Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          h3+pEJtyDoL00KmNwaP+skuDWnF4L0I67Gocl92+ka0=
Subject key identifier:   50:56:B2:BD:1E:97:69:B7:2A:FB:4C:64:C6:28:CE:93:0F:BC:5D:A3
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       0196760CA78666FBD556A0A915B0748ECE04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0DCF
Signing time:             Sun 27 Apr 2025 07:01:02 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:02 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:02 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: dyszCe4tpQibFVYqWsFpemBlkpCsd6+wFu+Tp735AXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:a7:86:66:fb:d5:56:a0:a9:15:b0:74:8e:ce:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Apr 27 07:01:02 2025 GMT
            Not After : Apr 28 07:01:02 2025 GMT
        Subject: CN=5056b2bd1e9769b72afb4c64c628ce930fbc5da3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d4:c3:5d:e0:35:81:61:84:5c:02:8a:b9:e1:
                    7d:f6:ad:97:68:ad:64:bd:61:b0:1d:c7:2b:49:f2:
                    80:7a:f5:e8:8c:25:bf:b5:9d:d1:77:b1:81:69:fc:
                    f7:1e:c5:9e:7a:21:0b:e8:71:88:d7:3c:91:95:dc:
                    82:61:c5:03:20:54:63:21:8b:01:4a:e6:fa:0f:93:
                    e0:16:d5:4c:87:65:69:b8:46:ad:62:c7:c1:dc:51:
                    64:99:89:36:69:75:b9:91:d2:5c:87:49:a6:d7:5b:
                    ea:17:01:a7:db:f8:b1:06:44:b4:32:06:47:12:f2:
                    59:77:f7:6b:fc:8a:d2:2e:1a:88:4d:9f:75:27:9a:
                    2a:f6:60:94:52:60:93:1d:50:1d:84:59:b9:eb:fe:
                    2e:3a:d0:1c:77:a8:88:ae:b8:c2:63:3b:d4:d6:d8:
                    ba:54:ea:f0:8e:e4:4b:da:c1:cc:74:1b:c8:cc:7a:
                    ea:3c:bd:f9:a4:7f:48:f3:38:b5:f1:22:3f:70:0c:
                    53:cf:78:1a:dd:df:eb:f2:98:ce:18:83:96:77:3d:
                    74:d6:38:09:4e:98:e1:04:47:25:ac:26:a2:1c:e1:
                    ca:cb:8c:2b:31:2e:ef:4d:15:b8:93:41:b6:97:98:
                    54:87:8b:e0:60:49:31:97:b6:17:4e:81:48:0d:95:
                    56:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:56:B2:BD:1E:97:69:B7:2A:FB:4C:64:C6:28:CE:93:0F:BC:5D:A3
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:d3:e3:9e:12:19:5a:91:a7:3d:19:91:3e:c4:59:2e:87:19:
         c9:3b:b7:dd:33:a5:fc:33:e6:ca:0b:a5:44:1d:a7:ab:da:c5:
         a4:ba:22:0e:c5:9d:81:ee:9a:1c:ea:70:6a:b6:aa:75:92:b6:
         dc:9e:36:9e:93:8f:ff:58:71:ca:52:e4:d9:39:89:f2:76:80:
         97:11:1b:4a:1f:d3:1c:9a:92:fb:a4:a5:8d:b6:37:5e:52:a8:
         20:f6:28:99:9a:4c:59:a2:2f:4b:93:fc:91:ee:9c:b7:4d:dd:
         16:e4:ec:88:61:36:90:6c:ab:62:71:47:cb:ba:65:3c:c8:3b:
         01:41:3e:81:88:a5:0f:6e:54:5e:4e:d9:3e:c2:43:55:63:64:
         9e:5e:a5:98:12:ce:6c:3b:6a:e3:ec:26:94:33:0b:86:74:8e:
         37:10:35:04:04:10:bf:81:d2:13:44:8e:3b:b6:1a:55:3b:1b:
         c6:52:a2:1d:e3:c6:8a:42:e0:d1:78:82:16:16:ef:02:a3:28:
         fb:fa:f8:4c:a3:1b:be:03:c4:61:60:53:78:da:ef:bc:62:72:
         b0:d0:e1:fc:64:72:c5:cd:81:0c:43:a7:ef:04:92:87:30:91:
         c3:e0:c5:b2:29:08:c6:6f:ff:bb:77:19:dd:91:c6:c6:5b:1b:
         75:2a:90:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DKeGZvvVVqCpFbB0js4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjUwNDI3MDcwMTAyWhcNMjUwNDI4MDcwMTAyWjAzMTEwLwYDVQQD
Eyg1MDU2YjJiZDFlOTc2OWI3MmFmYjRjNjRjNjI4Y2U5MzBmYmM1ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dTDXeA1gWGEXAKKueF99q2XaK1k
vWGwHccrSfKAevXojCW/tZ3Rd7GBafz3HsWeeiEL6HGI1zyRldyCYcUDIFRjIYsB
Sub6D5PgFtVMh2VpuEatYsfB3FFkmYk2aXW5kdJch0mm11vqFwGn2/ixBkS0MgZH
EvJZd/dr/IrSLhqITZ91J5oq9mCUUmCTHVAdhFm56/4uOtAcd6iIrrjCYzvU1ti6
VOrwjuRL2sHMdBvIzHrqPL35pH9I8zi18SI/cAxTz3ga3d/r8pjOGIOWdz101jgJ
TpjhBEclrCaiHOHKy4wrMS7vTRW4k0G2l5hUh4vgYEkxl7YXToFIDZVWywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFBWsr0el2m3KvtMZMYozpMPvF2jMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNPjnhIZ
WpGnPRmRPsRZLocZyTu33TOl/DPmygulRB2nq9rFpLoiDsWdge6aHOpwaraqdZK2
3J42npOP/1hxylLk2TmJ8naAlxEbSh/THJqS+6SljbY3XlKoIPYomZpMWaIvS5P8
ke6ct03dFuTsiGE2kGyrYnFHy7plPMg7AUE+gYilD25UXk7ZPsJDVWNknl6lmBLO
bDtq4+wmlDMLhnSONxA1BAQQv4HSE0SOO7YaVTsbxlKiHePGikLg0XiCFhbvAqMo
+/r4TKMbvgPEYWBTeNrvvGJysNDh/GRyxc2BDEOn7wSShzCRw+DFsikIxm//u3cZ
3ZHGxlsbdSqQFQ==
-----END CERTIFICATE-----