Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
File:                     IMnySVGbH_R5NQ8xclT0Bei_yr0.mft (raw, json)
Hash identifier:          8E4sfaW2fVZfC4cTotLof3UBoobjZniUFH6K5lo+Weg=
Subject key identifier:   D7:9D:6D:30:69:1A:C8:85:31:E4:2E:50:54:75:14:42:AE:B0:98:D8
Authority key identifier: 20:C9:F2:49:51:9B:1F:F4:79:35:0F:31:72:54:F4:05:E8:BF:CA:BD
Certificate issuer:       /CN=20c9f249519b1ff479350f317254f405e8bfcabd
Certificate serial:       0197B77C42C2EC74F0A0BC6F2051FE1138D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
Manifest number:          0FAB
Signing time:             Sat 28 Jun 2025 17:01:03 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:03 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:03 +0000
Files and hashes:         1: IMnySVGbH_R5NQ8xclT0Bei_yr0.crl (hash: Qa/0cQ0WQ4q9Z41KWH+V/FG8u+f33L2Grb0fXdJ/z0U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:42:c2:ec:74:f0:a0:bc:6f:20:51:fe:11:38:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20c9f249519b1ff479350f317254f405e8bfcabd
        Validity
            Not Before: Jun 28 17:01:03 2025 GMT
            Not After : Jun 29 17:01:03 2025 GMT
        Subject: CN=d79d6d30691ac88531e42e5054751442aeb098d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c1:38:cf:bd:35:7f:d7:2b:bf:8d:0f:29:f5:
                    52:e1:12:41:c6:fe:72:59:ed:31:82:d3:43:0a:2e:
                    0d:8e:40:8d:5f:48:56:f9:e0:e7:45:14:4b:ed:10:
                    b6:fe:47:f0:50:3a:b9:2a:de:97:91:43:57:79:d2:
                    3c:ef:9d:13:e1:b2:ae:1b:73:31:0d:76:53:36:10:
                    12:62:21:5e:2b:7d:da:da:09:70:44:d3:11:9d:cd:
                    35:21:75:6a:40:a3:23:05:d3:af:6d:30:ec:12:7d:
                    2a:4e:c1:e0:8a:1a:4c:75:ba:4c:b4:03:3d:d3:e6:
                    ce:e7:f3:28:f0:96:cb:53:b3:82:94:a9:96:7e:db:
                    71:3f:94:98:c1:cd:39:c5:7a:b4:67:3d:1f:fd:7c:
                    f1:71:46:9d:db:6a:8c:60:7d:32:b5:7c:d2:ce:90:
                    06:d3:f4:8a:31:50:f4:67:1e:2b:45:f8:aa:8e:6a:
                    e2:11:37:85:93:9f:7b:07:85:f3:0e:ed:ff:0e:06:
                    89:ac:5d:1e:e7:d7:64:d5:05:26:97:97:af:07:c5:
                    f5:cd:9e:61:67:54:7e:1a:2a:b2:81:6f:ae:f3:c8:
                    85:42:43:6a:9c:9c:7e:a6:eb:9b:11:2c:95:40:b0:
                    7c:57:ad:86:bd:d3:28:21:e3:71:16:da:1e:4b:2c:
                    4b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9D:6D:30:69:1A:C8:85:31:E4:2E:50:54:75:14:42:AE:B0:98:D8
            X509v3 Authority Key Identifier:
