Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.mft
File:                     iRXDvI1ZBfJPvjBRvOcgCSE4MAk.mft (raw, json)
Hash identifier:          sMwGtnvT1p7oP7w60cmd/bIjEpyKAqBTnpL08ZYAJcs=
Subject key identifier:   1A:19:70:33:6A:69:D3:B0:0C:57:74:EF:11:DD:5E:F3:81:02:1C:A2
Authority key identifier: 89:15:C3:BC:8D:59:05:F2:4F:BE:30:51:BC:E7:20:09:21:38:30:09
Certificate issuer:       /CN=8915c3bc8d5905f24fbe3051bce7200921383009
Certificate serial:       0197B8213AAA02A304F5BCFE785DE68ADF50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.mft
Manifest number:          87
Signing time:             Sat 28 Jun 2025 20:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 20:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 20:01:14 +0000
Files and hashes:         1: iRXDvI1ZBfJPvjBRvOcgCSE4MAk.crl (hash: 8CA/S4yIeX+w6Ka9HemfCj1Mr5Vun689LrQU/9Kgi9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:21:3a:aa:02:a3:04:f5:bc:fe:78:5d:e6:8a:df:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8915c3bc8d5905f24fbe3051bce7200921383009
        Validity
            Not Before: Jun 28 20:01:14 2025 GMT
            Not After : Jun 29 20:01:14 2025 GMT
        Subject: CN=1a1970336a69d3b00c5774ef11dd5ef381021ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:55:86:b1:b0:62:da:77:78:69:21:8f:53:47:
                    09:ba:aa:9e:85:49:67:3f:dc:e9:ef:62:5b:36:ec:
                    d7:45:f5:1a:fe:f5:e2:ac:63:ee:5f:cd:f3:52:c0:
                    3d:46:4b:37:1a:f8:64:6d:38:67:ed:09:90:26:c7:
                    b5:ee:84:c2:ab:e7:3d:67:45:24:4b:25:9f:1d:44:
                    cc:21:91:d8:22:ea:8b:f4:47:f0:e2:42:80:53:ec:
                    cd:f5:d7:b5:a7:b5:47:d2:bb:72:a3:c3:9c:1e:34:
                    9c:09:30:d4:65:d6:6c:33:a8:1e:7d:63:d4:66:34:
                    ca:01:78:67:14:d9:47:9d:9e:37:fb:99:6f:53:45:
                    9e:c9:ba:f4:78:ec:e1:97:ca:3a:39:e7:8c:4a:7a:
                    cb:02:44:b3:43:d5:8b:30:9e:e2:e2:5c:69:ae:7e:
                    f6:bc:53:b6:e2:83:ae:d8:bb:2b:26:93:92:12:14:
                    07:52:c0:68:2b:e6:b7:87:8e:28:9a:6b:3c:33:9f:
                    f3:47:33:5d:33:9a:2b:8e:40:dc:0c:a1:e9:d6:df:
                    79:48:1d:d1:ba:aa:ab:13:31:bb:cf:2e:52:af:96:
                    03:be:79:ae:14:2f:ca:40:6c:17:04:d5:17:cf:36:
                    70:cc:da:7f:42:b8:ca:ff:7c:af:df:c8:7a:aa:5e:
                    0b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:19:70:33:6A:69:D3:B0:0C:57:74:EF:11:DD:5E:F3:81:02:1C:A2
            X509v3 Authority Key Identifier:
