Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          8YrKacz6QvIJPzp9Lk5T+FroJOCnUlQtb2VLeefSuEs=
Subject key identifier:   FD:B6:ED:8A:94:3E:64:11:E1:96:E9:F7:04:C1:37:8B:47:8C:34:7C
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       0197B6A1F6AD4208976868BF779DD88C67C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0CC2
Signing time:             Sat 28 Jun 2025 13:02:37 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:37 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:37 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: qGOFQqpuK8mJAQ4FYxbxMqiQFiuj7zy/OimM7Ckquj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:f6:ad:42:08:97:68:68:bf:77:9d:d8:8c:67:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Jun 28 13:02:37 2025 GMT
            Not After : Jun 29 13:02:37 2025 GMT
        Subject: CN=fdb6ed8a943e6411e196e9f704c1378b478c347c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:68:38:42:3b:aa:9a:97:d7:c9:43:f9:d7:67:
                    05:8b:9e:d1:38:77:5b:35:e6:36:38:00:93:fb:4d:
                    76:ba:57:e4:55:88:56:e4:9f:19:1b:09:21:aa:a1:
                    51:16:24:5f:a6:04:63:37:1a:44:f2:b3:a9:e0:88:
                    42:30:69:dc:df:e2:09:80:77:b0:57:08:6c:37:4b:
                    e0:cd:87:f8:33:6d:04:07:eb:4d:be:3c:95:1c:2e:
                    ef:65:bf:56:28:5c:d2:b0:2c:d3:35:ba:f4:04:ff:
                    a1:47:21:61:fd:85:9d:dc:5b:3c:51:86:66:d4:f1:
                    50:64:fb:25:86:d9:3c:cc:a5:d2:93:79:96:35:a7:
                    c4:9d:b6:9c:83:8f:91:b0:16:9f:cb:e5:9c:6b:c1:
                    e9:c1:0d:32:15:fa:bb:61:1a:4d:6d:f7:fb:18:5b:
                    db:e7:d3:0c:aa:12:5f:f4:e3:35:8a:80:1c:fe:af:
                    43:97:19:10:1f:0a:77:01:76:77:65:b3:63:93:a4:
                    19:02:0d:af:4e:41:2b:a4:f4:69:a6:0d:ab:9b:11:
                    59:fe:59:d1:23:be:7a:1c:31:41:84:00:cc:7b:21:
                    bf:0d:24:fb:16:52:42:00:5c:fb:12:c9:4f:60:20:
                    74:90:87:f9:73:e3:ae:bf:77:bb:ba:80:89:e1:19:
                    d6:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B6:ED:8A:94:3E:64:11:E1:96:E9:F7:04:C1:37:8B:47:8C:34:7C
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:a1:89:64:58:64:e4:c3:73:fb:54:39:1d:38:18:ac:f0:20:
         b7:a3:2f:3e:fc:8a:62:42:2b:9f:aa:04:8b:e7:8b:fd:e0:7e:
         f0:a7:3c:e9:53:31:6d:26:90:9b:25:4e:69:74:d7:9e:1c:3e:
         fa:b8:ee:23:10:6c:6c:a0:e6:37:36:ab:11:21:35:e7:b4:d7:
         1c:0f:7b:d9:72:2b:43:22:d6:30:98:5b:32:c9:b3:a8:53:ba:
         82:0d:63:9e:29:09:be:10:a0:35:bb:e4:e7:b3:e0:88:72:69:
         78:a8:f4:78:63:fa:31:9a:52:38:d0:24:44:f4:47:3b:e2:84:
         c8:2b:97:16:9b:2c:61:72:03:7c:a3:60:84:90:af:90:92:63:
         77:40:82:53:92:e0:a6:d4:80:9f:83:d9:86:47:12:28:92:78:
         01:18:4d:17:6b:4c:44:d2:e7:03:c6:3d:11:30:cf:ad:c0:78:
         04:d6:61:85:39:5e:35:c0:35:3d:df:1d:19:7d:bb:09:da:f4:
         87:39:a8:cd:6c:f4:95:fd:f5:5c:31:7f:a5:82:f2:5d:bb:b3:
         f0:b3:b0:f2:3b:38:64:9c:ac:0f:8f:9c:72:c7:36:3f:ab:ca:
         89:d3:0f:49:69:60:89:a1:3d:9d:52:ad:e8:38:00:be:ae:bb:
         5a:81:6a:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ofatQgiXaGi/d53YjGfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUwNjI4MTMwMjM3WhcNMjUwNjI5MTMwMjM3WjAzMTEwLwYDVQQD
EyhmZGI2ZWQ4YTk0M2U2NDExZTE5NmU5ZjcwNGMxMzc4YjQ3OGMzNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmg4QjuqmpfXyUP512cFi57ROHdb
NeY2OACT+012ulfkVYhW5J8ZGwkhqqFRFiRfpgRjNxpE8rOp4IhCMGnc3+IJgHew
VwhsN0vgzYf4M20EB+tNvjyVHC7vZb9WKFzSsCzTNbr0BP+hRyFh/YWd3Fs8UYZm
1PFQZPslhtk8zKXSk3mWNafEnbacg4+RsBafy+Wca8HpwQ0yFfq7YRpNbff7GFvb
59MMqhJf9OM1ioAc/q9DlxkQHwp3AXZ3ZbNjk6QZAg2vTkErpPRppg2rmxFZ/lnR
I756HDFBhADMeyG/DST7FlJCAFz7EslPYCB0kIf5c+Ouv3e7uoCJ4RnWnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP227YqUPmQR4Zbp9wTBN4tHjDR8MB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAqGJZFhk
5MNz+1Q5HTgYrPAgt6MvPvyKYkIrn6oEi+eL/eB+8Kc86VMxbSaQmyVOaXTXnhw+
+rjuIxBsbKDmNzarESE157TXHA972XIrQyLWMJhbMsmzqFO6gg1jnikJvhCgNbvk
57PgiHJpeKj0eGP6MZpSONAkRPRHO+KEyCuXFpssYXIDfKNghJCvkJJjd0CCU5Lg
ptSAn4PZhkcSKJJ4ARhNF2tMRNLnA8Y9ETDPrcB4BNZhhTleNcA1Pd8dGX27Cdr0
hzmozWz0lf31XDF/pYLyXbuz8LOw8js4ZJysD4+ccsc2P6vKidMPSWlgiaE9nVKt
6DgAvq67WoFqfQ==
-----END CERTIFICATE-----