Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File:                     I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier:          S7w/TmCNT29Ti9KafN4vAzK3W+rXmcFU28g4q2+63ZU=
Subject key identifier:   4C:E8:77:01:53:EF:7E:B6:C6:9D:FC:06:A2:A6:03:CF:23:14:57:B6
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer:       /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial:       0197B70EDFCB60A26C06851B1879993CEB2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number:          03
Signing time:             Sat 28 Jun 2025 15:01:34 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:34 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:34 +0000
Files and hashes:         1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: 1p2GFcUU+CkLMxWFwKE4BRu+RhPUvVUONBhitdZoF8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:df:cb:60:a2:6c:06:85:1b:18:79:99:3c:eb:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
        Validity
            Not Before: Jun 28 15:01:34 2025 GMT
            Not After : Jun 29 15:01:34 2025 GMT
        Subject: CN=4ce8770153ef7eb6c69dfc06a2a603cf231457b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:76:37:03:99:54:45:97:2f:d7:6d:38:72:de:
                    3e:89:bb:22:59:5c:a9:81:ab:8e:5a:94:aa:06:45:
                    f8:27:82:8c:9d:f0:83:10:a9:29:78:38:40:f0:a5:
                    db:75:bf:ac:6a:dd:23:10:e3:5e:9d:a0:bf:d6:b6:
                    d4:86:ec:da:3a:7e:19:da:2c:b8:20:28:7b:e2:c2:
                    74:2e:7c:7d:42:3c:52:62:ea:6a:6a:d1:36:12:15:
                    d3:2a:27:58:9d:4c:01:b3:23:a0:70:0f:54:cd:e6:
                    a6:c3:4d:4a:78:74:15:48:5a:78:cd:c2:3e:76:63:
                    62:b8:09:fc:3d:cc:91:7b:8d:47:8c:56:fa:11:1c:
                    73:f5:ce:8c:c5:b0:bb:64:0d:e6:b8:87:b8:a4:f7:
                    09:5b:ce:d6:25:4e:f5:e0:41:22:5f:ea:b9:14:bd:
                    a7:37:e8:73:d2:cf:9c:11:fd:a3:92:4c:fa:00:17:
                    51:a7:77:6c:a5:d0:4f:60:bf:e2:40:5c:d5:e4:4c:
                    23:2f:6e:83:8e:c6:0b:43:af:23:b9:e4:09:b0:23:
                    74:f5:f8:3e:c9:11:5f:24:d4:a5:d2:0b:e3:e0:c9:
                    81:fe:bc:fe:85:f2:7a:73:64:05:92:00:3c:00:01:
                    1e:ad:ff:14:98:c5:6e:fc:32:db:7f:ce:92:eb:cd:
                    7d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E8:77:01:53:EF:7E:B6:C6:9D:FC:06:A2:A6:03:CF:23:14:57:B6
            X509v3 Authority Key Identifier:
                keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:d0:4a:2f:75:27:82:2a:5a:e4:f2:93:dc:50:4d:38:bb:ac:
         77:c6:60:89:28:df:01:27:32:df:52:f1:3f:e5:41:43:61:9d:
         30:72:11:8b:be:a9:e2:6e:7a:85:67:7d:8a:2a:93:94:f5:aa:
         e4:ab:5e:2d:b9:f9:cb:e0:a0:8d:15:a8:df:0a:a2:e8:33:9a:
         5c:84:c5:ec:02:b8:0a:aa:0c:a8:ff:58:42:94:95:bb:cf:5b:
         f5:51:6b:9d:33:c4:34:32:b8:0a:36:12:84:bb:4a:04:31:e5:
         f1:86:91:6a:6b:ca:a3:92:58:d2:50:49:af:39:b4:98:1c:94:
         91:c6:21:ef:e8:9a:b6:1b:e4:63:f8:d4:3b:38:ab:95:a7:19:
         6f:e3:0f:37:cb:c3:1b:60:03:cf:a5:25:0d:0e:59:86:85:ab:
         1e:91:82:9f:37:5b:bf:a4:b7:26:2e:45:09:8d:82:1d:a1:19:
         40:ff:7b:42:df:94:74:9b:f8:5b:5c:10:58:6d:3a:e6:ff:13:
         b2:b3:f6:e1:76:3b:b0:19:1d:7c:81:f3:1b:64:f5:05:ea:ae:
         a2:4a:4a:f4:f0:c4:50:a7:15:8f:33:84:5f:d4:6a:db:28:6b:
         7d:71:2b:23:54:ce:c9:73:b8:7e:f4:db:33:df:e3:f4:2d:32:
         c5:9f:7d:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dt/LYKJsBoUbGHmZPOsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjUwNjI4MTUwMTM0WhcNMjUwNjI5MTUwMTM0WjAzMTEwLwYDVQQD
Eyg0Y2U4NzcwMTUzZWY3ZWI2YzY5ZGZjMDZhMmE2MDNjZjIzMTQ1N2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XY3A5lURZcv1204ct4+ibsiWVyp
gauOWpSqBkX4J4KMnfCDEKkpeDhA8KXbdb+sat0jEONenaC/1rbUhuzaOn4Z2iy4
ICh74sJ0Lnx9QjxSYupqatE2EhXTKidYnUwBsyOgcA9Uzeamw01KeHQVSFp4zcI+
dmNiuAn8PcyRe41HjFb6ERxz9c6MxbC7ZA3muIe4pPcJW87WJU714EEiX+q5FL2n
N+hz0s+cEf2jkkz6ABdRp3dspdBPYL/iQFzV5EwjL26DjsYLQ68jueQJsCN09fg+
yRFfJNSl0gvj4MmB/rz+hfJ6c2QFkgA8AAEerf8UmMVu/DLbf86S6819gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzodwFT7362xp38BqKmA88jFFe2MB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNBKL3Un
gipa5PKT3FBNOLusd8ZgiSjfAScy31LxP+VBQ2GdMHIRi76p4m56hWd9iiqTlPWq
5KteLbn5y+CgjRWo3wqi6DOaXITF7AK4CqoMqP9YQpSVu89b9VFrnTPENDK4CjYS
hLtKBDHl8YaRamvKo5JY0lBJrzm0mByUkcYh7+iathvkY/jUOzirlacZb+MPN8vD
G2ADz6UlDQ5ZhoWrHpGCnzdbv6S3Ji5FCY2CHaEZQP97Qt+UdJv4W1wQWG065v8T
srP24XY7sBkdfIHzG2T1BequokpK9PDEUKcVjzOEX9Rq2yhrfXErI1TOyXO4fvTb
M9/j9C0yxZ994Q==
-----END CERTIFICATE-----