Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          sSXOKd5dMn6QQyh4LV9APAeR/leW67dW6x/Mak2GV2s=
Subject key identifier:   77:CA:B2:2E:0C:1F:DB:A6:45:1E:4B:4B:79:97:BC:76:42:C2:0C:9B
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       0197C048DC440FD250B6D3D472E37F2D1D23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          15B8
Signing time:             Mon 30 Jun 2025 10:01:29 +0000
Manifest this update:     Mon 30 Jun 2025 10:01:29 +0000
Manifest next update:     Tue 01 Jul 2025 10:01:29 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: 1GdDznNYtGp3vCdK3RQUZJ7pY8mbclaKwEUq6a0+Sdk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 07:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:48:dc:44:0f:d2:50:b6:d3:d4:72:e3:7f:2d:1d:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Jun 30 10:01:29 2025 GMT
            Not After : Jul  1 10:01:29 2025 GMT
        Subject: CN=77cab22e0c1fdba6451e4b4b7997bc7642c20c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0d:47:92:aa:4d:f1:f1:fd:19:3d:8b:1a:29:
                    4f:cf:de:04:73:c8:0e:d7:dd:82:9e:b1:12:de:0e:
                    cd:71:69:5d:d8:1d:59:11:78:82:6d:76:69:e1:dc:
                    40:96:cb:31:a5:a7:66:0e:f6:63:f7:17:c1:31:45:
                    d0:9f:e2:6b:33:0c:82:86:0c:a9:32:76:c9:f2:92:
                    df:6f:f7:e3:fc:f1:cb:64:bb:d4:97:3c:64:0b:32:
                    01:65:67:8c:74:a5:5e:24:aa:bb:c7:01:95:e5:23:
                    51:a6:c6:10:31:ca:a7:fb:60:5a:ef:5d:ac:7d:d1:
                    00:0a:9b:a7:17:ee:c2:df:bf:ae:40:4a:e4:c7:45:
                    dc:e9:c8:77:c4:05:35:ac:07:54:60:3e:30:d8:9d:
                    2e:c4:b8:d7:86:99:e7:7d:2b:d4:8d:1d:9a:ae:71:
                    36:52:72:fe:1f:47:2c:7f:a3:bf:e8:30:91:e8:0a:
                    1e:a1:38:41:78:31:ec:5e:1b:58:79:7e:cf:79:82:
                    4d:d7:29:db:5f:63:11:d1:a1:30:3e:fb:04:fc:20:
                    96:38:a8:ef:c3:80:cc:04:da:47:ad:a5:4a:c7:39:
                    5c:db:74:d4:0e:d8:27:7d:1c:5e:49:e0:a8:81:ad:
                    88:0c:03:94:09:17:ae:dd:5b:47:f4:14:67:c8:f4:
                    c1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:CA:B2:2E:0C:1F:DB:A6:45:1E:4B:4B:79:97:BC:76:42:C2:0C:9B
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:32:8d:9a:97:a1:a7:f7:5e:df:51:1d:70:26:62:48:ae:3f:
         5a:94:4b:2e:12:82:49:d1:38:99:31:1a:6f:5f:7e:a2:f4:73:
         f2:75:28:e1:36:cd:e6:7e:10:cc:07:1e:2d:1d:c5:0e:b1:1c:
         19:f8:ac:a6:2a:dc:2a:2d:d3:47:fd:86:60:0d:bb:6b:02:59:
         69:d9:d3:b1:79:8d:9c:d3:5d:c7:2d:e4:43:0b:33:f6:bd:8c:
         d0:bf:f8:50:31:49:4c:f8:d0:76:d4:43:25:be:1a:77:c0:90:
         fd:e4:b8:15:50:d8:ab:bb:27:7f:9e:ff:62:bb:74:45:14:7f:
         7f:91:db:73:54:96:fc:81:90:24:8c:38:93:5d:01:4d:6c:4c:
         3e:87:be:4d:f0:8d:1c:42:9f:8e:04:2f:29:16:e2:88:e7:c1:
         91:db:51:12:63:d7:65:e5:b7:47:61:b0:b7:3d:2b:64:b8:18:
         07:63:e2:05:ff:df:45:b3:ad:e7:e3:63:95:bb:a3:de:8a:bc:
         f7:fd:28:65:a7:3b:66:dd:14:c5:3c:19:04:ab:36:ef:83:6b:
         92:9b:51:63:1a:f4:b2:90:7c:89:7d:ef:5e:b5:fb:14:06:bb:
         b3:58:78:11:89:59:9f:3d:99:12:c2:7d:d9:ad:99:3f:b2:8c:
         65:8b:37:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfASNxED9JQttPUcuN/LR0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUwNjMwMTAwMTI5WhcNMjUwNzAxMTAwMTI5WjAzMTEwLwYDVQQD
Eyg3N2NhYjIyZTBjMWZkYmE2NDUxZTRiNGI3OTk3YmM3NjQyYzIwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw1HkqpN8fH9GT2LGilPz94Ec8gO
192CnrES3g7NcWld2B1ZEXiCbXZp4dxAlssxpadmDvZj9xfBMUXQn+JrMwyChgyp
MnbJ8pLfb/fj/PHLZLvUlzxkCzIBZWeMdKVeJKq7xwGV5SNRpsYQMcqn+2Ba712s
fdEACpunF+7C37+uQErkx0Xc6ch3xAU1rAdUYD4w2J0uxLjXhpnnfSvUjR2arnE2
UnL+H0csf6O/6DCR6AoeoThBeDHsXhtYeX7PeYJN1ynbX2MR0aEwPvsE/CCWOKjv
w4DMBNpHraVKxzlc23TUDtgnfRxeSeCoga2IDAOUCReu3VtH9BRnyPTBTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfKsi4MH9umRR5LS3mXvHZCwgybMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjKNmpeh
p/de31EdcCZiSK4/WpRLLhKCSdE4mTEab19+ovRz8nUo4TbN5n4QzAceLR3FDrEc
GfispircKi3TR/2GYA27awJZadnTsXmNnNNdxy3kQwsz9r2M0L/4UDFJTPjQdtRD
Jb4ad8CQ/eS4FVDYq7snf57/Yrt0RRR/f5Hbc1SW/IGQJIw4k10BTWxMPoe+TfCN
HEKfjgQvKRbiiOfBkdtREmPXZeW3R2Gwtz0rZLgYB2PiBf/fRbOt5+Njlbuj3oq8
9/0oZac7Zt0UxTwZBKs274NrkptRYxr0spB8iX3vXrX7FAa7s1h4EYlZnz2ZEsJ9
2a2ZP7KMZYs3+w==
-----END CERTIFICATE-----