:8f:9c:31:b8:d0:3a:52:8d:10:79:
                    c8:55:6f:86:a7:51:f2:2b:fa:26:9a:83:14:41:85:
                    83:8c:c2:91:ba:a7:3b:52:25:aa:1b:a6:04:f8:8e:
                    f1:17:0d:70:99:c8:c6:e9:da:af:bc:04:41:62:00:
                    3d:03:d4:3a:5e:6a:56:f5:a1:a3:a1:26:b7:52:fa:
                    43:ee:1e:8f:e5:5a:cc:e8:87:c7:d9:0c:48:fb:e3:
                    65:a2:03:49:44:36:1a:f7:80:38:ea:fd:71:9a:12:
                    9d:06:56:39:64:d6:65:03:0b:bc:c0:5b:92:35:7b:
                    b9:4d:fd:92:cd:8c:45:02:1e:bd:67:ad:39:c4:7e:
                    6d:4c:4a:58:c9:ae:eb:d5:97:00:53:a5:41:01:27:
                    d5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:29:B0:6F:C8:22:FE:17:80:1A:89:0D:E4:1D:5D:4A:1D:F6:F4:81
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:61:6e:d4:ac:c3:57:57:88:cf:b1:4e:e8:ec:25:aa:2e:d8:
         37:67:f4:42:2e:90:41:66:b9:aa:80:10:d7:6d:96:32:72:9e:
         1f:3c:b1:3f:9b:b2:00:b6:1f:ab:3b:dd:87:48:8c:c4:50:13:
         51:2f:1e:24:f9:11:06:a9:66:f0:02:91:93:8d:a0:45:6d:ad:
         05:e6:88:4e:59:c2:1b:fa:69:f3:73:db:e5:16:09:f1:cd:12:
         50:14:e9:15:e1:24:53:33:70:fa:9d:8c:d1:6e:85:c6:58:4a:
         d9:2c:4a:f1:0c:98:3d:cf:41:02:ca:b5:58:41:4a:e5:c1:bb:
         0a:3b:bf:c7:ef:de:da:2f:a3:66:57:01:ce:9b:5e:95:4b:9a:
         28:81:c3:fc:1c:7f:24:30:02:58:3d:a3:8c:93:81:b2:0e:a8:
         f5:80:9d:d1:ed:25:b2:96:4e:f8:5c:87:07:c5:a5:9f:fd:03:
         91:1b:93:1b:fc:ee:71:57:49:ac:0c:9f:31:f1:60:80:75:7f:
         7c:a1:84:db:40:2b:34:32:10:bb:36:a0:f4:fc:06:e2:d2:16:
         6b:2e:b9:87:4b:59:4f:66:ae:67:17:52:a9:ba:82:f0:d5:fd:
         08:c8:1d:e6:86:30:e2:1c:0a:71:72:9d:66:b5:4b:cd:b5:d8:
         3b:2f:75:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oRKKaFfAJi2H7tmKbQqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjUwNjI4MTMwMTM4WhcNMjUwNjI5MTMwMTM4WjAzMTEwLwYDVQQD
EygxMjI5YjA2ZmM4MjJmZTE3ODAxYTg5MGRlNDFkNWQ0YTFkZjZmNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyECjOiF22rlfPdW8l+QKQAsX7Dg
eLmsP/+4SbuPcqOJg9iO4Thf4LaiNAYDs0vYQoSGWagfcjnXfd2bhQAQHZesWWcj
oDwTYoS04d20v2DYUUcKvCzPaEmgZKjs261+t+lBSGWyOWjFsmF2Wo+cMbjQOlKN
EHnIVW+Gp1HyK/ommoMUQYWDjMKRuqc7UiWqG6YE+I7xFw1wmcjG6dqvvARBYgA9
A9Q6XmpW9aGjoSa3UvpD7h6P5VrM6IfH2QxI++NlogNJRDYa94A46v1xmhKdBlY5
ZNZlAwu8wFuSNXu5Tf2SzYxFAh69Z605xH5tTEpYya7r1ZcAU6VBASfVvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIpsG/IIv4XgBqJDeQdXUod9vSBMB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEmFu1KzD
V1eIz7FO6Owlqi7YN2f0Qi6QQWa5qoAQ122WMnKeHzyxP5uyALYfqzvdh0iMxFAT
US8eJPkRBqlm8AKRk42gRW2tBeaITlnCG/pp83Pb5RYJ8c0SUBTpFeEkUzNw+p2M
0W6FxlhK2SxK8QyYPc9BAsq1WEFK5cG7Cju/x+/e2i+jZlcBzptelUuaKIHD/Bx/
JDACWD2jjJOBsg6o9YCd0e0lspZO+FyHB8Wln/0DkRuTG/zucVdJrAyfMfFggHV/
fKGE20ArNDIQuzag9PwG4tIWay65h0tZT2auZxdSqbqC8NX9CMgd5oYw4hwKcXKd
ZrVLzbXYOy91MQ==
-----END CERTIFICATE-----