Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
File:                     I6lUuSO6IAjpheuiQdG3AHF_iEM.mft (raw, json)
Hash identifier:          GMNepDk61VUf40bpx6SkWZUVBxovdgEd4+9cPeTsCGk=
Subject key identifier:   0D:F9:61:88:5F:26:41:3D:A7:69:9D:CA:F7:37:5A:23:7C:01:F7:2D
Authority key identifier: 23:A9:54:B9:23:BA:20:08:E9:85:EB:A2:41:D1:B7:00:71:7F:88:43
Certificate issuer:       /CN=23a954b923ba2008e985eba241d1b700717f8843
Certificate serial:       0196AA315CBB1FDC8C0DF18419EC074E4FC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
Manifest number:          1372
Signing time:             Wed 07 May 2025 10:01:23 +0000
Manifest this update:     Wed 07 May 2025 10:01:23 +0000
Manifest next update:     Thu 08 May 2025 10:01:23 +0000
Files and hashes:         1: I6lUuSO6IAjpheuiQdG3AHF_iEM.crl (hash: qAVME9M6Z1whtPkvkTlQkJcLNQPynguZkdwx05Ix+4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 10:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:aa:31:5c:bb:1f:dc:8c:0d:f1:84:19:ec:07:4e:4f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a954b923ba2008e985eba241d1b700717f8843
        Validity
            Not Before: May  7 10:01:23 2025 GMT
            Not After : May  8 10:01:23 2025 GMT
        Subject: CN=0df961885f26413da7699dcaf7375a237c01f72d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fb:71:bb:40:2e:1d:b3:b7:8c:e3:29:80:5d:
                    dd:e5:90:13:c7:26:d7:8b:22:17:53:4e:33:81:c6:
                    51:71:45:00:06:0e:7d:9f:a5:26:e8:e9:26:ec:07:
                    0a:d2:c3:a5:38:ac:49:01:d2:1a:72:cb:72:7c:7b:
                    c1:31:e5:cb:b6:6f:e5:e6:41:71:cd:51:52:27:6f:
                    ba:eb:5f:97:28:ef:29:94:f0:56:f3:9d:fe:24:6f:
                    c8:47:3b:6f:93:22:bc:36:0c:7a:a8:2c:58:d1:a7:
                    d1:b2:91:88:54:31:a1:88:d0:28:c1:67:1b:dc:30:
                    30:5b:a6:26:82:a9:aa:62:ee:80:0a:22:19:c2:b0:
                    7c:9c:b2:18:14:8a:2a:70:96:d8:34:33:71:43:56:
                    1f:15:7a:be:9e:18:59:cf:3d:8b:d9:8a:2c:80:2c:
                    0c:9c:bf:a8:68:00:ef:8b:57:ac:78:7d:30:59:e1:
                    cd:73:ef:e8:1d:34:25:ba:f9:c1:a5:df:08:c6:76:
                    32:d0:86:5b:cc:d0:08:08:b8:cd:42:37:6b:45:2d:
                    04:a1:8b:09:5c:03:ac:2d:bb:cf:03:2b:b9:ef:13:
                    5a:76:6d:34:b4:28:46:99:c7:e3:42:4f:0e:c7:22:
                    94:81:5c:b1:67:5a:40:1d:73:98:b0:92:8d:cc:0b:
                    b8:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:F9:61:88:5F:26:41:3D:A7:69:9D:CA:F7:37:5A:23:7C:01:F7:2D
