Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          Y1FMk6Ts38NWGcnzKL9kkAEAFFmZQ6iobNVl6q+BVqM=
Subject key identifier:   95:FF:55:84:CA:60:AF:CA:1B:C7:C9:CB:DC:EA:A2:3E:E6:5A:57:54
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       01977188E6187276E9E5C626E6EEA0A39BC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0A76
Signing time:             Sun 15 Jun 2025 03:01:26 +0000
Manifest this update:     Sun 15 Jun 2025 03:01:26 +0000
Manifest next update:     Mon 16 Jun 2025 03:01:26 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: loapil9T8lJ+LMC2M657Ke6gAGpaUCgT40uPD42wbt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:88:e6:18:72:76:e9:e5:c6:26:e6:ee:a0:a3:9b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Jun 15 03:01:26 2025 GMT
            Not After : Jun 16 03:01:26 2025 GMT
        Subject: CN=95ff5584ca60afca1bc7c9cbdceaa23ee65a5754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:27:cb:eb:62:ba:04:c9:71:93:62:0b:b9:de:
                    09:f1:ca:c0:91:ca:90:53:21:1f:dc:7d:13:a2:64:
                    5a:f2:66:8e:1e:1c:ed:fc:1d:de:3e:20:51:f6:71:
                    30:d5:fe:81:b5:d5:ef:7a:b2:8a:8f:58:8f:a9:f4:
                    de:30:94:66:11:a5:4e:f0:2f:75:94:7f:d1:2a:22:
                    67:04:e5:c7:00:9c:06:46:e2:60:9b:d5:ea:c2:ae:
                    9c:4e:44:7d:49:cb:62:55:ba:ef:5b:7b:42:45:6b:
                    6f:de:a9:32:82:ef:66:af:4b:d8:36:78:9b:ff:dc:
                    7a:ef:4f:83:28:4f:3b:ec:97:fc:d6:df:4b:47:2b:
                    0d:e1:6d:54:ca:e5:20:c1:46:f6:d8:7c:46:4c:84:
                    b0:f1:6e:7b:98:5a:8b:f6:d4:d2:75:4b:30:6a:68:
                    8b:30:0d:d1:af:ff:5c:c4:db:33:63:b2:2d:8b:cb:
                    52:ff:11:e2:0b:40:1e:10:8d:d4:a6:3f:17:92:2d:
                    29:a3:db:65:01:f8:02:c6:62:88:ce:2c:e5:cf:24:
                    29:5e:e8:0f:99:4b:b6:5e:8d:07:88:91:04:f8:b4:
                    07:51:7b:92:4f:3d:dc:8c:0e:62:68:6d:c1:d7:ef:
                    71:0b:91:f8:f7:d9:f5:78:f0:1b:f4:a2:19:81:32:
                    f1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:FF:55:84:CA:60:AF:CA:1B:C7:C9:CB:DC:EA:A2:3E:E6:5A:57:54
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ab:fe:51:fc:ae:35:b1:8e:6e:81:7b:cb:27:e0:5a:16:8f:
         9d:17:82:21:ba:ae:0e:fc:e6:0a:f2:2a:85:46:5b:67:a9:32:
         40:56:27:f8:8c:ef:cf:bf:39:38:bc:8a:bc:c7:c2:10:a8:f1:
         98:be:10:0a:fa:58:dc:05:84:dc:7c:c2:ea:2c:3b:33:8c:55:
         eb:d7:75:59:07:02:c2:58:b0:d5:2d:5d:65:52:5d:63:c6:56:
         de:c0:7f:73:95:5b:4b:c0:24:6f:00:b3:24:05:9c:c2:d5:95:
         d5:e3:ff:ec:55:a0:4d:c5:fa:b2:d9:0d:f4:8b:80:89:02:1a:
         9c:f9:e9:72:7e:4f:75:8d:e6:27:00:67:95:cf:6e:38:8a:ed:
         c3:d1:e5:fa:1b:d1:1c:7e:1f:70:aa:71:a2:90:b4:dc:ff:df:
         5b:ce:61:f4:2f:39:88:4a:d2:23:06:bd:4c:2b:97:b6:66:89:
         f0:67:1c:82:fc:f5:1d:6d:bb:28:26:f7:2f:5c:40:14:fb:37:
         20:2e:5e:d2:8f:f7:55:55:6d:30:05:7c:b7:c4:54:0e:c9:f9:
         e5:07:23:da:19:6e:8f:15:5d:6e:96:32:09:d0:dd:6f:61:11:
         8f:53:82:6f:fb:b5:67:35:84:de:ce:67:4a:c9:cf:a9:c6:af:
         b8:3b:46:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxiOYYcnbp5cYm5u6go5vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjUwNjE1MDMwMTI2WhcNMjUwNjE2MDMwMTI2WjAzMTEwLwYDVQQD
Eyg5NWZmNTU4NGNhNjBhZmNhMWJjN2M5Y2JkY2VhYTIzZWU2NWE1NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8CfL62K6BMlxk2ILud4J8crAkcqQ
UyEf3H0TomRa8maOHhzt/B3ePiBR9nEw1f6BtdXverKKj1iPqfTeMJRmEaVO8C91
lH/RKiJnBOXHAJwGRuJgm9Xqwq6cTkR9SctiVbrvW3tCRWtv3qkygu9mr0vYNnib
/9x670+DKE877Jf81t9LRysN4W1UyuUgwUb22HxGTISw8W57mFqL9tTSdUswamiL
MA3Rr/9cxNszY7Iti8tS/xHiC0AeEI3Upj8Xki0po9tlAfgCxmKIzizlzyQpXugP
mUu2Xo0HiJEE+LQHUXuSTz3cjA5iaG3B1+9xC5H499n1ePAb9KIZgTLx2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJX/VYTKYK/KG8fJy9zqoj7mWldUMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKv+Ufyu
NbGOboF7yyfgWhaPnReCIbquDvzmCvIqhUZbZ6kyQFYn+Izvz785OLyKvMfCEKjx
mL4QCvpY3AWE3HzC6iw7M4xV69d1WQcCwliw1S1dZVJdY8ZW3sB/c5VbS8AkbwCz
JAWcwtWV1eP/7FWgTcX6stkN9IuAiQIanPnpcn5PdY3mJwBnlc9uOIrtw9Hl+hvR
HH4fcKpxopC03P/fW85h9C85iErSIwa9TCuXtmaJ8Gccgvz1HW27KCb3L1xAFPs3
IC5e0o/3VVVtMAV8t8RUDsn55Qcj2hlujxVdbpYyCdDdb2ERj1OCb/u1ZzWE3s5n
SsnPqcavuDtGkA==
-----END CERTIFICATE-----