Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          m6f8vNyxtHsDPyuD6Ia9+WcocZ8QU5135a9gT1YrT9E=
Subject key identifier:   0D:92:08:93:01:67:FE:34:15:05:8D:D9:E3:8E:6D:62:58:82:99:7E
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       01976C2B1A2C67FECB0EC9596C8FB691B850
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0C6E
Signing time:             Sat 14 Jun 2025 02:00:53 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:53 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:53 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: a3d9QvXuVGTS1qrDvBm6NupjW5+l0WTdKLgF2yK9+OI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:1a:2c:67:fe:cb:0e:c9:59:6c:8f:b6:91:b8:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Jun 14 02:00:53 2025 GMT
            Not After : Jun 15 02:00:53 2025 GMT
        Subject: CN=0d9208930167fe3415058dd9e38e6d625882997e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e6:58:49:38:ed:ca:0b:64:0c:2b:75:45:c3:
                    12:91:97:3d:f5:33:79:64:f3:71:c2:29:02:cd:f9:
                    c0:5c:bc:cf:85:03:c5:11:1c:72:15:aa:40:47:7b:
                    73:a2:1b:21:b5:3c:40:c8:6f:89:cc:9f:65:dc:52:
                    33:2d:ea:43:43:8c:1c:5b:a3:7e:98:20:e5:41:10:
                    40:79:72:bc:0e:0f:f3:44:02:cb:df:12:12:4e:fe:
                    25:66:96:0e:d0:58:7d:e8:4d:45:e9:87:ba:f4:b2:
                    0c:42:16:d6:e7:23:a2:e9:b4:12:6a:ee:48:7e:ff:
                    d3:ee:16:35:4b:14:ce:33:45:a5:43:84:d0:ca:eb:
                    d4:7e:4e:77:20:d7:05:9b:d8:4f:43:9a:f7:fa:a7:
                    cb:89:2f:9b:4a:51:d9:13:82:e6:0c:71:72:41:1e:
                    31:80:07:7e:c8:99:62:53:85:e3:48:bd:6c:79:9b:
                    dc:d8:b3:41:bf:17:fe:29:47:4a:83:8f:af:f9:44:
                    8d:50:d2:40:06:95:71:ea:f4:ae:2f:87:e3:3d:f8:
                    f3:c7:ee:18:cc:7c:a4:c7:b0:aa:0f:8d:7d:88:c7:
                    c4:b8:0a:8f:2b:7d:55:3c:fa:44:90:a0:54:f6:52:
                    68:75:55:d4:8b:fb:5a:27:e6:3b:f3:1b:40:f6:8a:
                    5e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:92:08:93:01:67:FE:34:15:05:8D:D9:E3:8E:6D:62:58:82:99:7E
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:b1:1c:02:be:47:f7:26:36:49:7d:81:a2:e3:01:26:61:48:
         a7:9c:f4:05:94:49:82:c2:31:34:bc:83:34:60:20:29:68:d1:
         b4:70:fa:38:b5:51:7e:83:37:6c:d9:aa:b0:de:d9:88:25:8e:
         96:ca:a3:5a:0c:24:df:5c:aa:aa:17:f5:7f:b9:63:bf:59:bf:
         dd:f4:b8:64:c4:fa:e5:80:30:21:bf:9e:c0:a8:93:3e:c3:38:
         a6:e7:27:6c:e4:30:d2:8f:33:a4:7d:75:78:83:ae:4e:18:40:
         e7:16:6f:d8:83:9d:32:45:b8:5b:a1:4d:4b:bd:98:17:e9:2e:
         5e:63:fa:b1:31:9e:ff:27:5e:0e:04:73:fb:4c:72:da:ad:3e:
         c3:58:cc:8e:fd:a3:c3:ff:4f:ed:e7:04:1b:53:94:d1:a7:35:
         21:f2:1f:00:f1:e5:4d:e3:6c:ca:d8:0b:ed:20:71:60:a1:29:
         ab:e1:97:b6:73:82:eb:eb:f5:93:7b:13:e3:32:34:41:7c:c9:
         70:92:5b:d7:51:db:a6:d4:83:1c:c0:1a:29:15:fc:bf:4e:d8:
         1d:12:f7:59:28:b3:fa:f2:6d:49:9b:6b:a5:bc:d2:9f:45:67:
         5e:69:fa:8a:02:d1:7d:dd:f4:42:4c:ea:9f:8e:bb:65:47:c2:
         93:e3:5f:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKxosZ/7LDslZbI+2kbhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjUwNjE0MDIwMDUzWhcNMjUwNjE1MDIwMDUzWjAzMTEwLwYDVQQD
EygwZDkyMDg5MzAxNjdmZTM0MTUwNThkZDllMzhlNmQ2MjU4ODI5OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OZYSTjtygtkDCt1RcMSkZc99TN5
ZPNxwikCzfnAXLzPhQPFERxyFapAR3tzohshtTxAyG+JzJ9l3FIzLepDQ4wcW6N+
mCDlQRBAeXK8Dg/zRALL3xISTv4lZpYO0Fh96E1F6Ye69LIMQhbW5yOi6bQSau5I
fv/T7hY1SxTOM0WlQ4TQyuvUfk53INcFm9hPQ5r3+qfLiS+bSlHZE4LmDHFyQR4x
gAd+yJliU4XjSL1seZvc2LNBvxf+KUdKg4+v+USNUNJABpVx6vSuL4fjPfjzx+4Y
zHykx7CqD419iMfEuAqPK31VPPpEkKBU9lJodVXUi/taJ+Y78xtA9opetQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2SCJMBZ/40FQWN2eOObWJYgpl+MB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASLEcAr5H
9yY2SX2BouMBJmFIp5z0BZRJgsIxNLyDNGAgKWjRtHD6OLVRfoM3bNmqsN7ZiCWO
lsqjWgwk31yqqhf1f7ljv1m/3fS4ZMT65YAwIb+ewKiTPsM4pucnbOQw0o8zpH11
eIOuThhA5xZv2IOdMkW4W6FNS72YF+kuXmP6sTGe/ydeDgRz+0xy2q0+w1jMjv2j
w/9P7ecEG1OU0ac1IfIfAPHlTeNsytgL7SBxYKEpq+GXtnOC6+v1k3sT4zI0QXzJ
cJJb11HbptSDHMAaKRX8v07YHRL3WSiz+vJtSZtrpbzSn0VnXmn6igLRfd30Qkzq
n467ZUfCk+NfFQ==
-----END CERTIFICATE-----