Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
File:                     fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft (raw, json)
Hash identifier:          XLhAaCn9TRyw69YCFeVv7obOU7ZTWI/oPOOgNHkfEhA=
Subject key identifier:   33:87:2B:A5:12:C2:7F:47:BE:97:51:00:37:7B:DA:87:B9:31:50:76
Authority key identifier: 7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71
Certificate issuer:       /CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
Certificate serial:       0197700814E377B4C97A30D392469413F45C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
Manifest number:          1520
Signing time:             Sat 14 Jun 2025 20:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 20:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 20:01:07 +0000
Files and hashes:         1: fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl (hash: RI5hGQ3oWIp9CktkC/42DZfSTqUYuqZZjM+Jsy0QuWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:08:14:e3:77:b4:c9:7a:30:d3:92:46:94:13:f4:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
        Validity
            Not Before: Jun 14 20:01:07 2025 GMT
            Not After : Jun 15 20:01:07 2025 GMT
        Subject: CN=33872ba512c27f47be975100377bda87b9315076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2d:dd:6a:fe:f2:7c:e9:1d:9c:12:ac:52:2b:
                    91:93:a8:cf:44:40:8a:7c:6c:34:11:bb:df:bf:3c:
                    db:47:9e:de:fa:f6:ed:10:27:d9:88:e5:98:46:fa:
                    e1:20:5f:45:3a:4d:a5:ea:bf:e2:c3:5e:ec:3c:9f:
                    2d:1e:36:26:41:a5:a3:83:98:51:fa:eb:c7:9a:a8:
                    21:cf:c6:07:76:b9:14:76:b9:ce:db:b7:30:67:d4:
                    c2:fa:a1:57:ab:24:a9:f8:4f:79:1a:a7:07:a3:19:
                    04:ac:59:fa:c5:1f:5b:b5:18:fb:27:80:83:3f:f8:
                    29:a3:eb:cf:ef:c2:cb:1a:f9:80:21:8a:28:e2:49:
                    10:47:3d:15:c8:09:05:a5:4e:33:c9:2e:5b:db:fb:
                    a1:b7:60:36:a3:95:ba:f9:27:c9:c5:44:45:a3:c4:
                    ac:6b:4a:ef:04:f5:a1:30:35:5f:07:ae:bf:7b:84:
                    c0:3b:bd:16:2f:c5:7c:ad:46:84:f1:2a:2b:44:55:
                    3c:c2:28:75:bc:51:55:26:c9:dc:d3:6f:44:49:88:
                    fd:8d:9f:97:d4:b2:4e:48:8c:d6:35:ea:7a:a8:0f:
                    f7:1a:99:e1:e6:7d:b7:d8:8b:b3:8a:90:1c:23:f1:
                    0e:b7:da:06:19:a0:7f:a9:18:db:94:a5:10:2a:9d:
                    fd:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:87:2B:A5:12:C2:7F:47:BE:97:51:00:37:7B:DA:87:B9:31:50:76
            X509v3 Authority Key Identifier:
                keyid:7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f4:24:58:f8:44:eb:83:c4:77:23:30:90:76:a4:0d:53:69:2e:
         52:c6:ca:e7:f0:bd:7e:59:d3:2e:61:30:dd:87:63:c2:4b:1f:
         56:60:42:35:38:b4:2d:f7:af:91:8b:02:dc:f3:6e:24:20:39:
         59:1e:25:7c:af:c9:9d:f2:6f:7e:2f:77:3f:6a:5c:a8:e8:64:
         d4:5f:74:eb:c1:09:28:22:b4:35:4f:82:53:9a:2c:55:b5:67:
         9a:22:15:7f:52:c1:17:d8:ed:cd:9a:f3:ae:aa:4a:38:3c:23:
         23:b7:67:1f:c3:cc:90:33:45:98:c0:78:94:8a:82:fb:12:63:
         ec:af:4a:d6:06:2d:8f:b3:da:a4:46:3f:48:08:67:50:1d:23:
         2a:72:58:ad:4e:04:f9:69:05:9e:71:94:1e:f9:e0:b2:00:b9:
         5a:0a:86:41:4c:68:26:7a:5a:ed:79:d2:cb:5f:12:96:59:a1:
         39:f3:be:3a:13:7d:a0:d2:68:e8:83:5a:a1:62:70:b0:47:68:
         e0:57:7c:3e:d8:68:75:07:da:ef:43:42:f9:ad:74:7d:31:9f:
         49:26:66:61:0d:77:dc:ca:f7:12:db:87:4d:e6:84:3d:a6:0d:
         54:9f:5b:61:c7:84:ee:c0:7c:11:56:fe:cd:ae:86:47:dc:ed:
         69:40:02:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwCBTjd7TJejDTkkaUE/RcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGJjYWJlYzQzNzlmMmQzYjk0MTg3NDEwZDJlNmUwMzFh
NzQxNzEwHhcNMjUwNjE0MjAwMTA3WhcNMjUwNjE1MjAwMTA3WjAzMTEwLwYDVQQD
EygzMzg3MmJhNTEyYzI3ZjQ3YmU5NzUxMDAzNzdiZGE4N2I5MzE1MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy3dav7yfOkdnBKsUiuRk6jPRECK
fGw0EbvfvzzbR57e+vbtECfZiOWYRvrhIF9FOk2l6r/iw17sPJ8tHjYmQaWjg5hR
+uvHmqghz8YHdrkUdrnO27cwZ9TC+qFXqySp+E95GqcHoxkErFn6xR9btRj7J4CD
P/gpo+vP78LLGvmAIYoo4kkQRz0VyAkFpU4zyS5b2/uht2A2o5W6+SfJxURFo8Ss
a0rvBPWhMDVfB66/e4TAO70WL8V8rUaE8SorRFU8wih1vFFVJsnc029ESYj9jZ+X
1LJOSIzWNep6qA/3Gpnh5n232IuzipAcI/EOt9oGGaB/qRjblKUQKp39HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOHK6USwn9HvpdRADd72oe5MVB2MB8GA1UdIwQY
MBaAFH0Lyr7EN58tO5QYdBDS5uAxp0FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjIt
OTcxNWNkNjk4ZTMyLzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjItOTcxNWNkNjk4ZTMy
LzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA9CRY+ETr
g8R3IzCQdqQNU2kuUsbK5/C9flnTLmEw3YdjwksfVmBCNTi0LfevkYsC3PNuJCA5
WR4lfK/JnfJvfi93P2pcqOhk1F9068EJKCK0NU+CU5osVbVnmiIVf1LBF9jtzZrz
rqpKODwjI7dnH8PMkDNFmMB4lIqC+xJj7K9K1gYtj7PapEY/SAhnUB0jKnJYrU4E
+WkFnnGUHvngsgC5WgqGQUxoJnpa7XnSy18SllmhOfO+OhN9oNJo6INaoWJwsEdo
4Fd8PthodQfa70NC+a10fTGfSSZmYQ133Mr3EtuHTeaEPaYNVJ9bYceE7sB8EVb+
za6GR9ztaUAChg==
-----END CERTIFICATE-----