Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          iTM3ZPQIIJ5wUy42LcJA1loP+yJ8WeBF6DH34OZAr6g=
Subject key identifier:   00:E6:23:A7:80:EB:35:AE:99:55:B7:19:28:78:1C:FB:CE:E0:9B:07
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       0196B4EB6D27C51F68D2D83D8DDA0ADAB7DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          0507
Signing time:             Fri 09 May 2025 12:00:49 +0000
Manifest this update:     Fri 09 May 2025 12:00:49 +0000
Manifest next update:     Sat 10 May 2025 12:00:49 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: L5/FOi3XmqmN1LVflxLgaxCCKyRfAVDZiIN94Trakfo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b4:eb:6d:27:c5:1f:68:d2:d8:3d:8d:da:0a:da:b7:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: May  9 12:00:49 2025 GMT
            Not After : May 10 12:00:49 2025 GMT
        Subject: CN=00e623a780eb35ae9955b71928781cfbcee09b07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:69:41:c9:4c:09:9e:21:31:6a:9d:0d:34:aa:
                    6d:70:9c:65:fb:51:e6:6d:b1:52:90:97:78:a7:e8:
                    88:2a:26:e4:90:79:a9:bc:86:4d:45:d2:46:d6:0c:
                    8e:81:ff:c2:79:35:c1:a2:2a:a2:60:bf:01:db:34:
                    5b:73:51:61:d4:9f:82:55:07:03:47:0c:fd:8a:4c:
                    31:1b:15:f1:cb:4f:49:28:4f:86:0d:5b:21:c6:ff:
                    41:70:b7:e1:e6:d6:60:a2:aa:0e:eb:b8:38:40:f3:
                    57:81:98:a1:0a:16:a4:8c:cd:2f:fe:ea:25:6f:5f:
                    ab:11:f9:7e:d4:bc:c9:78:59:b7:86:97:7d:c0:fc:
                    d1:2e:f5:96:be:c9:cd:0d:67:0d:44:2d:ae:51:41:
                    0f:2a:02:25:45:db:19:3c:f9:85:eb:b4:02:63:51:
                    0d:51:0a:10:36:76:04:00:a4:e8:51:66:f0:4e:5d:
                    b1:9b:91:34:88:04:c9:ae:bb:d7:06:5f:42:f7:84:
                    e6:dd:f7:18:b3:54:20:e6:16:c6:02:c2:e1:30:56:
                    df:60:d0:3a:b7:04:7b:2b:63:af:d0:f2:05:99:34:
                    42:21:29:40:bd:dc:df:fe:7a:b9:5a:58:6e:86:71:
                    0a:34:cc:d9:37:7f:cd:89:d6:d5:4e:5b:93:0f:08:
                    b1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E6:23:A7:80:EB:35:AE:99:55:B7:19:28:78:1C:FB:CE:E0:9B:07
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:0b:2c:c6:84:55:54:72:93:41:97:2b:23:2c:d3:5c:ab:a4:
         1c:73:eb:76:d1:53:a6:a7:88:61:51:2a:35:d3:bf:6c:52:ae:
         45:37:36:d5:fa:db:e4:06:c0:e2:1b:e4:69:09:1f:f1:19:d8:
         a3:03:eb:0e:f4:f7:d2:a4:62:8c:16:a8:06:02:87:79:58:63:
         9b:68:81:a6:e9:a0:7c:9c:65:b2:11:d1:00:05:a1:9a:7a:76:
         0a:a7:e7:ed:4f:f6:9d:5b:a6:50:60:2b:85:46:64:5a:e1:60:
         0c:93:19:68:f9:00:b3:52:19:b7:f1:08:82:bc:4e:1a:58:36:
         5e:75:e2:9f:2a:d2:cb:71:59:aa:f5:55:8f:09:9c:5e:c3:c9:
         a1:c6:6f:80:d5:38:ad:59:62:c7:18:e6:f6:57:96:b6:d6:a0:
         d8:d0:ac:2f:3c:47:5a:d0:70:84:83:e7:f6:14:64:07:b2:fb:
         81:9a:55:1a:9d:9f:bc:d2:dd:1b:92:ed:bf:d5:5e:97:29:b1:
         ba:32:75:39:2c:5d:70:f4:ca:33:2a:dc:13:a1:dc:ee:91:10:
         7c:ef:fb:96:88:1e:9a:f5:29:1a:1f:97:a3:59:5b:1a:78:42:
         77:7b:88:17:f4:d5:9d:52:9c:58:c0:b7:b4:57:ab:52:8b:69:
         37:7a:c9:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa0620nxR9o0tg9jdoK2rfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUwNTA5MTIwMDQ5WhcNMjUwNTEwMTIwMDQ5WjAzMTEwLwYDVQQD
EygwMGU2MjNhNzgwZWIzNWFlOTk1NWI3MTkyODc4MWNmYmNlZTA5YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWlByUwJniExap0NNKptcJxl+1Hm
bbFSkJd4p+iIKibkkHmpvIZNRdJG1gyOgf/CeTXBoiqiYL8B2zRbc1Fh1J+CVQcD
Rwz9ikwxGxXxy09JKE+GDVshxv9BcLfh5tZgoqoO67g4QPNXgZihChakjM0v/uol
b1+rEfl+1LzJeFm3hpd9wPzRLvWWvsnNDWcNRC2uUUEPKgIlRdsZPPmF67QCY1EN
UQoQNnYEAKToUWbwTl2xm5E0iATJrrvXBl9C94Tm3fcYs1Qg5hbGAsLhMFbfYNA6
twR7K2Ov0PIFmTRCISlAvdzf/nq5WlhuhnEKNMzZN3/NidbVTluTDwixhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADmI6eA6zWumVW3GSh4HPvO4JsHMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAQssxoRV
VHKTQZcrIyzTXKukHHPrdtFTpqeIYVEqNdO/bFKuRTc21frb5AbA4hvkaQkf8RnY
owPrDvT30qRijBaoBgKHeVhjm2iBpumgfJxlshHRAAWhmnp2Cqfn7U/2nVumUGAr
hUZkWuFgDJMZaPkAs1IZt/EIgrxOGlg2XnXinyrSy3FZqvVVjwmcXsPJocZvgNU4
rVlixxjm9leWttag2NCsLzxHWtBwhIPn9hRkB7L7gZpVGp2fvNLdG5Ltv9Velymx
ujJ1OSxdcPTKMyrcE6Hc7pEQfO/7logemvUpGh+Xo1lbGnhCd3uIF/TVnVKcWMC3
tFerUotpN3rJYw==
-----END CERTIFICATE-----