                keyid:20:C9:F2:49:51:9B:1F:F4:79:35:0F:31:72:54:F4:05:E8:BF:CA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMnySVGbH_R5NQ8xclT0Bei_yr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/38c26f-25a2-4b20-9ecd-0e6bced00463/1/IMnySVGbH_R5NQ8xclT0Bei_yr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:12:01:20:dd:44:ce:7f:63:b9:3d:81:17:31:ae:26:a7:3c:
         21:e8:1e:3f:d3:29:a6:f8:1b:c7:46:8e:a3:55:b7:1b:ad:09:
         d4:61:94:38:0f:87:ad:07:75:2f:2f:99:cf:23:22:51:9b:88:
         bf:1d:f0:a0:86:29:15:e9:fe:d7:c7:c5:b3:49:97:8b:fd:ea:
         1b:7f:78:50:23:ec:4f:50:aa:22:e2:8a:84:b0:d2:7b:02:3a:
         ee:0b:de:39:cb:e0:12:90:57:60:83:c0:b5:99:e3:11:e4:4d:
         70:83:6f:34:ae:a9:3e:0b:87:32:a6:59:9d:a1:8e:3f:34:dc:
         7f:2c:e6:c1:bc:87:b6:9d:4c:3e:3b:54:2d:c2:df:ec:fd:5c:
         19:02:e0:c8:26:3e:71:1d:61:e4:80:86:e9:55:99:6a:70:40:
         f4:16:b0:3e:93:32:b8:08:ca:d3:44:1e:3d:37:34:cb:f2:35:
         ee:b4:5f:fe:77:e5:4c:94:a9:02:9a:62:a2:ed:6b:64:b3:b9:
         f8:96:7a:e4:5f:e8:8d:bf:2f:a4:ab:2d:87:96:06:d7:9d:f2:
         63:bf:95:fb:08:73:3c:4b:b7:4f:61:33:63:7c:1e:fc:0e:1e:
         48:5b:45:f7:c6:08:66:a0:76:d8:9b:14:00:36:3a:d7:d2:99:
         60:58:35:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fELC7HTwoLxvIFH+ETjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzlmMjQ5NTE5YjFmZjQ3OTM1MGYzMTcyNTRmNDA1ZThi
ZmNhYmQwHhcNMjUwNjI4MTcwMTAzWhcNMjUwNjI5MTcwMTAzWjAzMTEwLwYDVQQD
EyhkNzlkNmQzMDY5MWFjODg1MzFlNDJlNTA1NDc1MTQ0MmFlYjA5OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoME4z701f9crv40PKfVS4RJBxv5y
We0xgtNDCi4NjkCNX0hW+eDnRRRL7RC2/kfwUDq5Kt6XkUNXedI8750T4bKuG3Mx
DXZTNhASYiFeK33a2glwRNMRnc01IXVqQKMjBdOvbTDsEn0qTsHgihpMdbpMtAM9
0+bO5/Mo8JbLU7OClKmWfttxP5SYwc05xXq0Zz0f/XzxcUad22qMYH0ytXzSzpAG
0/SKMVD0Zx4rRfiqjmriETeFk597B4XzDu3/DgaJrF0e59dk1QUml5evB8X1zZ5h
Z1R+GiqygW+u88iFQkNqnJx+puubESyVQLB8V62GvdMoIeNxFtoeSyxLSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNedbTBpGsiFMeQuUFR1FEKusJjYMB8GA1UdIwQY
MBaAFCDJ8klRmx/0eTUPMXJU9AXov8q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOGMyNmYtMjVhMi00YjIwLTllY2Qt
MGU2YmNlZDAwNDYzLzEvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOGMyNmYtMjVhMi00YjIwLTllY2QtMGU2YmNlZDAwNDYz
LzEvSU1ueVNWR2JIX1I1TlE4eGNsVDBCZWlfeXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxIBIN1E
zn9juT2BFzGuJqc8IegeP9Mppvgbx0aOo1W3G60J1GGUOA+HrQd1Ly+ZzyMiUZuI
vx3woIYpFen+18fFs0mXi/3qG394UCPsT1CqIuKKhLDSewI67gveOcvgEpBXYIPA
tZnjEeRNcINvNK6pPguHMqZZnaGOPzTcfyzmwbyHtp1MPjtULcLf7P1cGQLgyCY+
cR1h5ICG6VWZanBA9BawPpMyuAjK00QePTc0y/I17rRf/nflTJSpAppiou1rZLO5
+JZ65F/ojb8vpKsth5YG153yY7+V+whzPEu3T2EzY3we/A4eSFtF98YIZqB22JsU
ADY619KZYFg1/Q==
-----END CERTIFICATE-----