Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
File:                     daRvv8jeUjM5XHPeUflVO7doRgU.mft (raw, json)
Hash identifier:          0ij2pP68cP6JvIspR5gxWjOjJldcLRHS9vrs+DTlqvY=
Subject key identifier:   BF:EC:BD:E1:A8:90:2E:44:08:87:63:6E:38:3C:64:ED:5C:24:CD:27
Authority key identifier: 75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05
Certificate issuer:       /CN=75a46fbfc8de5233395c73de51f9553bb7684605
Certificate serial:       01987D8B7B19BFB33BF98A023DB4D9740DFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
Manifest number:          1617
Signing time:             Wed 06 Aug 2025 04:02:29 +0000
Manifest this update:     Wed 06 Aug 2025 04:02:29 +0000
Manifest next update:     Thu 07 Aug 2025 04:02:29 +0000
Files and hashes:         1: daRvv8jeUjM5XHPeUflVO7doRgU.crl (hash: YvJnCZQzGQXcrAvHM6RlNgd4vNB+N5uh2YobuXF3Y24=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8b:7b:19:bf:b3:3b:f9:8a:02:3d:b4:d9:74:0d:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75a46fbfc8de5233395c73de51f9553bb7684605
        Validity
            Not Before: Aug  6 04:02:29 2025 GMT
            Not After : Aug  7 04:02:29 2025 GMT
        Subject: CN=bfecbde1a8902e440887636e383c64ed5c24cd27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:97:2b:64:3b:74:bb:a7:01:95:ea:18:12:b8:
                    a5:e1:99:ef:06:ca:51:c1:df:8b:f6:4f:9e:f9:12:
                    12:65:b9:5e:a8:ee:3f:76:63:e4:fd:c9:8d:b6:07:
                    39:54:f2:68:a1:63:ee:d8:ee:bf:67:66:57:aa:a1:
                    5c:76:82:75:89:c0:a4:30:27:61:b3:50:8f:7b:20:
                    cb:aa:35:cb:77:f6:17:f8:b0:9b:b3:14:ad:ad:5b:
                    52:0d:80:2e:4a:36:ea:fa:eb:48:8c:20:db:0a:59:
                    f3:78:bc:a9:3a:78:ed:96:8b:b9:84:e1:3a:9d:dc:
                    8c:25:5d:8f:2a:72:75:bf:d1:35:69:b9:0e:6e:4b:
                    10:21:8c:f9:98:76:7a:01:78:bd:e3:c5:dd:d9:00:
                    0d:7d:82:53:9f:f7:6d:5b:4a:eb:15:bf:f1:56:a9:
                    55:f4:59:d1:06:76:5c:7c:d2:9d:72:52:43:76:f0:
                    da:0a:4a:97:a3:be:a4:40:2e:73:80:59:d7:36:67:
                    89:6a:c0:e2:9b:f0:3e:9b:67:c8:61:af:43:1e:9e:
                    94:96:b8:43:96:91:11:8f:51:d4:5e:24:f6:00:95:
                    c0:09:33:b8:80:47:95:1d:53:00:37:72:1c:54:46:
                    50:07:c3:b8:6d:c0:21:bc:f3:6e:9c:91:40:4a:0f:
                    f7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:EC:BD:E1:A8:90:2E:44:08:87:63:6E:38:3C:64:ED:5C:24:CD:27
            X509v3 Authority Key Identifier:
                keyid:75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:12:91:c2:0c:1e:8a:74:e0:c5:12:8b:6a:38:b0:77:2f:46:
         d0:84:ef:21:c1:0f:8f:8c:41:54:d8:17:03:48:2a:03:b7:d8:
         cb:33:da:e2:ed:fe:16:ae:14:64:05:c5:74:a5:34:5b:88:3a:
         07:74:35:f4:ab:df:02:6d:4e:dd:62:6d:a2:7b:fd:9a:e9:10:
         9c:26:89:95:c3:0f:02:c4:b7:dd:55:4f:a7:5f:0e:db:69:7c:
         0b:49:96:a2:47:7b:b7:22:61:80:dd:f3:a3:25:b9:08:1b:a1:
         85:32:6a:ff:5e:24:3e:73:00:d7:df:0d:d2:73:a4:a4:54:00:
         a3:5a:58:d9:88:4a:00:7d:c3:49:9a:1b:98:a0:bc:a1:d9:03:
         63:81:59:31:d1:70:6f:fe:c2:56:18:5c:91:f1:43:e8:77:70:
         39:fa:ee:d2:e5:85:7a:fa:91:02:af:13:91:70:64:bf:20:9f:
         95:1e:8b:03:99:18:aa:67:7d:80:5d:2d:33:9a:50:70:d5:9a:
         1a:32:3e:15:98:36:8b:36:e5:da:9d:ed:e1:a1:a0:8e:c1:e6:
         e2:9c:10:ad:74:1f:5a:8c:f1:de:24:a8:82:16:8d:f9:fb:e8:
         56:03:c4:7b:eb:d8:4f:37:3c:49:a2:5b:91:da:8e:7f:82:bb:
         0f:c3:8e:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9i3sZv7M7+YoCPbTZdA3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YTQ2ZmJmYzhkZTUyMzMzOTVjNzNkZTUxZjk1NTNiYjc2
ODQ2MDUwHhcNMjUwODA2MDQwMjI5WhcNMjUwODA3MDQwMjI5WjAzMTEwLwYDVQQD
EyhiZmVjYmRlMWE4OTAyZTQ0MDg4NzYzNmUzODNjNjRlZDVjMjRjZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypcrZDt0u6cBleoYEril4ZnvBspR
wd+L9k+e+RISZbleqO4/dmPk/cmNtgc5VPJooWPu2O6/Z2ZXqqFcdoJ1icCkMCdh
s1CPeyDLqjXLd/YX+LCbsxStrVtSDYAuSjbq+utIjCDbClnzeLypOnjtlou5hOE6
ndyMJV2PKnJ1v9E1abkObksQIYz5mHZ6AXi948Xd2QANfYJTn/dtW0rrFb/xVqlV
9FnRBnZcfNKdclJDdvDaCkqXo76kQC5zgFnXNmeJasDim/A+m2fIYa9DHp6UlrhD
lpERj1HUXiT2AJXACTO4gEeVHVMAN3IcVEZQB8O4bcAhvPNunJFASg/3rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/sveGokC5ECIdjbjg8ZO1cJM0nMB8GA1UdIwQY
MBaAFHWkb7/I3lIzOVxz3lH5VTu3aEYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEt
OGM3YzU0ZjNjNWIwLzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEtOGM3YzU0ZjNjNWIw
LzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqhKRwgwe
inTgxRKLajiwdy9G0ITvIcEPj4xBVNgXA0gqA7fYyzPa4u3+Fq4UZAXFdKU0W4g6
B3Q19KvfAm1O3WJtonv9mukQnCaJlcMPAsS33VVPp18O22l8C0mWokd7tyJhgN3z
oyW5CBuhhTJq/14kPnMA198N0nOkpFQAo1pY2YhKAH3DSZobmKC8odkDY4FZMdFw
b/7CVhhckfFD6HdwOfru0uWFevqRAq8TkXBkvyCflR6LA5kYqmd9gF0tM5pQcNWa
GjI+FZg2izbl2p3t4aGgjsHm4pwQrXQfWozx3iSoghaN+fvoVgPEe+vYTzc8SaJb
kdqOf4K7D8OOsA==
-----END CERTIFICATE-----