Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          i6Wh284YVqNEPyHNUyNccagTQyVqB90fpJhFNiwStPA=
Subject key identifier:   D5:20:54:1A:BF:CE:0F:BE:C0:61:BD:69:A2:ED:61:ED:6F:DE:C0:C1
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       0197B7B30507ED16572A30B5F233A5BD4440
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          019A
Signing time:             Sat 28 Jun 2025 18:00:52 +0000
Manifest this update:     Sat 28 Jun 2025 18:00:52 +0000
Manifest next update:     Sun 29 Jun 2025 18:00:52 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: zExmgerUlQun3Daz5XxD7lEbYeNWEskfGEgUhPGF0V0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:05:07:ed:16:57:2a:30:b5:f2:33:a5:bd:44:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jun 28 18:00:52 2025 GMT
            Not After : Jun 29 18:00:52 2025 GMT
        Subject: CN=d520541abfce0fbec061bd69a2ed61ed6fdec0c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:78:c1:71:41:5b:9f:27:ab:c5:70:a3:cf:68:
                    a9:1f:ae:3f:ee:8a:cf:81:69:71:d4:30:46:e3:b3:
                    09:91:04:30:c9:76:23:dd:3d:9b:05:b7:4d:5b:69:
                    e2:d8:f8:40:6a:6b:a7:f5:cf:e8:49:7e:a0:e1:31:
                    9f:bc:bc:82:d4:1f:2c:ef:3a:4f:54:be:03:e8:e9:
                    b8:92:a6:f5:39:40:75:99:33:bb:76:3d:c0:a3:78:
                    a3:7d:34:86:88:61:cf:31:72:6e:28:26:34:02:17:
                    fa:47:5f:33:02:96:04:bc:f4:a5:16:42:95:e0:ac:
                    c4:23:1d:9b:f7:eb:d6:43:ef:17:d2:f3:ec:13:e8:
                    5a:a8:8b:61:10:b2:6f:3a:4e:fa:7f:8f:54:11:66:
                    7b:07:03:90:27:42:96:a4:77:77:01:d6:e8:ad:9d:
                    d9:49:95:1d:ee:db:07:91:a1:c0:1b:4f:a8:12:55:
                    3d:42:53:3f:cb:8e:c6:d2:61:ac:9c:eb:0c:09:db:
                    bb:c2:42:a4:66:9d:7f:1a:9c:8f:be:74:03:6b:fa:
                    0e:93:2a:62:95:79:a9:1d:ee:0a:e7:c9:da:a4:9f:
                    68:80:d3:3d:2f:94:a1:65:1f:81:a9:2f:82:c8:e1:
                    9f:ba:50:de:c5:9c:a0:40:a5:3e:ba:e8:6c:24:a5:
                    99:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:20:54:1A:BF:CE:0F:BE:C0:61:BD:69:A2:ED:61:ED:6F:DE:C0:C1
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ee:4c:16:1f:5b:5b:90:97:7b:0a:18:d6:7a:81:b2:76:48:
         32:1e:26:c6:15:fc:95:da:26:f0:20:e0:27:7a:8c:71:7b:77:
         a6:03:7b:6a:12:0a:46:01:8a:13:2e:67:29:70:75:53:40:da:
         87:69:b2:5f:6f:d7:a4:3c:95:fd:cc:5d:85:1b:a3:88:d5:63:
         07:a7:82:d9:21:4b:8f:24:2c:69:98:32:d9:85:8f:1b:8e:35:
         5e:8d:24:5e:2b:d0:38:aa:f3:f3:10:a0:c3:3a:66:b4:65:4d:
         9f:cd:80:6c:37:4a:e0:0c:a1:13:49:d2:fa:fc:b9:d6:b9:ed:
         57:4d:d5:9e:1c:f6:a8:9d:08:99:58:f4:39:e5:cc:a4:0d:27:
         26:6f:c5:1c:1f:e3:83:07:7d:fc:48:bc:36:39:96:47:9e:a6:
         0b:c6:bb:4d:02:9f:c0:c4:3b:18:fc:c3:4f:1b:6f:c0:9a:74:
         c2:8e:3f:8a:76:56:c3:4c:5e:97:73:63:7e:cc:4d:37:38:a9:
         9d:00:a2:a9:93:10:58:8d:df:2f:2a:30:ee:32:2e:c7:6d:5d:
         e9:ec:38:78:55:a4:7c:07:46:bc:14:3a:67:49:d7:d0:e6:57:
         b3:80:7e:49:59:93:4f:4e:13:3f:ec:fc:3d:ab:7a:3e:3f:7f:
         05:7e:f7:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3swUH7RZXKjC18jOlvURAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwNjI4MTgwMDUyWhcNMjUwNjI5MTgwMDUyWjAzMTEwLwYDVQQD
EyhkNTIwNTQxYWJmY2UwZmJlYzA2MWJkNjlhMmVkNjFlZDZmZGVjMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnjBcUFbnyerxXCjz2ipH64/7orP
gWlx1DBG47MJkQQwyXYj3T2bBbdNW2ni2PhAamun9c/oSX6g4TGfvLyC1B8s7zpP
VL4D6Om4kqb1OUB1mTO7dj3Ao3ijfTSGiGHPMXJuKCY0Ahf6R18zApYEvPSlFkKV
4KzEIx2b9+vWQ+8X0vPsE+haqIthELJvOk76f49UEWZ7BwOQJ0KWpHd3AdborZ3Z
SZUd7tsHkaHAG0+oElU9QlM/y47G0mGsnOsMCdu7wkKkZp1/GpyPvnQDa/oOkypi
lXmpHe4K58napJ9ogNM9L5ShZR+BqS+CyOGfulDexZygQKU+uuhsJKWZhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUgVBq/zg++wGG9aaLtYe1v3sDBMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADu5MFh9b
W5CXewoY1nqBsnZIMh4mxhX8ldom8CDgJ3qMcXt3pgN7ahIKRgGKEy5nKXB1U0Da
h2myX2/XpDyV/cxdhRujiNVjB6eC2SFLjyQsaZgy2YWPG441Xo0kXivQOKrz8xCg
wzpmtGVNn82AbDdK4AyhE0nS+vy51rntV03Vnhz2qJ0ImVj0OeXMpA0nJm/FHB/j
gwd9/Ei8NjmWR56mC8a7TQKfwMQ7GPzDTxtvwJp0wo4/inZWw0xel3NjfsxNNzip
nQCiqZMQWI3fLyow7jIux21d6ew4eFWkfAdGvBQ6Z0nX0OZXs4B+SVmTT04TP+z8
Pat6Pj9/BX73eg==
-----END CERTIFICATE-----