Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          CnLPvIcG6Jja9dO0EJBDQIM7Ef0jTqpciEaNTCFP8xk=
Subject key identifier:   07:A0:98:83:EB:28:01:F5:E7:6C:D3:9D:D5:28:DE:B9:54:EC:99:9C
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       0198D47275AF67D2C3AFF04F16D0C2BE33E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0D56
Signing time:             Sat 23 Aug 2025 01:02:07 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:07 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:07 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: ABEBXIVQNQxGmlylm5vQxycqT7RVqNX1S1yDALpZutU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:75:af:67:d2:c3:af:f0:4f:16:d0:c2:be:33:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Aug 23 01:02:07 2025 GMT
            Not After : Aug 24 01:02:07 2025 GMT
        Subject: CN=07a09883eb2801f5e76cd39dd528deb954ec999c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:76:b7:3e:43:16:1e:3c:d8:66:98:81:15:f1:
                    39:b8:f3:68:8c:83:f4:5b:ca:ed:c8:9e:65:ed:4c:
                    a0:b8:e3:f9:6f:ee:fa:eb:c0:71:26:88:67:52:43:
                    ac:03:54:da:94:1e:77:4f:89:55:ff:df:b4:ee:fc:
                    38:9a:57:58:a8:0e:b3:06:05:30:94:4f:27:76:e5:
                    cb:e3:d5:0e:d3:10:59:53:46:08:dd:6e:e2:c0:32:
                    7b:2e:50:f2:db:b5:5e:24:e6:8d:01:9c:bc:3c:dd:
                    dd:d3:46:f2:2d:6d:86:e2:30:00:8a:24:39:ac:71:
                    47:43:36:70:74:ff:a0:c0:39:97:8e:96:60:e2:7f:
                    0c:fd:ff:11:ce:5e:98:ce:8b:71:3a:4e:78:0b:f5:
                    81:0e:d1:a3:33:24:92:85:e5:3f:50:5d:28:67:f6:
                    1b:92:34:a9:9a:4e:69:ca:93:b5:a9:44:eb:65:84:
                    00:ae:d7:1d:49:53:05:6a:ce:78:96:6a:a1:91:d2:
                    fa:53:80:02:19:c5:e4:3e:0c:f0:13:b7:20:cd:bb:
                    81:44:2e:54:84:2f:9f:c2:92:b3:db:c4:10:8a:b6:
                    a9:c8:7e:80:17:c1:c5:66:d0:b4:f4:55:10:60:4e:
                    e4:1f:b0:86:5a:6b:a4:93:3c:0a:b1:bf:34:57:b5:
                    ef:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A0:98:83:EB:28:01:F5:E7:6C:D3:9D:D5:28:DE:B9:54:EC:99:9C
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:24:34:66:36:9c:83:84:2f:ad:47:2a:5b:9c:71:9a:fd:5d:
         b0:bf:04:70:7a:73:02:d2:7a:0d:79:94:17:19:e0:5c:47:55:
         50:37:ca:0a:e0:b4:94:e2:2a:27:3e:ab:4c:c7:41:3c:34:4d:
         ab:5a:3c:2b:94:9f:1d:69:b6:91:09:d1:9a:64:de:9e:a2:cd:
         0a:ad:02:85:e6:e5:6e:eb:6a:81:6d:68:7f:ad:76:e2:02:f1:
         fb:a5:e5:f9:3d:4a:6b:e2:6c:0d:0f:41:ec:80:f7:b8:a5:cd:
         82:b7:27:9b:c1:48:41:82:f2:f4:a0:5e:01:39:49:b7:85:8b:
         99:18:97:55:43:f8:46:3b:86:5f:de:ef:8b:35:d9:8a:3a:6a:
         8a:8e:a3:67:7a:bc:af:ca:52:e1:63:64:d4:cd:39:96:ab:55:
         34:32:f7:f6:08:e7:d5:9d:b4:c5:58:5c:71:60:f5:06:f1:e4:
         cb:5b:59:f2:88:08:90:15:6a:7a:69:5f:22:f1:41:52:94:95:
         f0:94:3d:dd:ea:dc:6e:4c:49:02:62:12:96:36:2b:9c:fb:fb:
         0a:02:37:af:74:b0:c4:bb:21:12:ca:9b:3c:50:30:a2:da:d7:
         64:66:f6:c4:6a:40:5e:8b:d2:5f:98:b2:9c:9d:90:bc:50:24:
         09:da:72:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcnWvZ9LDr/BPFtDCvjPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUwODIzMDEwMjA3WhcNMjUwODI0MDEwMjA3WjAzMTEwLwYDVQQD
EygwN2EwOTg4M2ViMjgwMWY1ZTc2Y2QzOWRkNTI4ZGViOTU0ZWM5OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3a3PkMWHjzYZpiBFfE5uPNojIP0
W8rtyJ5l7UyguOP5b+7668BxJohnUkOsA1TalB53T4lV/9+07vw4mldYqA6zBgUw
lE8nduXL49UO0xBZU0YI3W7iwDJ7LlDy27VeJOaNAZy8PN3d00byLW2G4jAAiiQ5
rHFHQzZwdP+gwDmXjpZg4n8M/f8Rzl6YzotxOk54C/WBDtGjMySSheU/UF0oZ/Yb
kjSpmk5pypO1qUTrZYQArtcdSVMFas54lmqhkdL6U4ACGcXkPgzwE7cgzbuBRC5U
hC+fwpKz28QQirapyH6AF8HFZtC09FUQYE7kH7CGWmukkzwKsb80V7Xv9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAegmIPrKAH152zTndUo3rlU7JmcMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISQ0Zjac
g4QvrUcqW5xxmv1dsL8EcHpzAtJ6DXmUFxngXEdVUDfKCuC0lOIqJz6rTMdBPDRN
q1o8K5SfHWm2kQnRmmTenqLNCq0CheblbutqgW1of6124gLx+6Xl+T1Ka+JsDQ9B
7ID3uKXNgrcnm8FIQYLy9KBeATlJt4WLmRiXVUP4RjuGX97vizXZijpqio6jZ3q8
r8pS4WNk1M05lqtVNDL39gjn1Z20xVhccWD1BvHky1tZ8ogIkBVqemlfIvFBUpSV
8JQ93ercbkxJAmISljYrnPv7CgI3r3SwxLshEsqbPFAwotrXZGb2xGpAXovSX5iy
nJ2QvFAkCdpywA==
-----END CERTIFICATE-----