                keyid:89:15:C3:BC:8D:59:05:F2:4F:BE:30:51:BC:E7:20:09:21:38:30:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/63ecd9-3d18-4810-9db4-d36c16279552/1/iRXDvI1ZBfJPvjBRvOcgCSE4MAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:16:eb:85:1c:7f:bf:7b:a7:63:f5:47:80:7e:c6:e5:ed:05:
         d1:77:96:00:58:29:7f:79:02:86:71:48:f3:ac:38:b3:79:9a:
         72:07:7b:96:b8:0e:82:c0:27:1b:9e:54:85:55:c4:97:19:8a:
         3e:f3:98:e5:2b:ae:da:3e:05:05:c1:97:37:9f:2d:f2:b5:5f:
         66:6c:1a:dc:fd:a2:63:e2:de:f7:69:3c:9b:7e:e2:27:33:05:
         1b:c0:e0:06:8f:fb:dc:bf:37:79:f6:ad:a1:96:37:fa:50:50:
         ea:1e:ee:a6:67:c7:87:b2:b1:a5:78:57:fe:8e:ed:b6:6e:e5:
         29:36:68:27:8d:cd:59:3a:d6:e8:50:df:af:cf:80:5f:2a:58:
         ce:d6:56:0d:89:d2:42:36:b6:dd:96:3a:10:d4:d2:cf:9d:57:
         c6:45:f0:d3:d3:0c:0d:6f:3a:30:a0:67:3f:b7:4e:8a:8d:2b:
         b4:cb:62:cb:73:f1:6b:89:25:85:13:4c:28:01:70:1c:36:22:
         07:dc:cc:80:70:6a:c2:7a:df:b3:20:58:62:f9:91:20:12:e7:
         90:b9:bb:7f:4e:21:b9:d5:7c:cc:39:ef:08:41:a9:d5:9e:24:
         ca:80:5a:09:22:6c:76:fe:f9:04:ef:3b:bf:43:b1:14:ba:95:
         65:04:6d:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4ITqqAqME9bz+eF3mit9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MTVjM2JjOGQ1OTA1ZjI0ZmJlMzA1MWJjZTcyMDA5MjEz
ODMwMDkwHhcNMjUwNjI4MjAwMTE0WhcNMjUwNjI5MjAwMTE0WjAzMTEwLwYDVQQD
EygxYTE5NzAzMzZhNjlkM2IwMGM1Nzc0ZWYxMWRkNWVmMzgxMDIxY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlWGsbBi2nd4aSGPU0cJuqqehUln
P9zp72JbNuzXRfUa/vXirGPuX83zUsA9Rks3GvhkbThn7QmQJse17oTCq+c9Z0Uk
SyWfHUTMIZHYIuqL9Efw4kKAU+zN9de1p7VH0rtyo8OcHjScCTDUZdZsM6gefWPU
ZjTKAXhnFNlHnZ43+5lvU0Weybr0eOzhl8o6OeeMSnrLAkSzQ9WLMJ7i4lxprn72
vFO24oOu2LsrJpOSEhQHUsBoK+a3h44omms8M5/zRzNdM5orjkDcDKHp1t95SB3R
uqqrEzG7zy5Sr5YDvnmuFC/KQGwXBNUXzzZwzNp/QrjK/3yv38h6ql4L6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoZcDNqadOwDFd07xHdXvOBAhyiMB8GA1UdIwQY
MBaAFIkVw7yNWQXyT74wUbznIAkhODAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVJYRHZJMVpCZkpQdmpCUnZPY2dDU0U0TUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82M2VjZDktM2QxOC00ODEwLTlkYjQt
ZDM2YzE2Mjc5NTUyLzEvaVJYRHZJMVpCZkpQdmpCUnZPY2dDU0U0TUFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82M2VjZDktM2QxOC00ODEwLTlkYjQtZDM2YzE2Mjc5NTUy
LzEvaVJYRHZJMVpCZkpQdmpCUnZPY2dDU0U0TUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHxbrhRx/
v3unY/VHgH7G5e0F0XeWAFgpf3kChnFI86w4s3macgd7lrgOgsAnG55UhVXElxmK
PvOY5Suu2j4FBcGXN58t8rVfZmwa3P2iY+Le92k8m37iJzMFG8DgBo/73L83efat
oZY3+lBQ6h7upmfHh7KxpXhX/o7ttm7lKTZoJ43NWTrW6FDfr8+AXypYztZWDYnS
Qja23ZY6ENTSz51XxkXw09MMDW86MKBnP7dOio0rtMtiy3Pxa4klhRNMKAFwHDYi
B9zMgHBqwnrfsyBYYvmRIBLnkLm7f04hudV8zDnvCEGp1Z4kyoBaCSJsdv75BO87
v0OxFLqVZQRtJQ==
-----END CERTIFICATE-----