Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
File:                     v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft (raw, json)
Hash identifier:          GI5jaeSohPkaaVRT8uiqixgtU0Y6kQf/MqdeYBXdeas=
Subject key identifier:   8B:D6:6E:00:49:A9:1D:1C:FC:F4:CD:EA:B0:A1:8E:9D:AA:E1:62:19
Authority key identifier: BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD
Certificate issuer:       /CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
Certificate serial:       0197C312D15D32704C3DCE99FBB971BEB8ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
Manifest number:          0284
Signing time:             Mon 30 Jun 2025 23:01:19 +0000
Manifest this update:     Mon 30 Jun 2025 23:01:19 +0000
Manifest next update:     Tue 01 Jul 2025 23:01:19 +0000
Files and hashes:         1: v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl (hash: hlAk2Yf+ZHDfm3n+GLb1haUFsGSeNzkJ+Djhu6mNWYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c3:12:d1:5d:32:70:4c:3d:ce:99:fb:b9:71:be:b8:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
        Validity
            Not Before: Jun 30 23:01:19 2025 GMT
            Not After : Jul  1 23:01:19 2025 GMT
        Subject: CN=8bd66e0049a91d1cfcf4cdeab0a18e9daae16219
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:66:01:9e:10:d1:50:ea:85:4e:11:9a:77:e3:
                    31:dc:64:ef:bd:d1:c4:45:22:36:93:ed:b6:17:fb:
                    7e:d3:8b:7b:fe:7d:c0:6b:1f:fc:ff:45:c0:4f:6c:
                    ad:c4:39:14:dc:65:e5:97:f1:af:5f:55:ee:b2:2a:
                    cc:d7:a6:2f:99:44:41:c7:fa:2b:36:89:85:33:16:
                    77:df:6d:5b:e8:45:77:7d:32:ee:70:1c:1a:80:ab:
                    54:7c:41:33:34:cc:fe:18:02:dd:37:a6:2f:d6:4d:
                    06:bb:46:7a:e4:34:9a:45:67:a0:f3:36:f5:cf:7b:
                    3d:15:be:ea:b7:5f:d9:cf:24:d5:e0:15:ed:3c:4e:
                    2b:50:73:d6:53:c0:02:10:d3:30:ad:67:ae:dc:00:
                    89:fd:ee:a6:6c:d6:de:0f:a9:00:2f:ea:a8:b7:93:
                    46:ec:57:a4:51:e1:3a:39:00:4d:d4:44:c1:20:83:
                    ad:ec:ef:d8:c9:22:ba:12:3b:15:d9:bc:7b:33:af:
                    90:2c:e4:e7:dc:4b:78:54:57:1c:00:90:27:b0:1c:
                    6c:fe:ee:f9:6d:e6:71:90:d6:52:eb:fa:20:7b:bb:
                    7b:65:e5:34:50:18:de:22:83:81:9a:94:74:a3:16:
                    c1:71:eb:73:1a:b1:97:e3:a9:4b:39:68:66:20:3f:
                    5a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D6:6E:00:49:A9:1D:1C:FC:F4:CD:EA:B0:A1:8E:9D:AA:E1:62:19
            X509v3 Authority Key Identifier:
                keyid:BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:1c:ad:02:20:e0:1d:ba:f6:28:d9:08:3c:26:7b:15:c9:75:
         4a:a2:67:17:64:02:81:49:44:76:2e:b2:a3:05:e7:b8:db:7b:
         06:7d:46:28:75:6b:f6:db:75:cb:44:58:07:3e:68:71:d4:ce:
         67:92:e2:08:31:3a:40:1b:69:f2:20:9f:a7:90:d5:11:bf:5e:
         25:4e:3a:84:7d:69:2d:21:4d:87:b8:cc:11:d8:7c:4d:c1:c8:
         83:d2:54:af:e5:dc:7e:39:c6:01:0a:9e:3e:88:72:29:2e:e0:
         b5:70:ca:b2:0c:d7:38:cc:5d:18:0b:09:5b:01:45:9c:15:4d:
         81:8b:7a:1b:23:f3:ab:21:48:68:69:64:af:61:ef:b5:54:75:
         a2:d2:85:9f:34:cb:17:d4:af:8d:ce:f1:73:01:b7:b3:2f:bb:
         bd:82:2b:4c:28:e4:a0:73:c8:d6:ac:54:8a:23:37:3d:5e:07:
         d7:c7:99:63:99:01:0c:2b:3d:fe:41:69:69:58:8e:42:a5:2a:
         43:14:0b:e6:79:69:62:cc:3c:88:66:05:3e:af:af:59:a9:9f:
         6a:c2:fe:ef:5a:51:7a:3e:44:f8:e8:c5:f6:5d:18:02:54:0b:
         96:18:2e:c3:61:2e:4d:75:d9:cc:af:5a:2b:36:7c:ed:2a:08:
         a1:6a:05:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfDEtFdMnBMPc6Z+7lxvrjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmM4YTg2NjhmNTBmZGFmNDk0ZjUyOGEyY2FhZmQwMmI3
YzMxYWQwHhcNMjUwNjMwMjMwMTE5WhcNMjUwNzAxMjMwMTE5WjAzMTEwLwYDVQQD
Eyg4YmQ2NmUwMDQ5YTkxZDFjZmNmNGNkZWFiMGExOGU5ZGFhZTE2MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWYBnhDRUOqFThGad+Mx3GTvvdHE
RSI2k+22F/t+04t7/n3Aax/8/0XAT2ytxDkU3GXll/GvX1XusirM16YvmURBx/or
NomFMxZ3321b6EV3fTLucBwagKtUfEEzNMz+GALdN6Yv1k0Gu0Z65DSaRWeg8zb1
z3s9Fb7qt1/ZzyTV4BXtPE4rUHPWU8ACENMwrWeu3ACJ/e6mbNbeD6kAL+qot5NG
7FekUeE6OQBN1ETBIIOt7O/YySK6EjsV2bx7M6+QLOTn3Et4VFccAJAnsBxs/u75
beZxkNZS6/oge7t7ZeU0UBjeIoOBmpR0oxbBcetzGrGX46lLOWhmID9a5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvWbgBJqR0c/PTN6rChjp2q4WIZMB8GA1UdIwQY
MBaAFL+8ioZo9Q/a9JT1KKLKr9ArfDGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjIt
ZGE2MTk5YjgyZjExLzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjItZGE2MTk5YjgyZjEx
LzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVxytAiDg
Hbr2KNkIPCZ7Fcl1SqJnF2QCgUlEdi6yowXnuNt7Bn1GKHVr9tt1y0RYBz5ocdTO
Z5LiCDE6QBtp8iCfp5DVEb9eJU46hH1pLSFNh7jMEdh8TcHIg9JUr+XcfjnGAQqe
PohyKS7gtXDKsgzXOMxdGAsJWwFFnBVNgYt6GyPzqyFIaGlkr2HvtVR1otKFnzTL
F9Svjc7xcwG3sy+7vYIrTCjkoHPI1qxUiiM3PV4H18eZY5kBDCs9/kFpaViOQqUq
QxQL5nlpYsw8iGYFPq+vWamfasL+71pRej5E+OjF9l0YAlQLlhguw2EuTXXZzK9a
KzZ87SoIoWoF8A==
-----END CERTIFICATE-----