Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
File:                     i5epFTYKSH1c9dXGZeW_4f_1Np8.mft (raw, json)
Hash identifier:          VRkIIuKCDZu3ejXQjsG0H0P6yWQF7ALgWZtONwQsx54=
Subject key identifier:   95:2E:0A:53:FA:A8:86:F0:F7:48:14:F4:74:75:78:64:D8:74:6E:A9
Authority key identifier: 8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F
Certificate issuer:       /CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
Certificate serial:       0197B6A1924D5E815A380B73A19D2EAA9EBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
Manifest number:          0452
Signing time:             Sat 28 Jun 2025 13:02:11 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:11 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:11 +0000
Files and hashes:         1: i5epFTYKSH1c9dXGZeW_4f_1Np8.crl (hash: sccoDnGX29oHHJoUIguK9+BgOn5t3Gr+tGhM/MTydKI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:92:4d:5e:81:5a:38:0b:73:a1:9d:2e:aa:9e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b97a915360a487d5cf5d5c665e5bfe1fff5369f
        Validity
            Not Before: Jun 28 13:02:11 2025 GMT
            Not After : Jun 29 13:02:11 2025 GMT
        Subject: CN=952e0a53faa886f0f74814f474757864d8746ea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:27:1f:de:b4:f1:99:bc:44:8a:ed:9c:5c:42:
                    46:ba:4c:3d:cb:6f:1f:e5:02:64:e8:dd:86:60:d1:
                    25:eb:d8:d6:23:75:ac:bb:d1:e9:fa:5b:d5:41:85:
                    24:d8:0c:a6:71:2d:84:ad:45:9a:85:db:78:ef:8b:
                    d7:8c:b2:9f:e6:ff:61:42:9a:5c:35:b7:a1:aa:3f:
                    65:7f:da:0e:39:58:bf:7e:1d:ea:0d:3e:a8:94:92:
                    4d:de:9d:02:a1:0b:29:5d:31:57:57:3c:65:78:1b:
                    87:cb:3a:ac:4c:a4:7c:b5:02:a4:3c:46:3b:92:b9:
                    fe:07:9d:7a:ca:8a:6a:f8:f7:bb:7d:e9:d8:a5:ca:
                    c6:bd:23:8d:71:ef:1b:8a:48:5a:81:67:89:60:30:
                    ac:20:3c:7e:66:42:4d:91:8e:79:f0:1f:ab:0f:92:
                    1b:3a:16:61:d9:e5:96:f1:86:93:e1:ee:10:9a:d6:
                    71:23:05:36:38:af:20:a3:30:de:50:56:35:b0:14:
                    57:94:5f:84:92:8a:59:2b:3f:88:6b:f2:35:61:09:
                    2b:88:01:b8:1e:58:ba:f5:67:53:7d:cf:c4:82:af:
                    12:78:3e:20:23:13:57:cc:07:d7:99:b2:39:c9:73:
                    b9:ae:13:ed:80:5b:d4:3c:00:f1:be:1f:53:73:d1:
                    c8:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2E:0A:53:FA:A8:86:F0:F7:48:14:F4:74:75:78:64:D8:74:6E:A9
            X509v3 Authority Key Identifier:
