Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          Xts+BIT2avZtLqrOmwqGL2UQfm6jayulaeirooI+hqc=
Subject key identifier:   EB:E6:B4:46:E9:29:4D:1E:BC:7B:22:73:2B:50:46:7D:BA:71:36:35
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       0197B6A1848C750DD893FBC9EC907CD620C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          0725
Signing time:             Sat 28 Jun 2025 13:02:07 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:07 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:07 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: NwNazw8WVwxNk3gdA+bjNfm+xmneSqW8BXyx46fn1gk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:84:8c:75:0d:d8:93:fb:c9:ec:90:7c:d6:20:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Jun 28 13:02:07 2025 GMT
            Not After : Jun 29 13:02:07 2025 GMT
        Subject: CN=ebe6b446e9294d1ebc7b22732b50467dba713635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:38:6c:2a:60:d2:fd:a3:ad:cc:6b:61:6e:8e:
                    59:4e:b5:47:71:7c:0c:3f:52:05:f6:75:ff:65:a7:
                    3c:1c:32:85:0c:66:b0:f5:7e:38:a2:eb:e3:6c:01:
                    de:2e:00:99:c3:4a:2c:44:79:eb:f2:6b:e1:14:82:
                    26:c3:20:b4:01:e4:a7:35:b7:03:5f:3c:c5:6c:c2:
                    9c:e7:bb:68:35:42:65:37:03:29:d0:e1:cd:1c:cd:
                    f4:dd:cf:73:3b:9d:60:50:a5:f2:10:bc:0f:07:92:
                    93:e9:a4:42:c3:bf:90:ad:fa:94:1e:c6:c9:3d:8f:
                    8b:ad:7f:24:15:ae:22:5b:1c:2f:d3:bf:da:f0:95:
                    4d:d0:ae:17:ad:a0:f0:7b:ec:18:5c:16:90:dd:72:
                    fe:20:0b:b5:4a:f4:2e:73:71:4d:40:a7:f3:c1:27:
                    1e:a1:9f:e3:e6:27:1a:d6:0a:87:de:f5:ed:5b:71:
                    09:cd:13:48:f3:8c:b5:3b:d9:df:40:3e:43:b2:93:
                    ea:b5:35:90:4a:51:e5:f7:af:e1:4d:0b:aa:6d:99:
                    a7:b6:01:4e:48:0c:1d:22:cb:a9:b4:a8:b7:98:84:
                    7c:11:f6:f4:d8:db:62:a0:11:76:e7:4a:d1:09:0a:
                    7e:b6:83:fb:46:de:e9:d7:fc:19:05:b2:c8:4d:dc:
                    dc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:E6:B4:46:E9:29:4D:1E:BC:7B:22:73:2B:50:46:7D:BA:71:36:35
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9c:51:47:1f:a9:51:46:f0:d8:d5:60:96:a1:e5:a6:7e:fd:
         21:cb:4a:04:1c:5e:d9:f9:39:db:b3:4e:d1:56:74:4c:8d:44:
         e6:f8:b2:af:94:34:0c:06:e4:e4:29:c3:c6:b1:62:78:86:7d:
         6d:33:f4:4b:40:df:d5:45:46:00:c0:73:1c:1d:22:4e:0b:76:
         7e:93:17:a4:f0:e7:b9:f6:ed:cf:03:9f:b2:aa:83:e3:2e:23:
         b3:92:50:5c:ca:93:82:45:f4:d6:90:9b:63:fa:70:ee:45:d6:
         36:45:f8:d4:ee:d4:d7:c2:5f:c8:63:94:02:02:bb:b4:10:7f:
         02:35:00:b4:d1:eb:d5:7b:6b:60:3a:23:5b:a5:b7:28:6b:e4:
         b4:be:8d:65:36:45:3a:1b:be:94:ff:1d:64:5f:2a:de:f5:1a:
         fc:74:8c:60:03:68:a6:3c:65:c3:c8:85:86:17:c9:47:99:64:
         b5:28:dc:62:b0:5b:6d:15:ce:72:77:6f:b6:4c:52:17:f8:7d:
         7a:a4:3a:e7:2e:30:81:94:3c:5a:11:87:be:a4:cc:24:5b:63:
         61:af:57:af:f1:01:ce:76:b2:68:21:0d:c5:5e:dc:b6:2f:d3:
         95:d9:c2:72:ea:51:dd:26:5a:00:7b:42:e9:6b:89:19:72:f6:
         00:a3:6c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oYSMdQ3Yk/vJ7JB81iDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUwNjI4MTMwMjA3WhcNMjUwNjI5MTMwMjA3WjAzMTEwLwYDVQQD
EyhlYmU2YjQ0NmU5Mjk0ZDFlYmM3YjIyNzMyYjUwNDY3ZGJhNzEzNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzhsKmDS/aOtzGthbo5ZTrVHcXwM
P1IF9nX/Zac8HDKFDGaw9X44ouvjbAHeLgCZw0osRHnr8mvhFIImwyC0AeSnNbcD
XzzFbMKc57toNUJlNwMp0OHNHM303c9zO51gUKXyELwPB5KT6aRCw7+QrfqUHsbJ
PY+LrX8kFa4iWxwv07/a8JVN0K4XraDwe+wYXBaQ3XL+IAu1SvQuc3FNQKfzwSce
oZ/j5ica1gqH3vXtW3EJzRNI84y1O9nfQD5DspPqtTWQSlHl96/hTQuqbZmntgFO
SAwdIsuptKi3mIR8Efb02NtioBF250rRCQp+toP7Rt7p1/wZBbLITdzcRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvmtEbpKU0evHsicytQRn26cTY1MB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZxRRx+p
UUbw2NVglqHlpn79IctKBBxe2fk527NO0VZ0TI1E5viyr5Q0DAbk5CnDxrFieIZ9
bTP0S0Df1UVGAMBzHB0iTgt2fpMXpPDnufbtzwOfsqqD4y4js5JQXMqTgkX01pCb
Y/pw7kXWNkX41O7U18JfyGOUAgK7tBB/AjUAtNHr1XtrYDojW6W3KGvktL6NZTZF
Ohu+lP8dZF8q3vUa/HSMYANopjxlw8iFhhfJR5lktSjcYrBbbRXOcndvtkxSF/h9
eqQ65y4wgZQ8WhGHvqTMJFtjYa9Xr/EBznayaCENxV7cti/TldnCcupR3SZaAHtC
6WuJGXL2AKNsyQ==
-----END CERTIFICATE-----