Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          dSwW6CfaiRsfqKmDqZOHWzjwQ4YsGGVqtHiDtY0P1+A=
Subject key identifier:   78:6F:84:26:4F:52:2E:17:36:FF:B2:00:77:7D:07:19:1B:00:2F:58
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       0197B8902057139E637283116FD3DAE77E5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          0F1C
Signing time:             Sat 28 Jun 2025 22:02:22 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:22 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:22 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: R088lQZRheLBa46+MF9mRUJFzruaSyMMxeeqIzztw0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:20:57:13:9e:63:72:83:11:6f:d3:da:e7:7e:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Jun 28 22:02:22 2025 GMT
            Not After : Jun 29 22:02:22 2025 GMT
        Subject: CN=786f84264f522e1736ffb200777d07191b002f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:14:b2:43:3d:19:b5:22:58:55:a5:7b:be:ab:
                    16:be:3d:95:31:cf:2f:1d:37:7e:38:c4:f3:07:85:
                    63:3a:35:e7:a8:8a:9f:f4:52:00:84:a2:a0:6f:b0:
                    89:97:09:7d:a9:c7:4f:df:9b:b6:d6:0f:e7:8c:2e:
                    77:33:d5:c4:23:4c:1a:0f:54:a2:6b:ff:4e:e4:39:
                    e5:fb:02:77:bf:30:b9:f4:3e:90:f5:fc:84:e2:18:
                    46:7a:e6:62:fb:f2:7b:c0:0e:a9:60:d2:01:d0:7a:
                    9f:b9:ad:26:14:65:77:d9:34:9c:44:5e:a4:59:bc:
                    ba:23:8f:75:57:5a:d9:e8:19:88:f2:fa:02:b5:a6:
                    a9:ea:97:43:a8:2d:cc:ef:af:15:67:8b:c0:a4:9b:
                    44:d7:b7:e7:ae:b4:85:eb:53:54:e4:8e:87:68:cb:
                    75:aa:01:bc:9d:08:64:77:73:2a:81:95:70:8f:0e:
                    23:bd:27:70:59:66:8a:a6:7f:5b:91:79:9d:3f:2c:
                    3a:f3:ef:9c:03:11:81:0b:36:d4:e4:a0:89:7b:08:
                    b6:3d:cc:64:86:bd:36:e5:11:a1:93:e3:c2:d6:83:
                    61:55:d3:3e:ec:47:e2:e9:63:4b:e5:82:fa:d6:7f:
                    24:2e:e0:49:34:e0:b6:6f:89:74:bb:79:21:54:2a:
                    11:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:6F:84:26:4F:52:2E:17:36:FF:B2:00:77:7D:07:19:1B:00:2F:58
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:28:08:b5:8b:b0:9a:76:fa:83:0d:34:cb:77:1b:a5:1d:ba:
         0f:ce:ef:9e:ec:5e:04:e1:4e:be:29:72:e0:08:d2:66:aa:d3:
         3e:35:1e:7a:50:06:d6:a5:53:25:ec:93:60:dc:8d:28:84:00:
         b6:5b:2b:9a:f6:1e:e0:e7:11:2e:4f:45:18:45:7f:55:37:b5:
         56:ef:7a:80:a6:b9:21:99:b2:8b:07:90:4b:00:42:73:52:78:
         8a:0f:f2:2c:ea:7b:b3:c6:bf:32:18:c6:24:31:df:e9:4e:b1:
         dd:35:33:c0:2f:47:a6:9c:2a:6e:e8:97:12:81:ef:8e:d3:a3:
         63:0d:ea:40:85:a9:87:ad:52:c9:4f:99:74:13:51:4d:a7:cd:
         52:3d:ac:27:74:51:c3:eb:ed:a2:cc:21:74:6e:d6:f2:ff:48:
         a5:91:04:d4:e1:ba:2e:b8:60:14:8d:b8:74:18:d4:fc:df:b3:
         60:ec:2e:ce:52:2c:34:46:04:c6:2f:a7:ae:36:e6:f6:94:dd:
         fb:01:31:85:40:38:16:2d:d8:3b:48:5d:8f:58:88:9b:40:09:
         72:e9:2f:63:ee:9d:da:99:ec:d3:ae:f7:c1:37:1d:84:22:93:
         0a:93:37:7c:58:81:c6:fd:f3:a2:b4:ea:89:cb:09:bb:94:4e:
         75:58:42:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kCBXE55jcoMRb9Pa535eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjUwNjI4MjIwMjIyWhcNMjUwNjI5MjIwMjIyWjAzMTEwLwYDVQQD
Eyg3ODZmODQyNjRmNTIyZTE3MzZmZmIyMDA3NzdkMDcxOTFiMDAyZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBSyQz0ZtSJYVaV7vqsWvj2VMc8v
HTd+OMTzB4VjOjXnqIqf9FIAhKKgb7CJlwl9qcdP35u21g/njC53M9XEI0waD1Si
a/9O5Dnl+wJ3vzC59D6Q9fyE4hhGeuZi+/J7wA6pYNIB0Hqfua0mFGV32TScRF6k
Wby6I491V1rZ6BmI8voCtaap6pdDqC3M768VZ4vApJtE17fnrrSF61NU5I6HaMt1
qgG8nQhkd3MqgZVwjw4jvSdwWWaKpn9bkXmdPyw68++cAxGBCzbU5KCJewi2Pcxk
hr025RGhk+PC1oNhVdM+7Efi6WNL5YL61n8kLuBJNOC2b4l0u3khVCoRUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhvhCZPUi4XNv+yAHd9BxkbAC9YMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwygItYuw
mnb6gw00y3cbpR26D87vnuxeBOFOvily4AjSZqrTPjUeelAG1qVTJeyTYNyNKIQA
tlsrmvYe4OcRLk9FGEV/VTe1Vu96gKa5IZmyiweQSwBCc1J4ig/yLOp7s8a/MhjG
JDHf6U6x3TUzwC9HppwqbuiXEoHvjtOjYw3qQIWph61SyU+ZdBNRTafNUj2sJ3RR
w+vtoswhdG7W8v9IpZEE1OG6LrhgFI24dBjU/N+zYOwuzlIsNEYExi+nrjbm9pTd
+wExhUA4Fi3YO0hdj1iIm0AJcukvY+6d2pns0673wTcdhCKTCpM3fFiBxv3zorTq
icsJu5ROdVhC2Q==
-----END CERTIFICATE-----