Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
File:                     H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json)
Hash identifier:          CI0sTBsS2PUVEIXjoVyXmF0hHBN60OmjhDNUbKhq69Y=
Subject key identifier:   83:90:41:81:F8:B4:92:0D:31:DC:74:29:BB:E7:15:E6:28:58:B3:76
Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2
Certificate issuer:       /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
Certificate serial:       01977309302EF44A102A952403B2DEE016BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
Manifest number:          0D07
Signing time:             Sun 15 Jun 2025 10:01:11 +0000
Manifest this update:     Sun 15 Jun 2025 10:01:11 +0000
Manifest next update:     Mon 16 Jun 2025 10:01:11 +0000
Files and hashes:         1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: NPOP/aJ8j053bgOKktI7wlw1UYUYluV+NkK6VFg6KFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:73:09:30:2e:f4:4a:10:2a:95:24:03:b2:de:e0:16:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2
        Validity
            Not Before: Jun 15 10:01:11 2025 GMT
            Not After : Jun 16 10:01:11 2025 GMT
        Subject: CN=83904181f8b4920d31dc7429bbe715e62858b376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:38:46:f1:18:21:af:e4:f7:a2:02:e2:78:f4:
                    47:31:e4:99:05:50:a4:10:f1:20:06:6d:23:2a:af:
                    b5:73:c1:21:77:3c:c9:b6:d8:54:21:2c:cb:64:88:
                    a3:e9:be:ab:0b:ea:22:56:0e:23:91:c0:ee:6b:b5:
                    cc:51:44:ff:c2:c9:34:87:91:33:ac:2c:d4:af:95:
                    a5:cb:22:43:99:11:1a:fb:6b:b9:13:d7:3a:17:90:
                    24:8f:34:9a:56:b6:64:16:0d:23:50:fb:f5:8e:77:
                    57:21:1b:cf:cf:84:e7:ef:40:9d:eb:e9:4d:7b:ff:
                    5f:9d:09:12:63:81:e5:d5:ac:ce:ef:49:e3:bd:96:
                    3c:17:e1:4c:85:18:f9:f0:f0:09:04:99:1e:c2:37:
                    78:30:2e:31:61:dd:ac:ae:8c:6d:37:cb:da:5b:05:
                    67:ae:ad:98:27:25:96:a0:5a:ac:15:6a:73:5c:3d:
                    9e:8b:ad:6f:42:49:74:8f:ab:26:67:f7:ed:fc:68:
                    2e:ae:f2:6f:e0:9c:78:8c:08:ac:b3:15:f2:e2:58:
                    6d:f6:88:7b:12:e1:a0:51:c8:40:4a:62:69:d2:f2:
                    78:6e:6b:eb:f4:6f:f7:50:a4:33:3b:51:af:95:c4:
                    05:3e:71:2c:f6:fe:1d:52:3e:3e:95:ef:c3:dc:02:
                    d9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:90:41:81:F8:B4:92:0D:31:DC:74:29:BB:E7:15:E6:28:58:B3:76
            X509v3 Authority Key Identifier:
                keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:fd:28:89:58:e3:b3:fe:75:af:10:05:fc:19:0e:67:6f:7e:
         e8:a4:33:21:35:75:86:97:46:3e:ef:3b:bf:cf:66:3c:66:e6:
         88:5c:d6:50:87:86:b2:ae:dc:14:ed:ca:fa:b1:b6:00:d6:30:
         f0:d7:6a:27:f0:e3:53:0c:81:cc:b8:32:c0:2f:88:57:07:e8:
         8b:ff:d8:e4:ea:ad:3b:c0:2a:c2:ef:d3:d0:56:4f:2f:b6:d4:
         e4:d1:22:5a:18:7e:e2:68:c3:d3:6c:d8:29:1f:83:09:eb:4d:
         10:6c:f5:6f:22:e9:2a:5c:2f:8d:7c:55:a6:ec:f6:29:37:52:
         19:13:39:1f:4a:96:dc:86:dd:46:b0:10:fc:1e:dd:be:5a:0a:
         b5:a1:8f:41:83:53:4d:20:47:88:4e:56:08:45:d9:de:42:a7:
         b5:f9:37:40:8e:17:a4:84:6e:b9:f4:ad:f1:c1:8e:80:e7:8f:
         9e:6b:dd:7e:72:c5:dd:d1:88:a7:88:47:08:eb:c2:54:2a:4c:
         82:e7:a0:1a:9b:f2:dd:ab:6a:d9:95:62:5a:af:8c:0d:79:8b:
         51:30:c6:b7:95:72:9a:e5:de:fc:4e:25:02:b7:be:b7:da:77:
         36:5a:9c:94:d9:ca:06:e1:18:d9:74:2c:1a:5e:8d:1e:39:90:
         77:a4:82:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdzCTAu9EoQKpUkA7Le4Ba/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi
NTYxZTIwHhcNMjUwNjE1MTAwMTExWhcNMjUwNjE2MTAwMTExWjAzMTEwLwYDVQQD
Eyg4MzkwNDE4MWY4YjQ5MjBkMzFkYzc0MjliYmU3MTVlNjI4NThiMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzhG8Rghr+T3ogLiePRHMeSZBVCk
EPEgBm0jKq+1c8EhdzzJtthUISzLZIij6b6rC+oiVg4jkcDua7XMUUT/wsk0h5Ez
rCzUr5WlyyJDmREa+2u5E9c6F5AkjzSaVrZkFg0jUPv1jndXIRvPz4Tn70Cd6+lN
e/9fnQkSY4Hl1azO70njvZY8F+FMhRj58PAJBJkewjd4MC4xYd2sroxtN8vaWwVn
rq2YJyWWoFqsFWpzXD2ei61vQkl0j6smZ/ft/GgurvJv4Jx4jAissxXy4lht9oh7
EuGgUchASmJp0vJ4bmvr9G/3UKQzO1GvlcQFPnEs9v4dUj4+le/D3ALZNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOQQYH4tJINMdx0KbvnFeYoWLN2MB8GA1UdIwQY
MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt
NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll
LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgv0oiVjj
s/51rxAF/BkOZ29+6KQzITV1hpdGPu87v89mPGbmiFzWUIeGsq7cFO3K+rG2ANYw
8NdqJ/DjUwyBzLgywC+IVwfoi//Y5OqtO8Aqwu/T0FZPL7bU5NEiWhh+4mjD02zY
KR+DCetNEGz1byLpKlwvjXxVpuz2KTdSGRM5H0qW3IbdRrAQ/B7dvloKtaGPQYNT
TSBHiE5WCEXZ3kKntfk3QI4XpIRuufSt8cGOgOePnmvdfnLF3dGIp4hHCOvCVCpM
guegGpvy3atq2ZViWq+MDXmLUTDGt5VymuXe/E4lAre+t9p3NlqclNnKBuEY2XQs
Gl6NHjmQd6SCVA==
-----END CERTIFICATE-----