Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          /8JgEucZ5nIzMuDIbbJmBSKowrjCuRpCAOqSMAICiM8=
Subject key identifier:   28:F9:23:4B:B9:E2:A9:79:33:8D:2F:33:E5:0D:4D:BE:C2:69:F0:89
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       0197B70E5486FC323FF35D381DFCFD0A3ECB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0A9A
Signing time:             Sat 28 Jun 2025 15:00:58 +0000
Manifest this update:     Sat 28 Jun 2025 15:00:58 +0000
Manifest next update:     Sun 29 Jun 2025 15:00:58 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: RPcVbShbkdjto6QHqSqydQVxayetP4+DKlROVXa9qRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:54:86:fc:32:3f:f3:5d:38:1d:fc:fd:0a:3e:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Jun 28 15:00:58 2025 GMT
            Not After : Jun 29 15:00:58 2025 GMT
        Subject: CN=28f9234bb9e2a979338d2f33e50d4dbec269f089
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6e:07:64:57:a8:69:6a:2d:59:73:95:f0:60:
                    4a:c0:8e:2d:5d:84:18:48:8d:46:bb:ee:32:cc:08:
                    84:03:65:e0:be:57:da:a8:75:6a:72:91:48:60:cb:
                    fb:84:b7:bd:03:74:06:3f:93:e8:13:48:45:68:58:
                    7c:a3:d6:82:22:97:f8:62:6d:35:a6:a1:9f:82:b5:
                    62:f1:84:c2:77:ab:f1:8a:0a:80:e8:dc:b7:34:42:
                    4d:2d:e4:f7:03:9f:23:f6:0d:8b:fa:55:89:6b:d8:
                    d1:a9:c0:e2:b3:01:f7:2e:01:bf:fe:1a:9f:d9:eb:
                    18:72:2c:4b:23:5f:19:96:bd:dc:e6:d1:1a:19:9d:
                    5f:16:a2:db:63:df:70:95:c9:c0:d7:20:a3:d0:f5:
                    b7:b5:39:0f:cd:41:8c:2c:d9:e3:73:b0:53:08:d3:
                    61:e4:c2:33:57:26:b7:ed:8d:85:6c:1a:64:92:85:
                    85:ab:b0:1b:21:f1:4b:0a:0a:cc:6f:f6:bb:ce:9a:
                    f8:ab:fd:a2:bc:9e:5f:c1:4a:10:ff:f0:57:c2:5f:
                    d5:db:f0:54:db:b2:20:2b:77:46:f2:39:f0:ba:14:
                    8f:9d:27:c9:5b:d7:5f:d6:ea:83:91:d1:11:c5:94:
                    e5:12:10:58:5f:7e:60:ad:79:c1:8b:fc:ec:c3:7c:
                    bb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F9:23:4B:B9:E2:A9:79:33:8D:2F:33:E5:0D:4D:BE:C2:69:F0:89
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:01:c9:08:c0:4d:4e:4b:07:53:7b:20:7b:6c:b7:c5:c2:17:
         f7:db:5a:d9:80:64:aa:7a:3c:14:a2:be:0d:27:ae:6f:3c:1d:
         a3:e5:80:e9:23:36:61:ad:88:5a:74:65:90:13:64:54:be:e1:
         20:0f:05:e8:46:b1:9a:e7:e2:c9:a1:bb:ab:bb:01:79:ef:a2:
         4e:6e:84:61:5d:ce:92:f5:5b:4b:95:a7:56:56:fc:e1:e1:f1:
         2c:c8:7b:8d:89:2d:13:a3:13:7e:2d:a1:72:a4:ac:3d:93:52:
         1c:69:05:32:3f:d1:79:42:3b:dc:72:52:aa:f3:60:2b:2f:2a:
         a3:1d:db:90:0a:49:72:0f:18:56:5c:61:26:83:65:7c:b0:f4:
         fe:67:83:a3:3c:35:18:0f:09:7e:3b:24:d5:46:f7:68:c6:93:
         34:6b:56:a1:24:93:25:30:d4:f1:ab:82:12:92:b2:f2:7e:0e:
         b4:41:33:cf:ec:88:b1:17:1d:67:fd:15:d1:3e:5e:a9:d3:65:
         b9:aa:49:f9:d9:32:5f:6d:df:60:ee:d5:1b:a4:a8:62:7a:d5:
         0f:8f:1d:79:49:d3:94:05:b6:71:7c:63:6c:d9:0a:ac:ca:72:
         f8:68:b2:94:43:26:8d:b9:8a:65:83:4c:94:af:33:d9:bf:c8:
         e2:4e:e0:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlSG/DI/8104Hfz9Cj7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUwNjI4MTUwMDU4WhcNMjUwNjI5MTUwMDU4WjAzMTEwLwYDVQQD
EygyOGY5MjM0YmI5ZTJhOTc5MzM4ZDJmMzNlNTBkNGRiZWMyNjlmMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG4HZFeoaWotWXOV8GBKwI4tXYQY
SI1Gu+4yzAiEA2XgvlfaqHVqcpFIYMv7hLe9A3QGP5PoE0hFaFh8o9aCIpf4Ym01
pqGfgrVi8YTCd6vxigqA6Ny3NEJNLeT3A58j9g2L+lWJa9jRqcDiswH3LgG//hqf
2esYcixLI18Zlr3c5tEaGZ1fFqLbY99wlcnA1yCj0PW3tTkPzUGMLNnjc7BTCNNh
5MIzVya37Y2FbBpkkoWFq7AbIfFLCgrMb/a7zpr4q/2ivJ5fwUoQ//BXwl/V2/BU
27IgK3dG8jnwuhSPnSfJW9df1uqDkdERxZTlEhBYX35grXnBi/zsw3y7jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCj5I0u54ql5M40vM+UNTb7CafCJMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoQHJCMBN
TksHU3sge2y3xcIX99ta2YBkqno8FKK+DSeubzwdo+WA6SM2Ya2IWnRlkBNkVL7h
IA8F6EaxmufiyaG7q7sBee+iTm6EYV3OkvVbS5WnVlb84eHxLMh7jYktE6MTfi2h
cqSsPZNSHGkFMj/ReUI73HJSqvNgKy8qox3bkApJcg8YVlxhJoNlfLD0/meDozw1
GA8Jfjsk1Ub3aMaTNGtWoSSTJTDU8auCEpKy8n4OtEEzz+yIsRcdZ/0V0T5eqdNl
uapJ+dkyX23fYO7VG6SoYnrVD48deUnTlAW2cXxjbNkKrMpy+GiylEMmjbmKZYNM
lK8z2b/I4k7g9Q==
-----END CERTIFICATE-----