Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          unPyJD6eNSFV8R4AIOhEmmxBssS47O4cMnjYAicVzhc=
Subject key identifier:   9D:64:46:2E:54:9F:FB:A1:5A:F1:EC:74:DF:71:23:E7:F3:8C:E9:45
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       01989F3AC06B94CAACAE3BBA8AF74F5617AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0D0D
Signing time:             Tue 12 Aug 2025 17:01:24 +0000
Manifest this update:     Tue 12 Aug 2025 17:01:24 +0000
Manifest next update:     Wed 13 Aug 2025 17:01:24 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: oA6Epk4udM9aefpMx2h+/howIVzb+R/eknHLBAe7YUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:c0:6b:94:ca:ac:ae:3b:ba:8a:f7:4f:56:17:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Aug 12 17:01:24 2025 GMT
            Not After : Aug 13 17:01:24 2025 GMT
        Subject: CN=9d64462e549ffba15af1ec74df7123e7f38ce945
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:74:5a:98:dc:81:e8:af:42:c9:4d:dc:b2:09:
                    00:bb:a2:b2:44:5b:1a:4e:0a:6a:80:bf:a9:be:1e:
                    0d:d0:16:19:47:e4:97:82:e6:fd:01:25:f5:41:87:
                    fa:67:c5:cb:83:c3:15:5e:4b:16:9f:04:04:60:ae:
                    cd:ec:ba:c1:d8:fd:cc:82:a1:f5:5c:b4:e9:a3:90:
                    b3:c9:1a:3f:aa:b9:65:fd:8b:73:7d:23:2c:ba:ab:
                    06:43:cb:25:91:19:55:08:3d:67:15:3f:6d:7a:25:
                    ba:ef:bf:51:f7:d4:42:a6:b5:d0:1d:9b:f9:45:c2:
                    b3:d7:c7:43:a7:53:df:c6:cc:2a:9f:f1:6d:09:a6:
                    b2:53:fe:db:1b:db:6b:d5:72:17:5d:76:74:0f:2a:
                    17:18:81:7f:cb:73:9a:90:3e:0e:47:01:36:c2:77:
                    0d:e8:a6:9d:51:4f:36:e9:44:2f:6e:b1:73:a2:9b:
                    83:41:7f:22:5f:19:96:55:18:1b:d5:73:d4:c6:97:
                    16:c9:3f:ed:b6:ce:8e:33:14:ee:18:38:a3:f4:a5:
                    b1:7b:8e:43:fc:97:75:75:e8:55:83:62:0e:86:1d:
                    03:07:41:78:22:76:2e:7e:8a:a7:fe:59:7b:8b:4d:
                    a0:52:f6:6f:6a:2d:22:40:c4:80:11:9e:ca:4a:07:
                    6f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:64:46:2E:54:9F:FB:A1:5A:F1:EC:74:DF:71:23:E7:F3:8C:E9:45
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:d1:5d:8e:cb:63:ea:9a:2b:f2:de:1d:00:3e:57:00:2a:89:
         c0:c4:fa:15:f4:8e:6e:85:6a:3f:9d:f0:0b:99:4f:0f:fb:7d:
         8e:62:e0:9a:1f:48:83:24:03:7a:3c:3b:d7:07:a4:d0:6a:89:
         0e:9f:73:ea:0d:c4:f2:8a:06:aa:6d:a0:73:a3:47:4d:04:97:
         cd:4a:89:a8:16:a4:64:4f:90:65:34:3a:9f:89:8f:00:30:3c:
         73:41:da:32:4e:4b:1f:d8:52:a2:8a:5c:88:53:cf:53:55:58:
         14:fc:20:4f:2b:ab:cd:39:17:8f:7a:f8:70:22:a6:e2:5c:8c:
         13:1f:e9:41:ee:cc:e8:ba:cc:45:40:04:28:50:64:48:ed:1f:
         7b:7b:50:84:bf:db:ec:05:d4:aa:20:5c:12:14:55:56:54:06:
         e4:29:02:b4:f4:7b:43:76:f8:37:77:e2:33:00:97:75:c2:44:
         64:81:63:cc:f5:5e:f4:9a:c8:7c:1e:03:c4:29:4b:9e:eb:b3:
         ef:49:70:76:82:34:bc:03:ec:f4:b1:17:b7:9c:82:b0:50:42:
         72:b9:62:82:fd:b5:38:83:25:71:9f:f4:51:6a:d7:7b:da:74:
         e0:49:41:d8:b0:27:64:d7:63:84:d4:f5:cd:b5:ed:95:c3:1c:
         45:c3:f9:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOsBrlMqsrju6ivdPVhevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjUwODEyMTcwMTI0WhcNMjUwODEzMTcwMTI0WjAzMTEwLwYDVQQD
Eyg5ZDY0NDYyZTU0OWZmYmExNWFmMWVjNzRkZjcxMjNlN2YzOGNlOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHRamNyB6K9CyU3csgkAu6KyRFsa
TgpqgL+pvh4N0BYZR+SXgub9ASX1QYf6Z8XLg8MVXksWnwQEYK7N7LrB2P3MgqH1
XLTpo5CzyRo/qrll/YtzfSMsuqsGQ8slkRlVCD1nFT9teiW6779R99RCprXQHZv5
RcKz18dDp1Pfxswqn/FtCaayU/7bG9tr1XIXXXZ0DyoXGIF/y3OakD4ORwE2wncN
6KadUU826UQvbrFzopuDQX8iXxmWVRgb1XPUxpcWyT/tts6OMxTuGDij9KWxe45D
/Jd1dehVg2IOhh0DB0F4InYufoqn/ll7i02gUvZvai0iQMSAEZ7KSgdvhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1kRi5Un/uhWvHsdN9xI+fzjOlFMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPNFdjstj
6por8t4dAD5XACqJwMT6FfSOboVqP53wC5lPD/t9jmLgmh9IgyQDejw71wek0GqJ
Dp9z6g3E8ooGqm2gc6NHTQSXzUqJqBakZE+QZTQ6n4mPADA8c0HaMk5LH9hSoopc
iFPPU1VYFPwgTyurzTkXj3r4cCKm4lyMEx/pQe7M6LrMRUAEKFBkSO0fe3tQhL/b
7AXUqiBcEhRVVlQG5CkCtPR7Q3b4N3fiMwCXdcJEZIFjzPVe9JrIfB4DxClLnuuz
70lwdoI0vAPs9LEXt5yCsFBCcrligv21OIMlcZ/0UWrXe9p04ElB2LAnZNdjhNT1
zbXtlcMcRcP5Vg==
-----END CERTIFICATE-----