Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
File:                     ICNzDgbEv7_6ypBeUxJldCwXirQ.mft (raw, json)
Hash identifier:          wuDCgnRNzQhJ7dvH4ZXmDQJOWcnV8r5al+NsSlWkMFI=
Subject key identifier:   3A:47:03:1A:24:6F:E1:54:12:10:98:0F:24:3F:0F:07:11:AC:52:B6
Authority key identifier: 20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4
Certificate issuer:       /CN=2023730e06c4bfbffaca905e531265742c178ab4
Certificate serial:       0198D473664D6EEE998673E463139F9D3DE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
Manifest number:          101D
Signing time:             Sat 23 Aug 2025 01:03:09 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:09 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:09 +0000
Files and hashes:         1: ICNzDgbEv7_6ypBeUxJldCwXirQ.crl (hash: ioemOUJGRrLCFB/JRuE8DrjPUFHf6N3fCMS5EA+Dw0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:66:4d:6e:ee:99:86:73:e4:63:13:9f:9d:3d:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2023730e06c4bfbffaca905e531265742c178ab4
        Validity
            Not Before: Aug 23 01:03:09 2025 GMT
            Not After : Aug 24 01:03:09 2025 GMT
        Subject: CN=3a47031a246fe1541210980f243f0f0711ac52b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:aa:d4:df:80:02:35:16:ea:b9:9c:92:a3:69:
                    cc:57:fb:4b:1f:c8:00:0d:47:a4:db:41:51:28:42:
                    68:2f:1d:b5:41:fe:37:ca:a9:9a:2d:c6:d6:92:65:
                    2e:6e:14:9d:59:70:a2:aa:04:81:e8:6f:be:b1:87:
                    22:57:61:b9:44:b1:b7:76:67:af:27:76:93:c2:9a:
                    3c:1e:ca:19:bd:57:8b:0d:63:4e:30:d5:de:a2:a8:
                    4a:bd:9b:30:db:88:2d:e0:df:bf:a0:d8:8a:cf:73:
                    47:44:5e:bc:31:b7:b9:8d:a0:49:72:f4:b2:03:d9:
                    35:64:52:3e:49:62:c9:8e:d3:c4:af:c3:70:eb:eb:
                    43:6c:9b:ec:f9:8e:8d:66:f4:ba:db:60:b8:98:26:
                    36:26:16:e8:bc:5f:62:48:02:78:7b:46:00:5b:cf:
                    37:65:65:3c:2c:b5:1c:b1:0e:4b:5d:45:7b:a8:fa:
                    28:fd:f6:95:ac:01:14:7a:60:42:85:80:91:69:19:
                    ac:66:82:a5:d2:92:79:26:1f:b2:78:23:5f:d4:e5:
                    7a:c3:21:15:b6:6e:f5:e0:3c:37:e2:8a:2a:5e:35:
                    2a:2b:0e:8c:b5:60:27:cc:29:ce:6e:3c:f6:c4:5b:
                    f4:23:98:2e:d1:62:d6:42:c8:ec:5b:ae:29:6f:ca:
                    c1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:47:03:1A:24:6F:E1:54:12:10:98:0F:24:3F:0F:07:11:AC:52:B6
            X509v3 Authority Key Identifier:
                keyid:20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:fe:79:3e:7c:e8:52:d3:31:13:96:13:0a:ac:98:aa:5d:b9:
         36:1c:3e:2b:98:d8:7c:94:7a:ac:5a:f7:2f:61:b1:84:58:7b:
         b9:d6:6c:58:dd:74:30:ba:0b:74:a9:99:7f:28:c4:76:c7:f8:
         38:34:e6:ec:60:3b:cf:38:f2:a8:fe:8b:fe:c6:2e:cd:47:b2:
         18:27:62:40:0a:ec:3d:7d:84:d3:42:d5:bd:9d:12:76:24:52:
         c6:40:d9:3c:23:eb:72:b3:f6:48:a9:dc:6d:1d:8c:c7:b9:76:
         54:bd:52:2e:b4:6f:70:97:63:6f:fe:77:8a:64:8c:85:43:c8:
         51:6d:ff:b5:39:52:c0:a5:9b:38:07:08:55:39:55:61:4b:c8:
         a3:85:92:9c:f6:f3:44:b8:8d:33:2d:85:3a:82:3c:2c:91:e9:
         e5:64:f7:30:ec:9c:68:e2:56:a1:d8:c1:04:15:51:c4:b3:e7:
         04:6b:4b:5c:d3:c6:e0:bc:c9:3d:cf:ea:eb:da:78:0d:fe:7e:
         2d:71:c2:e6:d4:d3:78:5d:23:e5:6b:9f:f5:17:66:0c:4b:ce:
         80:75:5e:c5:ba:d5:6e:73:7d:ea:28:f2:bb:d7:bb:63:01:a2:
         a4:b6:7c:52:91:16:41:70:e8:0d:12:ea:5b:bc:b2:a6:3f:8b:
         c5:f6:70:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc2ZNbu6ZhnPkYxOfnT3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjM3MzBlMDZjNGJmYmZmYWNhOTA1ZTUzMTI2NTc0MmMx
NzhhYjQwHhcNMjUwODIzMDEwMzA5WhcNMjUwODI0MDEwMzA5WjAzMTEwLwYDVQQD
EygzYTQ3MDMxYTI0NmZlMTU0MTIxMDk4MGYyNDNmMGYwNzExYWM1MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAparU34ACNRbquZySo2nMV/tLH8gA
DUek20FRKEJoLx21Qf43yqmaLcbWkmUubhSdWXCiqgSB6G++sYciV2G5RLG3dmev
J3aTwpo8HsoZvVeLDWNOMNXeoqhKvZsw24gt4N+/oNiKz3NHRF68Mbe5jaBJcvSy
A9k1ZFI+SWLJjtPEr8Nw6+tDbJvs+Y6NZvS622C4mCY2JhbovF9iSAJ4e0YAW883
ZWU8LLUcsQ5LXUV7qPoo/faVrAEUemBChYCRaRmsZoKl0pJ5Jh+yeCNf1OV6wyEV
tm714Dw34ooqXjUqKw6MtWAnzCnObjz2xFv0I5gu0WLWQsjsW64pb8rBiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpHAxokb+FUEhCYDyQ/DwcRrFK2MB8GA1UdIwQY
MBaAFCAjcw4GxL+/+sqQXlMSZXQsF4q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYt
YjAzMzViYTNlMGMyLzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYtYjAzMzViYTNlMGMy
LzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATv55Pnzo
UtMxE5YTCqyYql25Nhw+K5jYfJR6rFr3L2GxhFh7udZsWN10MLoLdKmZfyjEdsf4
ODTm7GA7zzjyqP6L/sYuzUeyGCdiQArsPX2E00LVvZ0SdiRSxkDZPCPrcrP2SKnc
bR2Mx7l2VL1SLrRvcJdjb/53imSMhUPIUW3/tTlSwKWbOAcIVTlVYUvIo4WSnPbz
RLiNMy2FOoI8LJHp5WT3MOycaOJWodjBBBVRxLPnBGtLXNPG4LzJPc/q69p4Df5+
LXHC5tTTeF0j5Wuf9RdmDEvOgHVexbrVbnN96ijyu9e7YwGipLZ8UpEWQXDoDRLq
W7yypj+LxfZwtg==
-----END CERTIFICATE-----