Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          //ZHNRxHq9W9h1BTuPcnaRj/aLuCAKi2XPLCVgwdNPw=
Subject key identifier:   22:07:F1:F0:FD:2B:47:B4:67:15:EF:7E:F2:F8:76:BB:31:FB:99:30
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       0198D5BC4041F2C4349882A34A0757FA4B35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          04A1
Signing time:             Sat 23 Aug 2025 07:02:20 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:20 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:20 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: /HNbZvfncWGko3xslfLdkpL5dmVR7pwYkfRjCjPrarM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:40:41:f2:c4:34:98:82:a3:4a:07:57:fa:4b:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Aug 23 07:02:20 2025 GMT
            Not After : Aug 24 07:02:20 2025 GMT
        Subject: CN=2207f1f0fd2b47b46715ef7ef2f876bb31fb9930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9d:85:e0:bf:6f:d7:57:d0:13:72:f8:4b:f7:
                    9b:57:c7:25:a6:84:17:a3:a3:d1:7c:4e:a1:7f:e1:
                    c9:74:ee:b4:b4:8a:6d:84:f5:2a:9a:08:11:4a:27:
                    f6:01:ff:bc:68:31:e9:17:cb:df:90:36:e4:17:92:
                    62:74:71:6f:15:03:8b:1c:14:c2:8f:4d:e8:fc:40:
                    12:29:a0:3d:47:f3:93:1a:52:86:e8:85:78:20:43:
                    64:79:28:0e:72:ab:9d:37:de:64:f4:19:21:f4:d9:
                    ee:63:d1:ff:5b:26:df:c1:52:52:32:77:33:28:79:
                    fd:9b:12:a0:f4:7b:d2:de:0e:e9:9b:11:09:2f:bd:
                    79:7b:e1:6e:c9:c4:8a:d8:c4:13:9a:5c:1e:d4:cb:
                    4a:fb:fc:71:e4:da:8d:90:1b:85:d8:28:3d:5b:02:
                    a1:2e:03:72:40:be:79:68:1f:bd:ab:af:8b:4e:fd:
                    34:f0:8e:58:02:cd:2f:e0:c3:34:76:0a:ed:e0:77:
                    9b:85:82:bc:50:95:10:94:7c:59:91:d0:cc:13:7f:
                    9b:35:15:f4:61:84:20:10:d1:7b:c0:b4:24:87:e3:
                    82:1e:88:af:2d:54:50:dc:2e:dc:b4:6c:bb:4a:ec:
                    e8:ee:51:1f:bf:b2:a8:3e:fb:a9:fd:a8:f8:80:ac:
                    3a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:07:F1:F0:FD:2B:47:B4:67:15:EF:7E:F2:F8:76:BB:31:FB:99:30
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:10:6a:42:46:94:0d:99:17:8e:e3:ff:94:a4:c3:5c:74:64:
         47:88:82:8a:b7:8c:c1:8b:bf:27:cb:12:d2:6f:0d:3b:18:a0:
         0f:87:d8:2b:b9:c3:fc:73:6f:3d:42:22:88:ed:83:38:34:13:
         d8:53:62:67:0d:93:8e:c6:60:cf:e3:5a:3c:23:f4:93:c5:dc:
         41:7b:b8:21:c4:9e:1c:01:eb:3d:e0:50:8d:cc:9c:e8:e0:b6:
         b1:86:da:4e:1b:35:c7:fe:be:db:12:ef:ee:b2:60:26:eb:6f:
         8d:f1:08:b8:72:3a:55:97:09:74:7c:33:be:54:c9:25:dc:a8:
         de:97:8b:c0:d8:a5:74:65:09:dc:c0:ed:08:e5:9a:41:60:52:
         6b:7a:31:a6:4c:ec:69:fe:f1:27:f3:28:7e:a0:5e:3d:16:d6:
         ae:a9:05:62:4d:08:22:c6:b2:3f:c8:f6:8e:af:88:d7:aa:71:
         22:1d:34:0e:d0:b0:24:a1:7a:87:23:50:9a:40:45:16:a3:15:
         98:1e:33:46:58:4c:56:0d:7c:da:fc:5b:ee:01:fa:da:b0:9b:
         5c:3a:d8:f5:32:67:2e:d1:07:77:26:07:07:57:39:76:05:c4:
         89:8d:c1:b8:84:fb:91:bf:78:e1:4a:9a:b1:4d:fd:5f:03:f6:
         92:d4:84:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvEBB8sQ0mIKjSgdX+ks1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwODIzMDcwMjIwWhcNMjUwODI0MDcwMjIwWjAzMTEwLwYDVQQD
EygyMjA3ZjFmMGZkMmI0N2I0NjcxNWVmN2VmMmY4NzZiYjMxZmI5OTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ2F4L9v11fQE3L4S/ebV8clpoQX
o6PRfE6hf+HJdO60tIpthPUqmggRSif2Af+8aDHpF8vfkDbkF5JidHFvFQOLHBTC
j03o/EASKaA9R/OTGlKG6IV4IENkeSgOcqudN95k9Bkh9NnuY9H/WybfwVJSMncz
KHn9mxKg9HvS3g7pmxEJL715e+FuycSK2MQTmlwe1MtK+/xx5NqNkBuF2Cg9WwKh
LgNyQL55aB+9q6+LTv008I5YAs0v4MM0dgrt4HebhYK8UJUQlHxZkdDME3+bNRX0
YYQgENF7wLQkh+OCHoivLVRQ3C7ctGy7Suzo7lEfv7KoPvup/aj4gKw66QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIH8fD9K0e0ZxXvfvL4drsx+5kwMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkxBqQkaU
DZkXjuP/lKTDXHRkR4iCireMwYu/J8sS0m8NOxigD4fYK7nD/HNvPUIiiO2DODQT
2FNiZw2TjsZgz+NaPCP0k8XcQXu4IcSeHAHrPeBQjcyc6OC2sYbaThs1x/6+2xLv
7rJgJutvjfEIuHI6VZcJdHwzvlTJJdyo3peLwNildGUJ3MDtCOWaQWBSa3oxpkzs
af7xJ/MofqBePRbWrqkFYk0IIsayP8j2jq+I16pxIh00DtCwJKF6hyNQmkBFFqMV
mB4zRlhMVg182vxb7gH62rCbXDrY9TJnLtEHdyYHB1c5dgXEiY3BuIT7kb944Uqa
sU39XwP2ktSELg==
-----END CERTIFICATE-----