Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          T/cki7AQSGq8HGw3Mu9LIaXL6cT916v2h3SVUaRAZSg=
Subject key identifier:   3C:D9:E7:FD:1D:46:14:BB:B4:60:0F:0A:C0:59:4E:5B:A4:EB:D7:7E
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       01976FD0EA0FB23CA579871067285520913E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0D7F
Signing time:             Sat 14 Jun 2025 19:00:51 +0000
Manifest this update:     Sat 14 Jun 2025 19:00:51 +0000
Manifest next update:     Sun 15 Jun 2025 19:00:51 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: 8Wp7xoisKT2QE94R0PEVR95YCAR3Bjk4/COJ/5uEptY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d0:ea:0f:b2:3c:a5:79:87:10:67:28:55:20:91:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Jun 14 19:00:51 2025 GMT
            Not After : Jun 15 19:00:51 2025 GMT
        Subject: CN=3cd9e7fd1d4614bbb4600f0ac0594e5ba4ebd77e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8e:cb:6a:5f:a5:1d:89:d4:13:bd:bc:24:3c:
                    f7:4a:ae:4b:d0:48:59:ca:08:95:3c:46:72:3e:89:
                    52:02:a1:48:10:c2:9e:3e:e1:6e:e4:00:dd:20:e6:
                    6f:01:cb:cb:ad:6a:20:29:e5:da:72:98:16:08:ab:
                    fe:25:49:bb:57:54:60:62:4b:4e:a3:58:d2:eb:b5:
                    65:e2:cb:b5:eb:8b:7a:6a:e2:f2:ca:30:20:72:7b:
                    a3:82:8c:e1:42:3c:02:e2:42:89:12:72:4d:44:34:
                    6c:23:69:a8:23:e7:0e:87:6a:1f:ac:d1:b9:c5:eb:
                    7a:86:49:d2:29:20:73:3c:de:f1:75:69:3e:83:17:
                    23:5c:4e:e1:62:84:ac:ef:04:61:3e:5e:76:9a:87:
                    6b:c0:60:2b:f1:87:5f:95:80:a7:9c:d1:80:08:22:
                    a9:05:43:df:91:57:f9:81:22:12:ea:1f:ff:bb:31:
                    1d:27:32:8e:ac:85:70:5f:51:f8:83:74:f0:ea:5e:
                    fb:19:bb:19:25:51:0f:ab:22:de:30:d5:cc:2c:e7:
                    f9:3e:92:4f:6b:7d:1b:40:c2:6c:3b:dd:9e:92:1c:
                    bf:e1:8e:0c:38:0c:92:8f:34:41:57:f4:ee:0f:35:
                    e7:c4:a3:52:0f:a1:8b:71:2c:43:da:ac:29:04:0e:
                    01:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D9:E7:FD:1D:46:14:BB:B4:60:0F:0A:C0:59:4E:5B:A4:EB:D7:7E
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:75:e9:59:d4:d7:5e:ef:9e:28:33:21:69:f5:d6:2f:a5:b8:
         65:f0:25:18:01:31:d5:42:34:f0:4f:99:ab:39:0a:49:2f:b8:
         72:d1:19:34:76:2a:2d:00:7f:39:48:87:9d:0c:cb:e5:36:21:
         1c:89:ab:01:a9:7e:b5:70:39:1d:e9:2e:a4:3a:4a:e1:34:60:
         bb:05:06:d9:1f:49:83:a4:37:8c:03:b0:76:c1:1f:96:49:e6:
         74:08:6b:4d:7d:91:4a:98:03:b1:6c:50:b9:7e:b9:e2:d3:68:
         10:d3:e2:04:8a:9c:77:14:b8:10:40:37:ac:e4:57:99:48:c6:
         12:11:6d:25:64:14:9a:ba:82:d8:d6:72:3e:78:2d:5d:a0:7d:
         a5:77:75:36:38:e8:05:37:54:32:b6:7b:0c:2e:91:ba:6b:77:
         8a:98:41:10:cf:55:57:15:2e:32:0b:75:a0:12:6f:49:f6:06:
         5b:af:b7:3c:e1:53:76:44:1f:7c:f6:e5:49:bc:32:73:15:ca:
         9e:bd:4e:71:c9:fc:7e:2e:3a:1c:8e:80:84:f4:d6:dd:06:2a:
         27:4a:f8:07:39:ca:c2:ac:c0:b2:f8:a3:ee:74:0b:8b:d3:4f:
         d4:31:6c:6c:13:26:c1:87:11:65:d9:3b:83:bc:75:b1:37:a6:
         1f:f4:0e:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0OoPsjyleYcQZyhVIJE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwNjE0MTkwMDUxWhcNMjUwNjE1MTkwMDUxWjAzMTEwLwYDVQQD
EygzY2Q5ZTdmZDFkNDYxNGJiYjQ2MDBmMGFjMDU5NGU1YmE0ZWJkNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA147Lal+lHYnUE728JDz3Sq5L0EhZ
ygiVPEZyPolSAqFIEMKePuFu5ADdIOZvAcvLrWogKeXacpgWCKv+JUm7V1RgYktO
o1jS67Vl4su164t6auLyyjAgcnujgozhQjwC4kKJEnJNRDRsI2moI+cOh2ofrNG5
xet6hknSKSBzPN7xdWk+gxcjXE7hYoSs7wRhPl52modrwGAr8YdflYCnnNGACCKp
BUPfkVf5gSIS6h//uzEdJzKOrIVwX1H4g3Tw6l77GbsZJVEPqyLeMNXMLOf5PpJP
a30bQMJsO92ekhy/4Y4MOAySjzRBV/TuDzXnxKNSD6GLcSxD2qwpBA4BfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzZ5/0dRhS7tGAPCsBZTluk69d+MB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnXpWdTX
Xu+eKDMhafXWL6W4ZfAlGAEx1UI08E+ZqzkKSS+4ctEZNHYqLQB/OUiHnQzL5TYh
HImrAal+tXA5HekupDpK4TRguwUG2R9Jg6Q3jAOwdsEflknmdAhrTX2RSpgDsWxQ
uX654tNoENPiBIqcdxS4EEA3rORXmUjGEhFtJWQUmrqC2NZyPngtXaB9pXd1Njjo
BTdUMrZ7DC6Rumt3iphBEM9VVxUuMgt1oBJvSfYGW6+3POFTdkQffPblSbwycxXK
nr1Occn8fi46HI6AhPTW3QYqJ0r4BznKwqzAsvij7nQLi9NP1DFsbBMmwYcRZdk7
g7x1sTemH/QOrQ==
-----END CERTIFICATE-----