Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          46sDkNJdzQLzJDEQAgEBunqjAbX8xNCF+wgpozBPmsg=
Subject key identifier:   3F:38:EF:99:10:ED:03:DA:68:D6:67:37:AD:58:39:7F:A4:91:DC:51
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       01988B107D660FC09F331AE321A911D98D2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0EE3
Signing time:             Fri 08 Aug 2025 19:02:50 +0000
Manifest this update:     Fri 08 Aug 2025 19:02:50 +0000
Manifest next update:     Sat 09 Aug 2025 19:02:50 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: xZqQbwDRZSXlwXSt2AfJujY+WoVOXAv2YdxkhN+n5gM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:02:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:10:7d:66:0f:c0:9f:33:1a:e3:21:a9:11:d9:8d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Aug  8 19:02:50 2025 GMT
            Not After : Aug  9 19:02:50 2025 GMT
        Subject: CN=3f38ef9910ed03da68d66737ad58397fa491dc51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:20:28:26:55:b5:da:9c:b6:09:84:1d:ef:93:
                    f3:c6:d5:13:f9:e2:ec:f2:54:35:b5:3e:4c:f5:31:
                    ce:00:07:bb:46:b3:27:cb:53:b4:ae:66:35:40:6f:
                    89:ba:0f:a7:73:16:55:bf:fa:97:81:7e:c3:fb:61:
                    99:6f:b7:74:84:77:78:88:b7:09:f1:b2:74:9e:17:
                    83:fa:b0:3d:24:f6:0b:4f:15:77:02:8e:5a:97:20:
                    10:26:0c:0c:cc:06:cb:6b:c8:fd:41:57:97:c2:02:
                    47:45:59:92:dc:1b:b7:ba:6c:1b:64:5f:74:26:13:
                    7d:51:f1:46:c7:e6:c7:22:fe:e4:a8:cd:f2:ce:b7:
                    b3:f4:87:39:b2:3d:0f:1c:c5:17:7c:3b:d4:3f:29:
                    a1:41:bb:63:8f:54:14:8b:0f:29:62:3a:ee:b2:02:
                    1f:d5:0f:72:65:3b:10:c7:d8:f9:dc:ad:d4:3e:c5:
                    1d:7b:fe:bc:83:7a:95:21:22:e2:02:3e:8e:e9:51:
                    2f:86:85:a0:c6:d3:7a:64:d2:0c:48:c7:69:4c:0b:
                    e1:f6:1a:26:26:50:d3:90:56:60:77:df:9d:66:80:
                    b8:4b:f3:c6:0e:54:e0:8e:30:36:ba:cc:86:ce:1b:
                    04:bb:81:2b:b4:d4:6b:a0:80:17:29:0f:54:2c:25:
                    06:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:38:EF:99:10:ED:03:DA:68:D6:67:37:AD:58:39:7F:A4:91:DC:51
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:5a:87:4d:19:16:ef:90:71:18:d5:47:2a:ad:f9:64:39:e8:
         b5:0d:f0:da:7a:62:24:25:6a:57:f4:d2:ab:fb:f9:15:b9:1d:
         12:5f:6f:1c:7d:d7:97:9a:f8:3b:1f:aa:c9:b5:fb:0c:89:33:
         62:2c:40:ed:f6:fc:ed:54:4f:4c:2c:7f:cb:56:01:7b:ee:66:
         5e:74:17:cc:b1:83:ef:67:89:b7:9a:22:18:f0:7c:2a:c7:4b:
         94:10:20:af:17:9b:ad:26:37:60:38:7f:b6:05:bb:4e:0a:fe:
         53:70:e7:4a:80:45:76:44:6d:4b:d0:aa:28:31:65:b0:59:3a:
         62:4f:eb:56:aa:9d:30:7c:2b:6f:bb:86:a3:91:b0:2c:7e:71:
         87:9a:c8:a9:82:7a:2f:af:f9:e1:d4:ff:28:d7:79:ee:05:c1:
         88:0e:fd:46:15:f4:e2:a1:09:9e:30:11:18:9e:56:2c:07:cf:
         b9:8b:19:5c:d5:16:de:80:b3:d4:b6:87:5b:01:48:f8:06:5d:
         5b:4f:96:36:e9:d6:fc:62:b6:06:71:43:7f:7e:dc:aa:54:f7:
         fd:f4:05:a8:86:2e:51:b2:20:51:b3:08:57:4c:54:24:5f:35:
         86:82:de:a0:fc:31:d7:77:d6:d0:98:ce:a5:b2:89:ab:3f:d2:
         f3:75:a6:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLEH1mD8CfMxrjIakR2Y0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwODA4MTkwMjUwWhcNMjUwODA5MTkwMjUwWjAzMTEwLwYDVQQD
EygzZjM4ZWY5OTEwZWQwM2RhNjhkNjY3MzdhZDU4Mzk3ZmE0OTFkYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyAoJlW12py2CYQd75PzxtUT+eLs
8lQ1tT5M9THOAAe7RrMny1O0rmY1QG+Jug+ncxZVv/qXgX7D+2GZb7d0hHd4iLcJ
8bJ0nheD+rA9JPYLTxV3Ao5alyAQJgwMzAbLa8j9QVeXwgJHRVmS3Bu3umwbZF90
JhN9UfFGx+bHIv7kqM3yzrez9Ic5sj0PHMUXfDvUPymhQbtjj1QUiw8pYjrusgIf
1Q9yZTsQx9j53K3UPsUde/68g3qVISLiAj6O6VEvhoWgxtN6ZNIMSMdpTAvh9hom
JlDTkFZgd9+dZoC4S/PGDlTgjjA2usyGzhsEu4ErtNRroIAXKQ9ULCUGmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8475kQ7QPaaNZnN61YOX+kkdxRMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFqHTRkW
75BxGNVHKq35ZDnotQ3w2npiJCVqV/TSq/v5FbkdEl9vHH3Xl5r4Ox+qybX7DIkz
YixA7fb87VRPTCx/y1YBe+5mXnQXzLGD72eJt5oiGPB8KsdLlBAgrxebrSY3YDh/
tgW7Tgr+U3DnSoBFdkRtS9CqKDFlsFk6Yk/rVqqdMHwrb7uGo5GwLH5xh5rIqYJ6
L6/54dT/KNd57gXBiA79RhX04qEJnjARGJ5WLAfPuYsZXNUW3oCz1LaHWwFI+AZd
W0+WNunW/GK2BnFDf37cqlT3/fQFqIYuUbIgUbMIV0xUJF81hoLeoPwx13fW0JjO
pbKJqz/S83WmdA==
-----END CERTIFICATE-----