Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
File:                     izHINiDus1ExJXtb-vqrOTRSyJE.mft (raw, json)
Hash identifier:          4SLbeNFSfCo5OL3N0GNDdGIaHy4H7QdCuwAojAyA8/E=
Subject key identifier:   DD:BE:B6:D5:87:AE:56:C9:AA:21:C5:BD:70:AA:29:B0:ED:78:49:A9
Authority key identifier: 8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91
Certificate issuer:       /CN=8b31c83620eeb35131257b5bfafaab393452c891
Certificate serial:       0197B7EA3FD049E5332750E6370159289B90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
Manifest number:          15B1
Signing time:             Sat 28 Jun 2025 19:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:11 +0000
Files and hashes:         1: izHINiDus1ExJXtb-vqrOTRSyJE.crl (hash: jKcYiuvZHs1FhedthW1RVih/NAnkMGfC5v0oDZE4EZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:3f:d0:49:e5:33:27:50:e6:37:01:59:28:9b:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b31c83620eeb35131257b5bfafaab393452c891
        Validity
            Not Before: Jun 28 19:01:11 2025 GMT
            Not After : Jun 29 19:01:11 2025 GMT
        Subject: CN=ddbeb6d587ae56c9aa21c5bd70aa29b0ed7849a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:08:64:d1:ff:df:fd:ce:f8:e6:09:0a:ee:1b:
                    2d:e0:51:cb:e1:e9:09:44:d2:1d:cb:e1:a1:85:ab:
                    7f:62:ab:79:72:f1:ce:99:a5:c5:a8:70:b3:f1:82:
                    77:79:36:84:cb:c0:69:11:6b:84:8e:9c:81:09:4e:
                    2e:74:e1:1d:54:d8:5d:e4:c4:b0:98:09:08:17:f3:
                    ee:2c:08:87:fe:81:c0:fc:00:b8:3c:52:19:e6:83:
                    29:f3:5e:c9:45:16:7c:67:aa:d5:51:61:b2:c6:42:
                    20:b0:ac:cb:8c:7a:47:de:5c:b3:de:b4:92:1f:30:
                    87:4e:71:43:fa:5c:66:35:81:56:fb:e2:3a:d2:ad:
                    d4:94:22:71:64:9d:23:62:2f:cd:fd:a0:51:81:8b:
                    b2:ae:be:b1:80:56:5e:30:97:2f:c0:e8:df:dc:b8:
                    fe:a3:04:4d:40:19:13:d2:66:a0:6b:60:1c:42:6d:
                    09:30:30:47:3d:68:00:ce:aa:b7:58:79:f7:10:b9:
                    bb:96:90:a8:fd:ec:d1:26:30:f3:75:8b:79:b3:2a:
                    db:c5:a7:e9:9e:30:a9:7b:fd:61:74:8a:b1:18:21:
                    ea:d5:21:68:18:e1:f1:35:05:41:05:02:1f:8a:be:
                    f7:65:ed:f6:cb:56:fa:a8:0f:d2:fe:b4:7c:30:d3:
                    06:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:BE:B6:D5:87:AE:56:C9:AA:21:C5:BD:70:AA:29:B0:ED:78:49:A9
            X509v3 Authority Key Identifier:
                keyid:8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:7d:eb:c1:a5:1c:0f:a1:1a:91:21:d4:6f:7f:0b:dd:22:32:
         72:b0:43:56:2b:70:07:4a:70:3b:8c:2b:25:d3:c3:80:fb:79:
         16:99:9a:25:11:ff:68:26:a4:ea:46:a3:b9:8f:99:6f:3c:bd:
         6d:84:f3:6e:1d:14:27:62:4c:fd:6c:a9:3b:40:65:e5:c5:db:
         1a:52:e5:8f:22:a9:52:48:10:31:da:0f:b0:0a:be:ae:d8:7c:
         d0:fb:76:20:de:e9:89:67:c0:fe:12:06:bf:ca:54:d2:39:b0:
         cc:56:f1:90:03:a2:2f:52:85:72:8c:5e:1e:5d:fd:aa:10:ae:
         78:14:54:69:ea:e1:35:ec:3c:e9:1d:a3:f1:19:21:27:0d:30:
         52:18:04:0c:95:99:46:af:6e:fb:1a:be:4e:ae:6a:8c:0f:df:
         6c:a7:dd:bc:ac:ae:52:cc:d3:c9:6f:e4:ca:a2:d0:db:3b:25:
         e4:f5:2d:be:aa:52:49:a5:2a:7d:f7:30:d7:e1:8e:1d:f5:18:
         f0:18:4b:99:60:61:d5:95:37:60:81:d9:39:24:38:fb:c8:5d:
         9c:47:74:20:cd:42:d0:73:d2:eb:e3:37:44:a6:7f:4b:a4:19:
         bb:53:df:58:73:b4:5e:e0:ad:0e:2f:1d:be:6c:e8:79:a2:6b:
         5c:08:e0:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36j/QSeUzJ1DmNwFZKJuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzFjODM2MjBlZWIzNTEzMTI1N2I1YmZhZmFhYjM5MzQ1
MmM4OTEwHhcNMjUwNjI4MTkwMTExWhcNMjUwNjI5MTkwMTExWjAzMTEwLwYDVQQD
EyhkZGJlYjZkNTg3YWU1NmM5YWEyMWM1YmQ3MGFhMjliMGVkNzg0OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAhk0f/f/c745gkK7hst4FHL4ekJ
RNIdy+Ghhat/Yqt5cvHOmaXFqHCz8YJ3eTaEy8BpEWuEjpyBCU4udOEdVNhd5MSw
mAkIF/PuLAiH/oHA/AC4PFIZ5oMp817JRRZ8Z6rVUWGyxkIgsKzLjHpH3lyz3rSS
HzCHTnFD+lxmNYFW++I60q3UlCJxZJ0jYi/N/aBRgYuyrr6xgFZeMJcvwOjf3Lj+
owRNQBkT0maga2AcQm0JMDBHPWgAzqq3WHn3ELm7lpCo/ezRJjDzdYt5syrbxafp
njCpe/1hdIqxGCHq1SFoGOHxNQVBBQIfir73Ze32y1b6qA/S/rR8MNMGvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2+ttWHrlbJqiHFvXCqKbDteEmpMB8GA1UdIwQY
MBaAFIsxyDYg7rNRMSV7W/r6qzk0UsiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEt
Zjg0Njc0ZDQ2MzAzLzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEtZjg0Njc0ZDQ2MzAz
LzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARX3rwaUc
D6EakSHUb38L3SIycrBDVitwB0pwO4wrJdPDgPt5FpmaJRH/aCak6kajuY+Zbzy9
bYTzbh0UJ2JM/WypO0Bl5cXbGlLljyKpUkgQMdoPsAq+rth80Pt2IN7piWfA/hIG
v8pU0jmwzFbxkAOiL1KFcoxeHl39qhCueBRUaerhNew86R2j8RkhJw0wUhgEDJWZ
Rq9u+xq+Tq5qjA/fbKfdvKyuUszTyW/kyqLQ2zsl5PUtvqpSSaUqffcw1+GOHfUY
8BhLmWBh1ZU3YIHZOSQ4+8hdnEd0IM1C0HPS6+M3RKZ/S6QZu1PfWHO0XuCtDi8d
vmzoeaJrXAjgEw==
-----END CERTIFICATE-----