Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          o259LYjRG1G1tFK6BEzj7/i46fY3yn/Oh/ZgQXGOfKg=
Subject key identifier:   AC:E2:B6:07:9B:9C:A8:52:03:2B:FE:5B:E0:55:06:06:24:1B:7D:70
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       0198D54E25BD0720CD6610FFF54C56403ABE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          1242
Signing time:             Sat 23 Aug 2025 05:02:05 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:05 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:05 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: qCluikRw0TWkJY8/AM0SF/lXHUVLxMWAPNfKAxI64Jg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:25:bd:07:20:cd:66:10:ff:f5:4c:56:40:3a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Aug 23 05:02:05 2025 GMT
            Not After : Aug 24 05:02:05 2025 GMT
        Subject: CN=ace2b6079b9ca852032bfe5be0550606241b7d70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:aa:e7:b1:24:b6:1b:a3:38:c2:4e:7c:88:66:
                    b0:d2:1f:3b:9a:62:e9:9a:79:7c:29:6c:44:cf:17:
                    ec:9a:93:7a:07:43:ff:d2:8f:4e:fb:f0:81:2d:b2:
                    25:59:e2:4d:b3:af:f8:ba:7b:f0:df:51:64:cd:13:
                    59:f0:8d:14:65:3a:55:ae:7c:5b:28:57:48:c0:a8:
                    ce:0d:95:99:b0:53:d5:73:c2:d9:ca:46:ff:3f:73:
                    eb:f2:4e:9d:b2:db:a3:1e:fe:9b:bf:2e:ab:1c:82:
                    14:19:9c:44:08:72:d6:9a:16:4a:98:40:3e:09:41:
                    20:b7:2a:81:8e:f0:6b:56:c5:8c:a5:74:28:a8:bf:
                    2e:d2:75:6b:5b:4c:5e:a5:9e:27:03:15:f7:28:0a:
                    24:1f:5c:0a:b9:6e:9a:13:17:4e:ca:c7:3b:1f:70:
                    15:4d:18:ad:e7:0e:9a:7e:35:d3:6d:ff:b1:b0:93:
                    0d:8b:d3:ac:81:c0:01:39:c2:f2:7d:8b:d8:27:eb:
                    61:d5:d8:84:60:d6:25:74:7e:2d:00:6e:fc:c0:57:
                    7e:4d:a7:20:4b:bc:77:2a:82:d3:4d:4b:9a:8f:95:
                    5a:48:b8:15:6e:04:fa:35:b5:48:4e:50:70:51:92:
                    9d:49:8c:86:4d:04:d6:53:a1:11:ed:ff:71:95:5c:
                    47:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E2:B6:07:9B:9C:A8:52:03:2B:FE:5B:E0:55:06:06:24:1B:7D:70
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:90:7c:6c:a0:e7:53:a4:08:c8:96:c6:e2:f9:89:44:04:05:
         5e:ae:15:cf:4d:31:fb:1b:f2:20:96:2e:5f:15:54:18:ce:ce:
         78:41:c0:02:7b:73:08:01:7a:92:80:d3:69:f3:b8:e9:b7:fd:
         dc:70:fd:02:5d:9f:6f:54:e2:ae:27:2e:6c:19:06:ba:b9:72:
         7e:d9:64:d1:7c:5c:a9:40:1e:a3:e0:56:d1:77:42:61:3b:20:
         21:7a:eb:e6:0b:ad:de:d8:cc:f8:4d:ca:b9:f0:32:f4:26:b2:
         06:46:ac:7f:41:65:8a:30:42:ae:9f:90:be:30:60:51:39:a9:
         a1:a9:ee:f3:ee:d7:b6:22:b4:d2:46:b3:7e:30:a6:a6:89:0a:
         4a:23:d7:24:32:e5:e0:fb:db:cf:1d:a7:2d:16:eb:e8:fe:97:
         75:37:73:97:04:59:6e:b9:c5:f1:4f:46:72:c8:8d:a6:7f:ac:
         d6:eb:f8:1f:c0:e1:b3:03:43:46:8c:cf:e5:3b:3e:39:85:af:
         b8:47:d1:ab:16:2c:09:c5:73:28:a8:2c:90:27:c5:35:91:6f:
         8c:db:c9:74:e1:51:31:4d:e5:52:0b:65:40:9a:96:a7:ef:53:
         7d:67:f2:2e:6a:02:c0:2a:c0:0a:b8:2e:b5:97:69:5e:31:6d:
         0f:7e:18:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTiW9ByDNZhD/9UxWQDq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUwODIzMDUwMjA1WhcNMjUwODI0MDUwMjA1WjAzMTEwLwYDVQQD
EyhhY2UyYjYwNzliOWNhODUyMDMyYmZlNWJlMDU1MDYwNjI0MWI3ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKrnsSS2G6M4wk58iGaw0h87mmLp
mnl8KWxEzxfsmpN6B0P/0o9O+/CBLbIlWeJNs6/4unvw31FkzRNZ8I0UZTpVrnxb
KFdIwKjODZWZsFPVc8LZykb/P3Pr8k6dstujHv6bvy6rHIIUGZxECHLWmhZKmEA+
CUEgtyqBjvBrVsWMpXQoqL8u0nVrW0xepZ4nAxX3KAokH1wKuW6aExdOysc7H3AV
TRit5w6afjXTbf+xsJMNi9OsgcABOcLyfYvYJ+th1diEYNYldH4tAG78wFd+Tacg
S7x3KoLTTUuaj5VaSLgVbgT6NbVITlBwUZKdSYyGTQTWU6ER7f9xlVxHwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzitgebnKhSAyv+W+BVBgYkG31wMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdZB8bKDn
U6QIyJbG4vmJRAQFXq4Vz00x+xvyIJYuXxVUGM7OeEHAAntzCAF6koDTafO46bf9
3HD9Al2fb1TiricubBkGurlyftlk0XxcqUAeo+BW0XdCYTsgIXrr5gut3tjM+E3K
ufAy9CayBkasf0FlijBCrp+QvjBgUTmpoanu8+7XtiK00kazfjCmpokKSiPXJDLl
4Pvbzx2nLRbr6P6XdTdzlwRZbrnF8U9GcsiNpn+s1uv4H8DhswNDRozP5Ts+OYWv
uEfRqxYsCcVzKKgskCfFNZFvjNvJdOFRMU3lUgtlQJqWp+9TfWfyLmoCwCrACrgu
tZdpXjFtD34YYg==
-----END CERTIFICATE-----