Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          byRii6dh4Rw1yUeTiRaqjrBG4eVOWnCBowhWiaL3IIc=
Subject key identifier:   FD:3F:07:33:A9:49:76:F0:30:7B:76:85:08:BC:EA:0E:1B:8B:F5:35
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       0196B9A3AFC4B7730C9DBA8E48FEB6053FB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0C3F
Signing time:             Sat 10 May 2025 10:00:34 +0000
Manifest this update:     Sat 10 May 2025 10:00:34 +0000
Manifest next update:     Sun 11 May 2025 10:00:34 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: YH9eZI6MJqy1uCN+VZFJaK/97VM0tLqUeGXPB9vBkbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a3:af:c4:b7:73:0c:9d:ba:8e:48:fe:b6:05:3f:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: May 10 10:00:34 2025 GMT
            Not After : May 11 10:00:34 2025 GMT
        Subject: CN=fd3f0733a94976f0307b768508bcea0e1b8bf535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:39:3c:56:83:24:b4:b9:ad:31:0c:0a:67:7c:
                    eb:26:65:27:ea:6f:f6:19:ef:48:d9:5c:7f:40:59:
                    fd:53:be:74:9c:d4:b1:84:28:6c:7d:01:e6:15:ba:
                    10:9a:7a:05:72:78:92:14:5f:bd:d6:b8:27:4a:81:
                    3d:a9:55:68:65:3e:99:8f:c7:9e:f7:79:cc:3f:e4:
                    9e:3b:39:ae:be:6a:03:83:68:02:d1:5b:b5:34:35:
                    5f:3f:6f:15:dc:82:00:8a:8e:b8:64:a1:6f:81:e8:
                    a9:76:a3:06:23:14:b1:07:24:dd:b8:4a:d5:4f:6f:
                    8d:db:21:fd:35:3a:c0:d1:dc:f2:34:42:c4:f3:7e:
                    a9:6b:a0:d6:12:f0:af:e5:19:6f:13:f8:8c:33:f5:
                    4e:d2:af:7d:9f:1e:99:14:e8:c9:05:39:36:4a:6a:
                    97:69:06:7e:10:24:fb:32:db:c6:87:4b:82:26:61:
                    9d:da:11:40:7c:41:ab:a6:5f:59:4e:6c:e3:c5:31:
                    bd:a7:0b:df:bd:1c:3f:3f:41:65:5b:6d:42:9b:33:
                    ed:b6:b2:1c:ce:ce:21:ef:05:cb:9e:91:40:33:e5:
                    c4:a3:58:a0:56:26:77:d0:61:8f:96:f0:f8:f5:83:
                    8a:5d:39:f5:0d:6f:c5:0b:51:a4:66:33:f7:cf:63:
                    7a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:3F:07:33:A9:49:76:F0:30:7B:76:85:08:BC:EA:0E:1B:8B:F5:35
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:a7:cb:82:ad:ab:c4:b6:f2:04:f4:52:07:a7:70:4b:17:1a:
         5e:da:58:61:64:f2:fe:78:f5:4d:2c:82:b5:f1:c7:11:e6:b9:
         b1:a8:5c:55:13:aa:a9:d4:f6:0c:30:82:55:ea:da:46:d7:18:
         28:ce:be:e8:54:b9:a4:ee:9b:d4:aa:72:73:51:24:03:21:5e:
         0a:72:5d:de:55:76:73:d8:9f:5d:93:5b:7e:2b:87:87:55:d2:
         0b:4c:fc:29:ee:ce:20:fb:eb:73:74:bd:90:79:b1:e8:3e:11:
         84:f6:e0:bf:10:b0:99:bf:9e:90:fa:17:e0:ca:39:e3:3b:93:
         97:f8:92:0e:ae:e6:86:95:e5:9e:7f:0b:0e:67:b8:62:4e:f1:
         d1:6b:81:3c:ef:9b:43:00:9c:80:1c:aa:96:35:5b:93:8a:78:
         57:df:35:fb:18:0e:68:88:a8:01:52:d0:3a:99:3c:04:e9:31:
         a3:b2:c6:4a:57:2b:e5:ba:55:01:67:32:48:d5:af:91:0f:b6:
         aa:86:36:a6:9c:56:16:85:3e:aa:c4:c2:b6:4d:6b:a7:78:22:
         59:64:9f:bc:b7:46:b5:19:f1:f0:f2:1c:22:30:fc:13:ca:f1:
         2c:36:48:81:cd:da:e5:94:8a:c0:fb:14:00:a2:19:36:ef:9d:
         df:9c:d7:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5o6/Et3MMnbqOSP62BT+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUwNTEwMTAwMDM0WhcNMjUwNTExMTAwMDM0WjAzMTEwLwYDVQQD
EyhmZDNmMDczM2E5NDk3NmYwMzA3Yjc2ODUwOGJjZWEwZTFiOGJmNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Dk8VoMktLmtMQwKZ3zrJmUn6m/2
Ge9I2Vx/QFn9U750nNSxhChsfQHmFboQmnoFcniSFF+91rgnSoE9qVVoZT6Zj8ee
93nMP+SeOzmuvmoDg2gC0Vu1NDVfP28V3IIAio64ZKFvgeipdqMGIxSxByTduErV
T2+N2yH9NTrA0dzyNELE836pa6DWEvCv5RlvE/iMM/VO0q99nx6ZFOjJBTk2SmqX
aQZ+ECT7MtvGh0uCJmGd2hFAfEGrpl9ZTmzjxTG9pwvfvRw/P0FlW21CmzPttrIc
zs4h7wXLnpFAM+XEo1igViZ30GGPlvD49YOKXTn1DW/FC1GkZjP3z2N6ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0/BzOpSXbwMHt2hQi86g4bi/U1MB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqfLgq2r
xLbyBPRSB6dwSxcaXtpYYWTy/nj1TSyCtfHHEea5sahcVROqqdT2DDCCVeraRtcY
KM6+6FS5pO6b1Kpyc1EkAyFeCnJd3lV2c9ifXZNbfiuHh1XSC0z8Ke7OIPvrc3S9
kHmx6D4RhPbgvxCwmb+ekPoX4Mo54zuTl/iSDq7mhpXlnn8LDme4Yk7x0WuBPO+b
QwCcgByqljVbk4p4V981+xgOaIioAVLQOpk8BOkxo7LGSlcr5bpVAWcySNWvkQ+2
qoY2ppxWFoU+qsTCtk1rp3giWWSfvLdGtRnx8PIcIjD8E8rxLDZIgc3a5ZSKwPsU
AKIZNu+d35zX4w==
-----END CERTIFICATE-----