Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          hGGyjPYeR3FTbcykFRQQQK6ZT3ajk1uAGxl2jAmTJog=
Subject key identifier:   3E:DC:5A:6F:D7:78:74:10:D9:7B:23:19:1B:65:35:60:C3:C5:50:12
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       01987487543BC64F48A1787DCBF328DCD2CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          07B7
Signing time:             Mon 04 Aug 2025 10:01:22 +0000
Manifest this update:     Mon 04 Aug 2025 10:01:22 +0000
Manifest next update:     Tue 05 Aug 2025 10:01:22 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: rX7IMHeSYtf/5v1ZXCVEat0jbcM4QLRlbCLfMdhfsjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 10:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:87:54:3b:c6:4f:48:a1:78:7d:cb:f3:28:dc:d2:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Aug  4 10:01:22 2025 GMT
            Not After : Aug  5 10:01:22 2025 GMT
        Subject: CN=3edc5a6fd7787410d97b23191b653560c3c55012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d9:21:2c:f5:54:10:90:33:89:9c:cc:f3:60:
                    6e:3d:8e:e0:91:72:c0:fa:f9:c6:af:4a:b3:3a:63:
                    02:fb:81:f8:c5:90:25:b9:26:31:f4:cc:1d:20:58:
                    cc:ac:4a:be:64:f5:3d:7d:71:73:f8:5a:97:ee:16:
                    a2:6a:4e:f4:13:be:9c:9e:70:b9:3e:65:2a:83:bb:
                    24:e5:8c:75:ac:26:f9:1e:3d:44:90:17:a6:65:50:
                    d4:b4:1f:de:75:bf:e9:75:e6:2a:ca:6a:f8:8a:ed:
                    36:e7:e5:4c:9d:cb:9a:65:7a:6c:fe:96:89:f6:87:
                    cc:6f:ab:5d:7a:4f:0f:3d:32:95:39:3f:c1:14:6b:
                    36:02:91:c3:36:fc:86:e6:b9:09:59:5a:29:b4:64:
                    c1:70:78:31:6a:36:b4:17:99:cb:0f:66:52:4b:fd:
                    fe:f9:03:ae:ca:45:63:c5:f2:88:46:a8:33:50:be:
                    c2:95:a0:7c:e5:db:0e:0f:2f:d1:0e:4d:2f:aa:91:
                    2e:cb:1a:a2:3a:ab:c9:e5:e4:97:d2:03:bf:98:aa:
                    92:90:6b:10:72:03:de:68:3c:9b:7b:36:64:7d:b2:
                    cb:7e:ed:30:5e:d8:37:a5:77:6d:25:cc:4d:7a:4f:
                    bd:28:c8:f4:d9:a0:5a:50:79:8a:b6:74:d7:35:d4:
                    9f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:DC:5A:6F:D7:78:74:10:D9:7B:23:19:1B:65:35:60:C3:C5:50:12
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:71:ee:7c:5f:5f:2a:ff:53:36:b7:74:98:a2:80:5d:83:91:
         fd:bf:81:6b:b9:19:1f:72:08:d9:d6:a4:27:61:10:d2:5e:bd:
         f9:5f:2c:5d:85:66:95:f8:44:66:53:7f:72:5b:88:82:f2:c8:
         18:1f:24:b8:a6:72:15:85:63:94:07:27:13:8f:3a:fb:97:c9:
         e0:d2:b1:6a:de:7d:fc:93:ff:2c:2b:d8:c8:d8:ce:08:cd:f1:
         0a:f3:af:82:72:49:37:25:84:4d:0c:1e:2c:c3:5d:95:d6:86:
         0d:22:6f:7c:b5:f1:7b:f7:47:9c:29:80:7f:f2:b8:d3:6e:00:
         ce:fb:d0:19:dc:fe:a3:c6:16:39:be:20:ee:87:65:d5:91:3e:
         42:14:d6:96:98:6a:d7:9a:b8:76:4b:92:1c:72:d5:d5:ac:8d:
         62:96:b6:88:74:0b:85:40:ad:3c:87:95:88:bd:23:d0:18:a4:
         9d:83:ed:cd:08:3e:20:7e:68:ce:68:4d:04:cd:cd:11:57:69:
         c9:e0:db:25:e8:0b:6b:fe:3d:ac:c5:50:98:f2:f7:b6:07:c5:
         91:63:bc:7b:4e:01:a4:2f:b2:ba:5e:f1:06:02:ed:b7:8b:4e:
         58:63:5c:66:3e:6b:1e:3b:2d:8a:10:26:16:3a:16:38:fc:6f:
         64:15:42:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0h1Q7xk9IoXh9y/Mo3NLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjUwODA0MTAwMTIyWhcNMjUwODA1MTAwMTIyWjAzMTEwLwYDVQQD
EygzZWRjNWE2ZmQ3Nzg3NDEwZDk3YjIzMTkxYjY1MzU2MGMzYzU1MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkhLPVUEJAziZzM82BuPY7gkXLA
+vnGr0qzOmMC+4H4xZAluSYx9MwdIFjMrEq+ZPU9fXFz+FqX7haiak70E76cnnC5
PmUqg7sk5Yx1rCb5Hj1EkBemZVDUtB/edb/pdeYqymr4iu025+VMncuaZXps/paJ
9ofMb6tdek8PPTKVOT/BFGs2ApHDNvyG5rkJWVoptGTBcHgxaja0F5nLD2ZSS/3+
+QOuykVjxfKIRqgzUL7ClaB85dsODy/RDk0vqpEuyxqiOqvJ5eSX0gO/mKqSkGsQ
cgPeaDybezZkfbLLfu0wXtg3pXdtJcxNek+9KMj02aBaUHmKtnTXNdSfowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7cWm/XeHQQ2XsjGRtlNWDDxVASMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3HufF9f
Kv9TNrd0mKKAXYOR/b+Ba7kZH3II2dakJ2EQ0l69+V8sXYVmlfhEZlN/cluIgvLI
GB8kuKZyFYVjlAcnE486+5fJ4NKxat59/JP/LCvYyNjOCM3xCvOvgnJJNyWETQwe
LMNdldaGDSJvfLXxe/dHnCmAf/K4024AzvvQGdz+o8YWOb4g7odl1ZE+QhTWlphq
15q4dkuSHHLV1ayNYpa2iHQLhUCtPIeViL0j0BiknYPtzQg+IH5ozmhNBM3NEVdp
yeDbJegLa/49rMVQmPL3tgfFkWO8e04BpC+yul7xBgLtt4tOWGNcZj5rHjstihAm
FjoWOPxvZBVCQA==
-----END CERTIFICATE-----