                keyid:8B:97:A9:15:36:0A:48:7D:5C:F5:D5:C6:65:E5:BF:E1:FF:F5:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5epFTYKSH1c9dXGZeW_4f_1Np8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7d4a29-023f-42d7-aab7-d87b361acd89/1/i5epFTYKSH1c9dXGZeW_4f_1Np8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:0a:0d:d5:f4:42:fa:de:a5:9d:d7:20:c7:74:a8:05:66:83:
         ee:eb:83:14:ab:0e:ab:b5:b3:e1:76:ca:08:b0:3f:b8:36:be:
         81:48:35:9a:df:6e:7b:6f:2e:b9:bd:ee:d6:e1:1f:5a:c1:83:
         cf:c3:d5:6e:eb:fc:0d:0c:44:d3:16:7e:fa:10:b0:ee:38:90:
         21:1f:db:fa:8f:7f:ef:05:f1:6e:1e:17:06:46:ba:be:9e:2e:
         04:b4:c9:c6:3c:ee:7c:37:dc:49:fd:d2:a1:ad:45:13:c2:00:
         9a:29:31:d2:5d:7b:05:5a:e5:99:9f:9f:bf:43:66:a0:d1:86:
         f9:a9:01:ed:32:d9:90:26:7e:01:7b:1c:06:e9:a2:cf:c4:f8:
         4e:0e:44:b4:c3:96:04:11:bb:5c:1e:6d:72:f6:6c:3f:e0:0c:
         d1:4f:1e:9e:04:c2:dc:12:b0:52:59:4a:d8:53:c9:8f:64:e3:
         60:59:fa:3e:34:44:ef:74:48:a7:2c:39:08:6b:b6:9d:b0:6b:
         01:17:b3:1a:9b:b8:90:15:33:2c:43:f5:ec:23:04:fc:26:b6:
         b6:b6:66:60:6f:82:f6:de:5f:a8:fd:2d:01:24:58:45:4e:17:
         8b:5b:49:b5:0b:f9:83:c3:d5:74:8c:8a:ab:e6:5b:e8:3b:5f:
         6f:24:59:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZJNXoFaOAtzoZ0uqp69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOTdhOTE1MzYwYTQ4N2Q1Y2Y1ZDVjNjY1ZTViZmUxZmZm
NTM2OWYwHhcNMjUwNjI4MTMwMjExWhcNMjUwNjI5MTMwMjExWjAzMTEwLwYDVQQD
Eyg5NTJlMGE1M2ZhYTg4NmYwZjc0ODE0ZjQ3NDc1Nzg2NGQ4NzQ2ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwycf3rTxmbxEiu2cXEJGukw9y28f
5QJk6N2GYNEl69jWI3Wsu9Hp+lvVQYUk2AymcS2ErUWahdt474vXjLKf5v9hQppc
Nbehqj9lf9oOOVi/fh3qDT6olJJN3p0CoQspXTFXVzxleBuHyzqsTKR8tQKkPEY7
krn+B516yopq+Pe7fenYpcrGvSONce8bikhagWeJYDCsIDx+ZkJNkY558B+rD5Ib
OhZh2eWW8YaT4e4QmtZxIwU2OK8gozDeUFY1sBRXlF+EkopZKz+Ia/I1YQkriAG4
Hli69WdTfc/Egq8SeD4gIxNXzAfXmbI5yXO5rhPtgFvUPADxvh9Tc9HI9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUuClP6qIbw90gU9HR1eGTYdG6pMB8GA1UdIwQY
MBaAFIuXqRU2Ckh9XPXVxmXlv+H/9TafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjct
ZDg3YjM2MWFjZDg5LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83ZDRhMjktMDIzZi00MmQ3LWFhYjctZDg3YjM2MWFjZDg5
LzEvaTVlcEZUWUtTSDFjOWRYR1plV180Zl8xTnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwoN1fRC
+t6lndcgx3SoBWaD7uuDFKsOq7Wz4XbKCLA/uDa+gUg1mt9ue28uub3u1uEfWsGD
z8PVbuv8DQxE0xZ++hCw7jiQIR/b+o9/7wXxbh4XBka6vp4uBLTJxjzufDfcSf3S
oa1FE8IAmikx0l17BVrlmZ+fv0NmoNGG+akB7TLZkCZ+AXscBumiz8T4Tg5EtMOW
BBG7XB5tcvZsP+AM0U8engTC3BKwUllK2FPJj2TjYFn6PjRE73RIpyw5CGu2nbBr
ARezGpu4kBUzLEP17CME/Ca2trZmYG+C9t5fqP0tASRYRU4Xi1tJtQv5g8PVdIyK
q+Zb6DtfbyRZ7g==
-----END CERTIFICATE-----