Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
File:                     j31CCyNDzZHsI_UImoNC6J1tkWU.mft (raw, json)
Hash identifier:          CU5ii6yJcqCKALXUbir9k/cJfQfPoHTwN56brqVLoCI=
Subject key identifier:   0A:E3:B2:F2:6A:98:CA:59:47:FE:8D:70:71:1E:83:35:5C:6C:F9:74
Authority key identifier: 8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65
Certificate issuer:       /CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
Certificate serial:       0197711AAD415C7B0D393A2D7AD63F644107
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
Manifest number:          0EF7
Signing time:             Sun 15 Jun 2025 01:01:03 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:03 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:03 +0000
Files and hashes:         1: j31CCyNDzZHsI_UImoNC6J1tkWU.crl (hash: BOjTbn8LywqzDJkulFdOLBY6EjE/O5Gutcn4npD6udE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:ad:41:5c:7b:0d:39:3a:2d:7a:d6:3f:64:41:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
        Validity
            Not Before: Jun 15 01:01:03 2025 GMT
            Not After : Jun 16 01:01:03 2025 GMT
        Subject: CN=0ae3b2f26a98ca5947fe8d70711e83355c6cf974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:50:bb:5b:91:97:eb:79:1f:b1:e4:27:de:49:
                    2c:a0:e7:ca:89:03:c8:1f:2f:f9:86:a4:17:dc:06:
                    32:a3:b0:2b:8d:83:f4:94:d5:9a:a4:a7:8e:d8:22:
                    55:43:0b:bb:e3:26:0f:da:b7:29:fa:ba:b5:b1:69:
                    25:72:28:08:13:28:d4:46:59:a2:10:87:41:ca:b0:
                    f3:63:09:f8:d3:07:22:d5:42:21:5d:c9:b7:c6:86:
                    bf:90:90:82:03:0c:34:c4:7e:ac:b4:52:59:11:81:
                    c9:23:80:b1:c6:bd:7f:d8:a5:b2:16:32:66:eb:9c:
                    bd:f8:c8:7e:5f:30:38:f3:55:10:f7:89:bf:27:7e:
                    a4:89:5c:2a:ec:29:08:7f:34:50:ec:2b:9a:28:78:
                    9a:42:79:98:0f:1f:6c:90:20:9c:91:f0:89:07:47:
                    c7:02:1c:5e:25:8c:a6:f1:ea:bb:62:70:03:0d:8f:
                    7b:92:b6:91:99:ba:6f:cc:ce:6a:66:0e:af:e4:9c:
                    08:15:a7:50:47:6d:ba:94:a0:75:aa:71:34:99:64:
                    f5:79:37:68:21:a8:a7:fd:e6:b7:94:b7:cc:b6:2b:
                    f0:32:da:bc:48:07:3e:03:93:d3:b3:c9:ed:d2:89:
                    d9:1f:b0:06:50:d4:4d:a1:04:7d:a7:7c:4f:e2:6a:
                    e6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:E3:B2:F2:6A:98:CA:59:47:FE:8D:70:71:1E:83:35:5C:6C:F9:74
            X509v3 Authority Key Identifier:
                keyid:8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:f7:c9:23:e0:06:b8:f0:ac:0b:1a:fe:78:3f:f0:22:11:f4:
         1f:42:35:dd:4d:8e:29:67:4d:29:d3:26:8c:b3:f4:c8:25:6e:
         dc:52:50:ed:87:1a:7b:dd:3e:f4:75:26:fb:49:5e:39:58:22:
         6d:12:f9:56:58:ad:14:e2:af:0a:a8:17:67:19:d4:61:9c:75:
         93:dc:04:f8:8b:c3:ab:01:93:15:dd:9d:a6:88:cb:cf:fa:fe:
         8b:1f:be:73:0d:57:ca:97:c9:85:8a:75:ad:63:d9:77:fa:d5:
         1a:4c:94:43:a4:43:b3:fe:68:d2:a2:73:d7:24:97:81:b2:b9:
         2f:43:82:29:ba:d8:0d:3f:6c:54:89:7c:06:01:f1:6e:86:53:
         b6:66:14:7b:3e:81:c3:fc:83:14:fd:98:30:c8:1d:c8:2d:b8:
         61:23:dc:63:d6:e3:07:41:ea:df:ca:3f:39:36:74:35:79:4c:
         b4:e5:44:6f:14:50:e2:d0:cd:8b:03:f2:b1:1e:b9:b7:e1:94:
         d4:32:03:38:b9:6f:72:e7:dd:02:44:dd:3b:ce:1d:70:e6:95:
         2e:0a:87:69:bd:f9:f5:a0:d3:cf:df:6d:e4:47:b3:6e:ff:96:
         5f:f0:89:6b:04:0e:00:ec:81:82:86:ab:79:8b:91:02:ae:06:
         88:5f:68:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGq1BXHsNOTotetY/ZEEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q0MjBiMjM0M2NkOTFlYzIzZjUwODlhODM0MmU4OWQ2
ZDkxNjUwHhcNMjUwNjE1MDEwMTAzWhcNMjUwNjE2MDEwMTAzWjAzMTEwLwYDVQQD
EygwYWUzYjJmMjZhOThjYTU5NDdmZThkNzA3MTFlODMzNTVjNmNmOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FC7W5GX63kfseQn3kksoOfKiQPI
Hy/5hqQX3AYyo7ArjYP0lNWapKeO2CJVQwu74yYP2rcp+rq1sWklcigIEyjURlmi
EIdByrDzYwn40wci1UIhXcm3xoa/kJCCAww0xH6stFJZEYHJI4Cxxr1/2KWyFjJm
65y9+Mh+XzA481UQ94m/J36kiVwq7CkIfzRQ7CuaKHiaQnmYDx9skCCckfCJB0fH
AhxeJYym8eq7YnADDY97kraRmbpvzM5qZg6v5JwIFadQR226lKB1qnE0mWT1eTdo
Iain/ea3lLfMtivwMtq8SAc+A5PTs8nt0onZH7AGUNRNoQR9p3xP4mrmLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArjsvJqmMpZR/6NcHEegzVcbPl0MB8GA1UdIwQY
MBaAFI99QgsjQ82R7CP1CJqDQuidbZFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEt
YzVlMTcyMmEwYzY4LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEtYzVlMTcyMmEwYzY4
LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArffJI+AG
uPCsCxr+eD/wIhH0H0I13U2OKWdNKdMmjLP0yCVu3FJQ7Ycae90+9HUm+0leOVgi
bRL5VlitFOKvCqgXZxnUYZx1k9wE+IvDqwGTFd2dpojLz/r+ix++cw1XypfJhYp1
rWPZd/rVGkyUQ6RDs/5o0qJz1ySXgbK5L0OCKbrYDT9sVIl8BgHxboZTtmYUez6B
w/yDFP2YMMgdyC24YSPcY9bjB0Hq38o/OTZ0NXlMtOVEbxRQ4tDNiwPysR65t+GU
1DIDOLlvcufdAkTdO84dcOaVLgqHab359aDTz99t5Eezbv+WX/CJawQOAOyBgoar
eYuRAq4GiF9olw==
-----END CERTIFICATE-----