Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
File:                     izHINiDus1ExJXtb-vqrOTRSyJE.mft (raw, json)
Hash identifier:          WmI+ydsoA5b43Oazai3yTGScCOZ7tm9B1tzn6gF/oqU=
Subject key identifier:   87:4C:00:84:98:E7:2E:3E:27:44:C8:8C:5E:AE:36:F1:09:B2:59:62
Authority key identifier: 8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91
Certificate issuer:       /CN=8b31c83620eeb35131257b5bfafaab393452c891
Certificate serial:       0198D5BBF60F9AFB46DB8CAC668E58807483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
Manifest number:          1645
Signing time:             Sat 23 Aug 2025 07:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:01 +0000
Files and hashes:         1: izHINiDus1ExJXtb-vqrOTRSyJE.crl (hash: gwkxCAftkiBdfrhywLCzB8tThJjs3ujcm6zkkj3fGYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:f6:0f:9a:fb:46:db:8c:ac:66:8e:58:80:74:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b31c83620eeb35131257b5bfafaab393452c891
        Validity
            Not Before: Aug 23 07:02:01 2025 GMT
            Not After : Aug 24 07:02:01 2025 GMT
        Subject: CN=874c008498e72e3e2744c88c5eae36f109b25962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:af:7d:30:66:66:e6:bc:e6:c6:30:d9:ff:bb:
                    20:db:8b:87:83:1e:35:ea:8e:83:de:ec:b4:26:a6:
                    75:ff:8c:e7:66:82:93:59:e0:d3:18:7b:22:c5:65:
                    fb:59:8d:db:21:fc:d8:88:78:90:c4:41:95:bb:8e:
                    97:23:9f:35:33:56:f1:23:5d:14:ed:58:1e:5f:66:
                    55:d5:77:45:18:cd:2a:87:58:c1:64:46:d5:77:31:
                    92:36:03:00:0d:90:e5:3b:36:8d:24:bf:05:06:43:
                    60:5a:a5:fa:9a:1c:bc:cb:61:cf:8d:e7:6c:50:ec:
                    63:d9:3d:e8:f0:a3:a9:fc:2a:e3:82:2c:71:99:98:
                    89:f1:2e:56:d5:97:b1:b1:8b:04:cb:a0:6b:f3:53:
                    fe:6e:c8:16:49:8e:00:1c:3f:c1:b6:db:d1:96:03:
                    0a:e4:c3:d1:a6:70:f6:69:d6:88:69:7d:50:bd:df:
                    66:b9:80:09:87:15:6d:98:cd:65:b5:ab:53:b8:36:
                    ed:80:8e:8c:98:4f:d8:75:3f:de:bd:9a:b9:27:54:
                    8e:f2:2a:7a:67:ea:72:af:17:79:b7:4c:26:23:d9:
                    81:8c:ad:aa:e0:55:b1:31:2e:7c:67:20:2f:25:8b:
                    99:42:72:3f:88:83:69:db:2e:7f:12:4f:e1:dc:fd:
                    8d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:4C:00:84:98:E7:2E:3E:27:44:C8:8C:5E:AE:36:F1:09:B2:59:62
            X509v3 Authority Key Identifier:
                keyid:8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b0:72:d6:e3:e8:8b:84:66:22:71:9c:2e:11:73:68:9d:63:
         0f:ae:32:02:4d:10:6b:62:72:06:51:f8:2b:12:0b:3b:a2:f0:
         91:c8:b8:a2:a6:04:d6:54:19:8a:31:68:7b:50:2f:7c:67:e6:
         23:ad:03:cd:6d:a0:2b:c1:51:e5:3f:87:dc:49:66:30:18:bd:
         40:22:22:5a:07:31:68:ae:29:31:8d:e7:e6:a5:ee:09:fc:06:
         86:23:e4:3d:55:06:50:4f:92:d0:d0:4b:d0:ba:7e:c4:d5:ae:
         c9:81:93:81:9a:5c:e9:67:b1:8e:c6:87:83:f3:d6:5d:7e:ba:
         90:ea:7a:8a:bd:1f:9c:bb:dd:ec:df:fc:26:ce:f1:41:4b:04:
         78:bd:4a:88:df:6d:c2:75:a3:03:39:c6:f6:bf:72:2b:b5:74:
         ca:04:f8:a8:d9:be:7b:24:fe:45:89:8c:6f:5a:ca:ac:c0:54:
         d6:2e:ff:02:c9:28:88:62:ac:4f:7e:41:f4:d1:ac:5e:60:aa:
         d6:e6:56:a9:7c:f0:83:22:d9:c8:07:79:cf:2c:72:26:10:9a:
         3f:70:f6:c8:a1:0e:ca:8f:72:37:12:12:8f:e2:7a:da:31:d3:
         ae:26:13:e2:08:73:4e:16:c9:c1:06:e0:98:85:0c:1e:87:0e:
         c6:ba:5c:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu/YPmvtG24ysZo5YgHSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzFjODM2MjBlZWIzNTEzMTI1N2I1YmZhZmFhYjM5MzQ1
MmM4OTEwHhcNMjUwODIzMDcwMjAxWhcNMjUwODI0MDcwMjAxWjAzMTEwLwYDVQQD
Eyg4NzRjMDA4NDk4ZTcyZTNlMjc0NGM4OGM1ZWFlMzZmMTA5YjI1OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0699MGZm5rzmxjDZ/7sg24uHgx41
6o6D3uy0JqZ1/4znZoKTWeDTGHsixWX7WY3bIfzYiHiQxEGVu46XI581M1bxI10U
7VgeX2ZV1XdFGM0qh1jBZEbVdzGSNgMADZDlOzaNJL8FBkNgWqX6mhy8y2HPjeds
UOxj2T3o8KOp/CrjgixxmZiJ8S5W1ZexsYsEy6Br81P+bsgWSY4AHD/BttvRlgMK
5MPRpnD2adaIaX1Qvd9muYAJhxVtmM1ltatTuDbtgI6MmE/YdT/evZq5J1SO8ip6
Z+pyrxd5t0wmI9mBjK2q4FWxMS58ZyAvJYuZQnI/iINp2y5/Ek/h3P2NxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdMAISY5y4+J0TIjF6uNvEJslliMB8GA1UdIwQY
MBaAFIsxyDYg7rNRMSV7W/r6qzk0UsiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEt
Zjg0Njc0ZDQ2MzAzLzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEtZjg0Njc0ZDQ2MzAz
LzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLBy1uPo
i4RmInGcLhFzaJ1jD64yAk0Qa2JyBlH4KxILO6Lwkci4oqYE1lQZijFoe1AvfGfm
I60DzW2gK8FR5T+H3ElmMBi9QCIiWgcxaK4pMY3n5qXuCfwGhiPkPVUGUE+S0NBL
0Lp+xNWuyYGTgZpc6WexjsaHg/PWXX66kOp6ir0fnLvd7N/8Js7xQUsEeL1KiN9t
wnWjAznG9r9yK7V0ygT4qNm+eyT+RYmMb1rKrMBU1i7/AskoiGKsT35B9NGsXmCq
1uZWqXzwgyLZyAd5zyxyJhCaP3D2yKEOyo9yNxISj+J62jHTriYT4ghzThbJwQbg
mIUMHocOxrpclw==
-----END CERTIFICATE-----