Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          x8uMC/B9BIG8UdO8m8Z82hOwOs1UM4BFSt6mCkao1U8=
Subject key identifier:   41:2F:3F:B0:7E:2C:78:CD:CD:85:93:C4:67:60:4C:A3:1A:15:94:B4
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       0197B6A051FCADE904D6C3192F774072614E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0A17
Signing time:             Sat 28 Jun 2025 13:00:49 +0000
Manifest this update:     Sat 28 Jun 2025 13:00:49 +0000
Manifest next update:     Sun 29 Jun 2025 13:00:49 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: c+NIT5vebiwYRXGQngn+R6BJl3FQBgCfxyVWySEyq+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:51:fc:ad:e9:04:d6:c3:19:2f:77:40:72:61:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Jun 28 13:00:49 2025 GMT
            Not After : Jun 29 13:00:49 2025 GMT
        Subject: CN=412f3fb07e2c78cdcd8593c467604ca31a1594b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0c:06:b9:fb:78:19:59:46:52:97:ef:27:d7:
                    60:f2:30:94:36:36:dd:a3:0b:2b:ab:8d:78:d8:a3:
                    6c:fc:94:a1:55:7a:9f:ed:27:7b:5b:38:00:b8:ed:
                    3e:93:5d:b6:b5:db:ef:a7:dc:ee:6e:8b:88:5c:b6:
                    dc:79:63:c7:6b:6e:fd:6c:42:27:55:8c:8e:2e:44:
                    f4:1b:f2:85:db:c5:e1:85:6e:ff:51:40:2a:a7:fc:
                    93:35:eb:35:51:d1:c5:b6:d1:55:ba:a3:95:78:77:
                    5b:6e:15:25:02:37:3f:99:53:bc:9a:79:d7:6b:20:
                    d5:8a:f8:ce:f4:01:2a:ee:68:b1:5d:cc:e4:e5:74:
                    cd:bd:e5:1c:c5:ca:e7:c2:66:7d:7a:1a:29:17:ef:
                    cd:57:4a:66:85:be:e5:4a:09:47:f1:c9:d0:09:13:
                    77:4d:f1:79:a6:59:67:f6:12:5f:37:81:a3:a2:d3:
                    0f:af:1a:33:da:4c:68:b3:0f:6d:37:19:b1:e5:32:
                    e7:64:ae:69:9d:2c:0e:f8:71:62:3d:d4:7f:63:72:
                    b5:df:77:e4:28:72:a0:38:5b:0d:6c:02:b5:95:0a:
                    4e:2a:b9:40:09:00:a8:97:44:5d:ff:96:8d:47:14:
                    c6:4a:ca:b7:ea:c8:81:98:c5:f6:a1:4c:2f:41:34:
                    41:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:2F:3F:B0:7E:2C:78:CD:CD:85:93:C4:67:60:4C:A3:1A:15:94:B4
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:31:e2:e0:49:cc:1a:72:c3:8e:58:13:53:98:3b:5c:97:95:
         4a:1b:6d:9b:57:00:76:26:9a:01:da:67:2f:e9:01:a2:ec:b2:
         c7:b5:b1:cf:47:9f:28:24:99:17:2e:c9:6b:88:63:77:0d:11:
         8e:17:2c:08:c1:b6:52:52:9c:fe:f5:5a:16:4b:74:b8:c6:6b:
         9f:a2:52:ff:4e:d2:17:c0:0a:6e:4f:62:b0:88:29:06:30:d4:
         a1:de:62:f2:ba:fb:4c:3b:c5:ae:38:07:26:c9:3f:6f:96:10:
         e6:2a:b9:e7:1a:5d:dc:63:ec:f2:8d:3c:8c:68:b4:ce:26:84:
         cf:8a:d8:1d:21:d1:7a:d4:76:4f:53:11:55:ae:70:cb:97:81:
         cb:c3:16:2e:f3:02:28:17:01:af:f7:e0:15:9e:2b:e7:45:85:
         f2:ca:37:20:22:1a:43:a3:98:70:32:76:75:e3:28:39:ad:c6:
         d4:4c:0e:ff:3f:76:a9:51:87:66:4e:b5:d8:6d:e6:e3:3c:3b:
         70:a1:c5:49:b1:9a:db:75:0b:d5:af:31:7d:d9:28:fe:b6:5a:
         55:74:00:8f:cd:c1:06:c2:ba:b8:88:6d:98:b4:41:17:d9:8a:
         6e:a6:76:2c:40:e7:16:20:5b:90:10:c1:f3:9c:6c:08:c6:2f:
         55:0d:d8:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oFH8rekE1sMZL3dAcmFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwNjI4MTMwMDQ5WhcNMjUwNjI5MTMwMDQ5WjAzMTEwLwYDVQQD
Eyg0MTJmM2ZiMDdlMmM3OGNkY2Q4NTkzYzQ2NzYwNGNhMzFhMTU5NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wwGuft4GVlGUpfvJ9dg8jCUNjbd
owsrq4142KNs/JShVXqf7Sd7WzgAuO0+k122tdvvp9zubouIXLbceWPHa279bEIn
VYyOLkT0G/KF28XhhW7/UUAqp/yTNes1UdHFttFVuqOVeHdbbhUlAjc/mVO8mnnX
ayDVivjO9AEq7mixXczk5XTNveUcxcrnwmZ9ehopF+/NV0pmhb7lSglH8cnQCRN3
TfF5plln9hJfN4GjotMPrxoz2kxosw9tNxmx5TLnZK5pnSwO+HFiPdR/Y3K133fk
KHKgOFsNbAK1lQpOKrlACQCol0Rd/5aNRxTGSsq36siBmMX2oUwvQTRBlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEvP7B+LHjNzYWTxGdgTKMaFZS0MB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzHi4EnM
GnLDjlgTU5g7XJeVShttm1cAdiaaAdpnL+kBouyyx7Wxz0efKCSZFy7Ja4hjdw0R
jhcsCMG2UlKc/vVaFkt0uMZrn6JS/07SF8AKbk9isIgpBjDUod5i8rr7TDvFrjgH
Jsk/b5YQ5iq55xpd3GPs8o08jGi0ziaEz4rYHSHRetR2T1MRVa5wy5eBy8MWLvMC
KBcBr/fgFZ4r50WF8so3ICIaQ6OYcDJ2deMoOa3G1EwO/z92qVGHZk612G3m4zw7
cKHFSbGa23UL1a8xfdko/rZaVXQAj83BBsK6uIhtmLRBF9mKbqZ2LEDnFiBbkBDB
85xsCMYvVQ3YOQ==
-----END CERTIFICATE-----