Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File:                     clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier:          ytF8xhnGhkh0wFfuhLFkIJNuNWvJEfqPVtsvnV/UWiw=
Subject key identifier:   F7:A9:42:9F:3C:CB:D3:E0:96:1C:17:CA:E0:DF:39:EB:9E:99:2D:1D
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer:       /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial:       01976F9A2D4703BC35A24ED070D3224D7494
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number:          0868
Signing time:             Sat 14 Jun 2025 18:01:04 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:04 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:04 +0000
Files and hashes:         1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: usB3z45CEuFVNtNddK/MJetRZupUpCJ+HqxuxBrSSFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:2d:47:03:bc:35:a2:4e:d0:70:d3:22:4d:74:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
        Validity
            Not Before: Jun 14 18:01:04 2025 GMT
            Not After : Jun 15 18:01:04 2025 GMT
        Subject: CN=f7a9429f3ccbd3e0961c17cae0df39eb9e992d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:cb:86:7b:31:81:fa:77:42:01:e9:cb:a9:fb:
                    46:65:bd:e2:04:a0:a1:58:e4:74:3d:91:73:06:67:
                    65:df:4e:e8:89:95:08:aa:8a:6e:44:77:c7:05:69:
                    52:35:01:74:ae:be:26:95:ad:74:96:60:76:d5:21:
                    8d:2c:eb:20:e0:d5:ca:ba:1a:b2:dc:31:55:51:29:
                    b7:68:f4:39:f6:84:ea:77:c1:2f:61:fb:56:b8:f4:
                    9e:d0:ab:4a:e3:a9:98:e8:6d:f6:0a:46:4e:90:ae:
                    af:1d:70:ad:c2:c5:ae:fd:45:f2:cd:c0:ac:cf:65:
                    58:31:5c:6c:56:fe:18:af:7d:5a:44:67:9d:48:a6:
                    f9:cf:bc:0f:b4:cc:7d:67:ce:c5:1e:5f:46:31:28:
                    2c:53:2f:75:aa:93:22:68:98:a1:33:92:58:e9:fb:
                    9f:bf:a3:38:44:07:7f:e1:70:5b:7d:1c:30:7d:6a:
                    65:eb:f6:1e:e8:60:78:6e:81:c8:10:7a:ab:cd:05:
                    1e:88:64:ef:25:87:85:14:5c:b5:61:45:1f:f5:45:
                    51:c6:0e:3d:08:97:ca:79:00:4a:f4:a6:47:c9:14:
                    6e:79:f5:fe:93:71:e2:21:9b:6a:ab:bb:d5:09:3c:
                    c7:a2:b9:cc:c9:3f:c3:35:5e:83:47:dc:12:9f:9d:
                    ab:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:A9:42:9F:3C:CB:D3:E0:96:1C:17:CA:E0:DF:39:EB:9E:99:2D:1D
            X509v3 Authority Key Identifier:
                keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:0c:9b:9e:39:8d:24:08:29:96:9f:f7:bd:78:fe:bd:4a:67:
         a8:61:cf:88:74:ff:d6:c8:79:6e:c7:18:a3:f7:50:00:b4:9c:
         07:07:5a:b4:0e:cc:7f:0f:f2:06:ef:e8:da:fe:89:8e:0e:4d:
         02:30:38:f7:42:3d:b5:b4:19:db:d7:99:9c:f8:07:d1:79:57:
         1d:d7:f1:6e:da:98:3d:f3:6c:0b:db:b1:c2:60:a2:9b:d4:28:
         d3:a7:c6:84:e6:9f:b8:1f:10:54:8a:0c:40:0d:6e:a7:27:6d:
         a1:3b:6e:06:e7:22:b5:14:ca:bf:2c:71:33:cc:9d:de:5c:be:
         67:e6:f7:64:6b:2b:ff:a9:6e:80:0a:5d:55:f4:54:6f:b5:cf:
         32:bd:2d:92:3e:0e:e8:e8:c6:d5:ea:16:f7:d3:95:67:3f:d2:
         6d:12:24:dc:a7:2a:26:b9:92:f5:12:08:51:32:fc:66:54:c6:
         9e:e9:9c:c5:e8:7c:9a:7b:ef:ff:0b:a4:13:dd:51:a3:c1:0e:
         21:fd:5c:48:e3:2e:b4:1e:6d:af:ea:f0:af:24:16:e1:ad:54:
         59:b7:9a:a0:2e:4b:19:e1:2e:a5:57:70:90:f4:9d:5f:37:9d:
         67:d0:69:1a:2d:7c:e3:aa:11:04:7d:5c:dc:3d:fd:f8:64:fa:
         9a:36:6d:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmi1HA7w1ok7QcNMiTXSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjUwNjE0MTgwMTA0WhcNMjUwNjE1MTgwMTA0WjAzMTEwLwYDVQQD
EyhmN2E5NDI5ZjNjY2JkM2UwOTYxYzE3Y2FlMGRmMzllYjllOTkyZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsuGezGB+ndCAenLqftGZb3iBKCh
WOR0PZFzBmdl307oiZUIqopuRHfHBWlSNQF0rr4mla10lmB21SGNLOsg4NXKuhqy
3DFVUSm3aPQ59oTqd8EvYftWuPSe0KtK46mY6G32CkZOkK6vHXCtwsWu/UXyzcCs
z2VYMVxsVv4Yr31aRGedSKb5z7wPtMx9Z87FHl9GMSgsUy91qpMiaJihM5JY6fuf
v6M4RAd/4XBbfRwwfWpl6/Ye6GB4boHIEHqrzQUeiGTvJYeFFFy1YUUf9UVRxg49
CJfKeQBK9KZHyRRuefX+k3HiIZtqq7vVCTzHornMyT/DNV6DR9wSn52ruQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPepQp88y9PglhwXyuDfOeuemS0dMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAggybnjmN
JAgplp/3vXj+vUpnqGHPiHT/1sh5bscYo/dQALScBwdatA7Mfw/yBu/o2v6Jjg5N
AjA490I9tbQZ29eZnPgH0XlXHdfxbtqYPfNsC9uxwmCim9Qo06fGhOafuB8QVIoM
QA1upydtoTtuBucitRTKvyxxM8yd3ly+Z+b3ZGsr/6lugApdVfRUb7XPMr0tkj4O
6OjG1eoW99OVZz/SbRIk3KcqJrmS9RIIUTL8ZlTGnumcxeh8mnvv/wukE91Ro8EO
If1cSOMutB5tr+rwryQW4a1UWbeaoC5LGeEupVdwkPSdXzedZ9BpGi1846oRBH1c
3D39+GT6mjZtAQ==
-----END CERTIFICATE-----