Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          8grTycdgVWJvVDBhmkCXQRXSX/lU2OnEOmtR0nYBTxw=
Subject key identifier:   8A:82:40:3B:72:AA:4F:EF:F2:5A:4F:6D:6D:38:B5:D9:CF:0A:90:9D
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       0196BE5C7989803A463AC5E31F5BB8DFB08A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          112D
Signing time:             Sun 11 May 2025 08:00:53 +0000
Manifest this update:     Sun 11 May 2025 08:00:53 +0000
Manifest next update:     Mon 12 May 2025 08:00:53 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: 0SpP6VNiTF6NG4h5+KX2cn1JWRzp9m8D1URQy91Y3HA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:79:89:80:3a:46:3a:c5:e3:1f:5b:b8:df:b0:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: May 11 08:00:53 2025 GMT
            Not After : May 12 08:00:53 2025 GMT
        Subject: CN=8a82403b72aa4feff25a4f6d6d38b5d9cf0a909d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9c:37:21:84:30:e1:c8:dc:4d:0d:83:9a:69:
                    41:bc:5d:ce:f1:4b:0d:60:a6:ad:f3:36:00:fa:be:
                    24:42:b8:41:b1:c5:89:a6:ba:c9:a0:9c:ea:c0:90:
                    3e:f0:2d:33:9b:e0:86:00:08:c3:71:83:06:91:68:
                    65:b6:9d:96:25:df:97:e4:e4:7b:4c:ae:94:fb:c6:
                    1e:19:b4:bc:d6:71:37:a2:03:c4:be:1c:e0:67:3e:
                    25:08:65:09:16:3a:c0:65:0d:45:e1:a5:1e:91:4b:
                    50:2e:98:a0:6d:46:72:03:5b:44:c2:e2:6c:dd:4e:
                    d1:a7:19:15:45:ff:5b:55:e9:fb:77:b3:6d:c6:ac:
                    12:76:d4:32:48:fc:c4:b0:47:d7:78:1a:05:30:9e:
                    c3:5e:3f:7a:25:a1:e9:f2:ee:80:5f:23:d9:2a:24:
                    85:39:6a:07:45:9a:7a:3e:43:ad:2b:24:d9:65:5b:
                    c0:2e:ea:21:13:b4:fe:20:58:de:ae:49:b6:85:e9:
                    67:34:10:64:6c:4f:29:12:93:56:ad:e9:70:d9:4f:
                    6a:a9:de:46:fb:5c:ec:b6:96:7c:76:63:ef:65:07:
                    ef:62:72:f6:a3:c4:0b:ad:eb:d5:a2:3e:95:14:5f:
                    c0:6e:e7:22:5f:ae:e0:4f:5d:de:96:e6:af:a2:30:
                    4e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:82:40:3B:72:AA:4F:EF:F2:5A:4F:6D:6D:38:B5:D9:CF:0A:90:9D
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:a4:b0:02:cc:f5:47:a5:f3:b9:4c:7d:84:f0:7d:21:4f:1d:
         73:41:c2:33:7a:e9:ca:7d:6d:44:66:6c:43:53:a6:21:63:ca:
         ef:73:98:46:62:c1:ec:61:f5:c1:bc:86:95:2b:7a:54:8d:cb:
         cb:f1:a9:5a:61:98:32:31:fc:bb:07:5b:d7:65:4d:05:0d:9f:
         44:dd:62:4e:14:e5:6b:40:43:7d:bc:5a:a0:51:34:29:57:de:
         bf:6e:65:6f:b0:a4:3c:5c:3e:26:77:98:87:65:d4:e5:cb:e6:
         94:de:0e:7e:76:0b:96:46:24:89:de:94:c1:3c:f9:f2:f4:a2:
         e4:a4:28:10:de:59:43:f6:5b:13:87:18:69:f9:59:b9:44:fc:
         59:56:80:eb:3f:56:6a:ee:db:35:1b:67:4e:37:46:6e:3c:2e:
         3e:20:67:df:5d:02:89:e8:18:a2:a8:67:54:58:8c:bc:36:12:
         9d:8a:12:48:ae:f8:e4:af:5d:74:a6:ff:18:4d:78:19:53:cf:
         f4:24:f1:5a:74:09:b0:58:99:6f:06:e7:32:18:94:a5:7b:02:
         64:65:93:8e:23:34:39:e4:29:b1:dc:17:3f:c7:16:c5:a0:b3:
         bd:c4:84:69:98:d6:40:3a:9c:83:91:1e:2f:da:d7:1b:b1:7b:
         ee:f8:de:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XHmJgDpGOsXjH1u437CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUwNTExMDgwMDUzWhcNMjUwNTEyMDgwMDUzWjAzMTEwLwYDVQQD
Eyg4YTgyNDAzYjcyYWE0ZmVmZjI1YTRmNmQ2ZDM4YjVkOWNmMGE5MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pw3IYQw4cjcTQ2DmmlBvF3O8UsN
YKat8zYA+r4kQrhBscWJprrJoJzqwJA+8C0zm+CGAAjDcYMGkWhltp2WJd+X5OR7
TK6U+8YeGbS81nE3ogPEvhzgZz4lCGUJFjrAZQ1F4aUekUtQLpigbUZyA1tEwuJs
3U7RpxkVRf9bVen7d7NtxqwSdtQySPzEsEfXeBoFMJ7DXj96JaHp8u6AXyPZKiSF
OWoHRZp6PkOtKyTZZVvALuohE7T+IFjerkm2helnNBBkbE8pEpNWrelw2U9qqd5G
+1zstpZ8dmPvZQfvYnL2o8QLrevVoj6VFF/AbuciX67gT13eluavojBOWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqCQDtyqk/v8lpPbW04tdnPCpCdMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASaSwAsz1
R6XzuUx9hPB9IU8dc0HCM3rpyn1tRGZsQ1OmIWPK73OYRmLB7GH1wbyGlSt6VI3L
y/GpWmGYMjH8uwdb12VNBQ2fRN1iThTla0BDfbxaoFE0KVfev25lb7CkPFw+JneY
h2XU5cvmlN4OfnYLlkYkid6UwTz58vSi5KQoEN5ZQ/ZbE4cYaflZuUT8WVaA6z9W
au7bNRtnTjdGbjwuPiBn310CiegYoqhnVFiMvDYSnYoSSK745K9ddKb/GE14GVPP
9CTxWnQJsFiZbwbnMhiUpXsCZGWTjiM0OeQpsdwXP8cWxaCzvcSEaZjWQDqcg5Ee
L9rXG7F77vjegw==
-----END CERTIFICATE-----