Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          BHxLeJI3a74mrsNv6/czkJv4E2NO6ifkixKodOBN96M=
Subject key identifier:   29:2C:5D:DE:57:F0:6C:87:A9:88:74:42:78:7F:D1:E3:0B:CF:8E:91
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       0196B8C7CA1A2AE9FF86AEFCAA5756082374
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          0116
Signing time:             Sat 10 May 2025 06:00:23 +0000
Manifest this update:     Sat 10 May 2025 06:00:23 +0000
Manifest next update:     Sun 11 May 2025 06:00:23 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: Xi0O8ndii06K5Ur98iPW3mSriV9i0+ild4+xlFAd1Ko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:c7:ca:1a:2a:e9:ff:86:ae:fc:aa:57:56:08:23:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: May 10 06:00:23 2025 GMT
            Not After : May 11 06:00:23 2025 GMT
        Subject: CN=292c5dde57f06c87a9887442787fd1e30bcf8e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:61:45:75:cb:05:a0:d6:0d:c2:c8:cb:a5:eb:
                    63:73:16:a3:1d:b6:36:11:a7:2d:35:ba:6e:ea:3d:
                    2f:87:ce:02:95:31:66:bf:ee:82:69:67:2f:61:c4:
                    b3:3a:cc:70:af:99:64:cf:a4:b2:d0:81:5b:68:5c:
                    ef:fa:1b:19:d5:c8:f0:27:f1:1b:55:92:d4:6d:16:
                    a5:ec:a4:25:1a:c4:ab:4c:6f:55:1a:67:ec:da:7c:
                    87:b4:8d:93:35:ff:0b:69:8f:5a:62:c0:d5:bd:c5:
                    dd:e4:e2:fd:8f:c9:a8:af:d2:e7:70:30:c4:4c:07:
                    99:f7:43:c9:da:a9:fb:78:ea:a5:63:a4:56:91:bf:
                    9c:d2:e7:c2:a9:36:b5:8e:f2:99:da:b6:38:05:a1:
                    20:92:d5:3a:3e:c1:ac:7a:e0:3d:c5:0d:33:d4:29:
                    b0:14:5c:ad:54:8e:4b:4a:89:10:2d:45:cc:ef:04:
                    a2:de:92:ef:e6:9d:fa:ca:d3:9a:3f:31:bb:99:85:
                    96:66:bb:21:14:a1:1f:1d:c4:d8:db:4b:22:5f:b4:
                    5e:4b:c2:4f:17:1e:bf:09:7f:46:9d:89:db:06:27:
                    ef:6a:70:ac:85:5c:e1:13:fc:d3:c2:1d:05:02:70:
                    e6:6e:cb:e9:d2:71:8e:12:27:e1:8e:da:5a:8f:f7:
                    a3:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:2C:5D:DE:57:F0:6C:87:A9:88:74:42:78:7F:D1:E3:0B:CF:8E:91
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:03:31:a1:1f:a9:da:bc:b4:55:0e:7e:0b:09:a3:42:5c:b3:
         a0:bd:1e:53:e4:39:e5:fb:eb:44:02:e6:3c:de:50:68:e6:25:
         23:d0:f1:cd:7b:66:b6:0c:82:1f:ff:da:26:c7:9b:52:3d:d7:
         9d:fe:4f:22:6b:14:3b:9f:a8:7a:3a:42:6c:ee:3c:cc:e3:d0:
         60:2b:fd:c5:d3:b6:fe:73:32:37:b4:78:95:68:fb:05:9a:af:
         2e:8d:f5:2e:8b:09:e8:62:6b:db:cd:59:ec:07:6d:5e:41:8e:
         0b:5e:02:9d:8f:85:b4:df:c5:3c:94:f3:c8:7d:4f:30:88:ea:
         05:34:f6:bc:37:aa:97:57:0e:48:63:d8:d6:05:68:5c:30:0b:
         57:3c:88:82:23:21:ec:68:e2:39:c5:d5:4f:0f:5e:ee:b0:e9:
         77:7f:da:68:c3:e7:c7:36:84:19:da:b7:e5:cc:81:36:69:a2:
         2f:c8:2d:56:42:76:ba:7e:5b:01:36:c3:b7:9a:89:49:10:00:
         bb:3d:e4:73:8b:e5:ee:b5:a7:56:6d:19:e4:37:e7:68:f3:53:
         97:eb:cc:4d:61:1d:39:94:9e:1f:70:f1:f2:0b:21:fb:5e:5d:
         0e:e7:87:5a:49:2d:d0:c6:ee:81:07:f8:3b:d4:6a:3e:06:8d:
         02:c0:f1:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4x8oaKun/hq78qldWCCN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwNTEwMDYwMDIzWhcNMjUwNTExMDYwMDIzWjAzMTEwLwYDVQQD
EygyOTJjNWRkZTU3ZjA2Yzg3YTk4ODc0NDI3ODdmZDFlMzBiY2Y4ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWFFdcsFoNYNwsjLpetjcxajHbY2
EactNbpu6j0vh84ClTFmv+6CaWcvYcSzOsxwr5lkz6Sy0IFbaFzv+hsZ1cjwJ/Eb
VZLUbRal7KQlGsSrTG9VGmfs2nyHtI2TNf8LaY9aYsDVvcXd5OL9j8mor9LncDDE
TAeZ90PJ2qn7eOqlY6RWkb+c0ufCqTa1jvKZ2rY4BaEgktU6PsGseuA9xQ0z1Cmw
FFytVI5LSokQLUXM7wSi3pLv5p36ytOaPzG7mYWWZrshFKEfHcTY20siX7ReS8JP
Fx6/CX9GnYnbBifvanCshVzhE/zTwh0FAnDmbsvp0nGOEifhjtpaj/ejVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCksXd5X8GyHqYh0Qnh/0eMLz46RMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwMxoR+p
2ry0VQ5+CwmjQlyzoL0eU+Q55fvrRALmPN5QaOYlI9DxzXtmtgyCH//aJsebUj3X
nf5PImsUO5+oejpCbO48zOPQYCv9xdO2/nMyN7R4lWj7BZqvLo31LosJ6GJr281Z
7AdtXkGOC14CnY+FtN/FPJTzyH1PMIjqBTT2vDeql1cOSGPY1gVoXDALVzyIgiMh
7GjiOcXVTw9e7rDpd3/aaMPnxzaEGdq35cyBNmmiL8gtVkJ2un5bATbDt5qJSRAA
uz3kc4vl7rWnVm0Z5DfnaPNTl+vMTWEdOZSeH3Dx8gsh+15dDueHWkkt0MbugQf4
O9RqPgaNAsDxJw==
-----END CERTIFICATE-----