            X509v3 Authority Key Identifier:
                keyid:23:A9:54:B9:23:BA:20:08:E9:85:EB:A2:41:D1:B7:00:71:7F:88:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:60:6b:04:68:14:9c:99:fa:d1:e0:0f:62:d5:1b:ce:df:a0:
         4b:56:8c:47:54:b2:08:bf:ea:85:04:7d:14:9f:e0:1e:25:41:
         76:e8:39:01:32:7d:67:96:75:31:d0:be:27:29:25:f4:32:50:
         60:da:ad:d6:07:86:7e:71:ef:23:92:3e:c7:76:60:f9:44:7e:
         1c:b9:fa:b9:ce:f2:c0:5c:f2:d5:92:06:a1:ee:e3:d0:7b:ae:
         11:f5:9f:8c:35:9f:37:d0:cb:5c:36:51:8b:ff:6f:da:2b:af:
         60:86:23:04:87:47:fd:1c:c1:e3:66:76:b9:fa:00:dc:22:8b:
         1e:1c:7e:a4:c0:8e:2b:c9:b9:61:01:81:2a:5a:1d:3c:14:81:
         a8:01:29:02:b8:d5:a6:07:e5:61:3d:2a:e5:96:b2:2e:32:f5:
         39:c1:f5:cd:54:b5:82:25:dc:22:ad:da:b7:80:68:83:6b:93:
         47:c7:53:a9:ad:fb:e9:58:cd:91:8f:03:9f:64:dc:c8:c2:b4:
         0b:e7:dc:96:dd:e8:05:b5:cf:0d:61:91:73:30:ce:76:c7:87:
         a5:16:1b:ec:03:f4:2a:9b:c5:05:a5:cd:0a:cb:8e:ce:52:85:
         85:6d:52:d2:72:b1:4f:18:d2:8e:24:f6:27:d4:36:df:02:e3:
         09:85:fd:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaqMVy7H9yMDfGEGewHTk/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTk1NGI5MjNiYTIwMDhlOTg1ZWJhMjQxZDFiNzAwNzE3
Zjg4NDMwHhcNMjUwNTA3MTAwMTIzWhcNMjUwNTA4MTAwMTIzWjAzMTEwLwYDVQQD
EygwZGY5NjE4ODVmMjY0MTNkYTc2OTlkY2FmNzM3NWEyMzdjMDFmNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPtxu0AuHbO3jOMpgF3d5ZATxybX
iyIXU04zgcZRcUUABg59n6Um6Okm7AcK0sOlOKxJAdIacstyfHvBMeXLtm/l5kFx
zVFSJ2+661+XKO8plPBW853+JG/IRztvkyK8Ngx6qCxY0afRspGIVDGhiNAowWcb
3DAwW6YmgqmqYu6ACiIZwrB8nLIYFIoqcJbYNDNxQ1YfFXq+nhhZzz2L2YosgCwM
nL+oaADvi1eseH0wWeHNc+/oHTQluvnBpd8IxnYy0IZbzNAICLjNQjdrRS0EoYsJ
XAOsLbvPAyu57xNadm00tChGmcfjQk8OxyKUgVyxZ1pAHXOYsJKNzAu4/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA35YYhfJkE9p2mdyvc3WiN8AfctMB8GA1UdIwQY
MBaAFCOpVLkjuiAI6YXrokHRtwBxf4hDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81ZDk3NjAtZTM2ZS00N2MyLTk2ZTMt
NmRjNTEwZTk4YjczLzEvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81ZDk3NjAtZTM2ZS00N2MyLTk2ZTMtNmRjNTEwZTk4Yjcz
LzEvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2BrBGgU
nJn60eAPYtUbzt+gS1aMR1SyCL/qhQR9FJ/gHiVBdug5ATJ9Z5Z1MdC+Jykl9DJQ
YNqt1geGfnHvI5I+x3Zg+UR+HLn6uc7ywFzy1ZIGoe7j0HuuEfWfjDWfN9DLXDZR
i/9v2iuvYIYjBIdH/RzB42Z2ufoA3CKLHhx+pMCOK8m5YQGBKlodPBSBqAEpArjV
pgflYT0q5ZayLjL1OcH1zVS1giXcIq3at4Bog2uTR8dTqa376VjNkY8Dn2TcyMK0
C+fclt3oBbXPDWGRczDOdseHpRYb7AP0KpvFBaXNCsuOzlKFhW1S0nKxTxjSjiT2
J9Q23wLjCYX9kA==
-----END CERTIFICATE-----