Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          CBKoxwEA7NxQtochVnBjZlAERtVIGtjgOEgomeula+4=
Subject key identifier:   F3:C8:ED:26:D5:43:CE:A4:C2:FC:00:6C:6C:00:72:C4:DE:59:42:82
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       0198D474435DEE7C0173FD2FE9D5CBE30A71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          128E
Signing time:             Sat 23 Aug 2025 01:04:05 +0000
Manifest this update:     Sat 23 Aug 2025 01:04:05 +0000
Manifest next update:     Sun 24 Aug 2025 01:04:05 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: fUAIcOqnSCMFstM7bML00YZfx8kJYbW0yxswAu784Lg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:04:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:43:5d:ee:7c:01:73:fd:2f:e9:d5:cb:e3:0a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Aug 23 01:04:05 2025 GMT
            Not After : Aug 24 01:04:05 2025 GMT
        Subject: CN=f3c8ed26d543cea4c2fc006c6c0072c4de594282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e6:df:92:07:0a:7c:80:42:9c:9c:c9:2c:53:
                    c0:24:64:5c:fe:0c:05:71:29:21:70:15:78:79:fa:
                    8e:23:9d:04:4a:79:a0:ba:e2:1d:41:6c:a7:9b:f9:
                    02:c6:45:13:82:37:2b:81:14:98:0e:f5:67:72:c9:
                    46:9b:dc:32:c9:22:98:64:b7:04:af:0c:db:c2:cd:
                    5d:fb:3f:11:7f:1a:a4:ca:ef:9e:d0:75:d8:ad:f7:
                    06:be:1d:ad:d7:e5:40:05:0c:94:38:d5:02:33:11:
                    7b:6e:d4:6a:f6:4a:5d:4a:83:1d:ee:4a:80:0e:dc:
                    ae:d0:31:8e:2b:da:fb:81:7c:00:55:cb:ed:3c:b6:
                    1d:f5:f7:db:f7:68:6e:e2:03:64:7e:eb:f9:9c:4f:
                    e9:be:f9:32:7f:72:a3:71:07:30:77:77:04:f8:de:
                    ce:3e:89:f5:4f:99:8d:22:cf:52:41:3c:6d:08:31:
                    a3:2e:fd:4b:ec:8f:14:f8:b1:35:db:7f:83:6e:f3:
                    7d:15:3a:9a:58:11:5e:ec:56:d2:78:04:42:3b:3d:
                    ce:93:cf:dd:13:8a:54:10:9b:c3:ce:f9:d8:04:60:
                    2b:71:5f:46:8b:c1:41:63:25:9c:de:17:5b:b4:f7:
                    cd:e3:18:90:df:c0:55:de:b3:3f:01:63:4b:b1:8b:
                    e2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:C8:ED:26:D5:43:CE:A4:C2:FC:00:6C:6C:00:72:C4:DE:59:42:82
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:d7:26:97:51:c3:6f:f3:2b:c9:0a:7a:fa:3b:7b:a3:9a:76:
         8c:29:f7:9a:3c:a8:bd:c2:6f:b0:a2:21:c4:35:35:1f:67:26:
         9a:44:35:9f:e5:fe:e8:f2:cc:92:c3:70:84:41:9c:33:80:3b:
         b1:d3:b1:35:b2:48:8d:36:96:67:c2:81:17:76:03:94:33:ed:
         f5:87:38:2f:e8:f6:9c:06:5c:ee:35:e1:30:a0:b0:d4:c4:a2:
         a0:87:a0:dc:77:bb:2b:f7:5b:d0:17:d3:08:8a:59:12:b4:6c:
         13:9a:26:98:bf:04:5e:97:86:46:7a:01:25:1c:23:c0:1f:72:
         a9:80:cf:66:6d:f4:f0:9a:a3:81:8d:e3:11:7f:7c:01:1c:25:
         c3:48:32:01:1a:30:23:36:db:b4:3d:ab:3f:82:82:e3:a2:c6:
         b8:d5:67:4b:52:3f:5c:47:c8:63:a3:7e:3f:68:7e:e3:69:3d:
         fc:72:2d:0e:70:09:7b:e1:1a:87:2f:07:e9:2c:37:d5:28:aa:
         a2:db:39:33:5b:ed:55:aa:dd:c6:bc:7f:46:20:ee:e8:a0:ee:
         a8:c7:c7:18:d5:4e:c9:13:19:10:16:be:b4:76:75:5f:41:9a:
         93:5b:e2:38:8e:37:ff:74:ed:db:f9:7a:fd:d6:86:34:cf:12:
         a6:ff:46:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdENd7nwBc/0v6dXL4wpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUwODIzMDEwNDA1WhcNMjUwODI0MDEwNDA1WjAzMTEwLwYDVQQD
EyhmM2M4ZWQyNmQ1NDNjZWE0YzJmYzAwNmM2YzAwNzJjNGRlNTk0MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ObfkgcKfIBCnJzJLFPAJGRc/gwF
cSkhcBV4efqOI50ESnmguuIdQWynm/kCxkUTgjcrgRSYDvVncslGm9wyySKYZLcE
rwzbws1d+z8Rfxqkyu+e0HXYrfcGvh2t1+VABQyUONUCMxF7btRq9kpdSoMd7kqA
Dtyu0DGOK9r7gXwAVcvtPLYd9ffb92hu4gNkfuv5nE/pvvkyf3KjcQcwd3cE+N7O
Pon1T5mNIs9SQTxtCDGjLv1L7I8U+LE123+DbvN9FTqaWBFe7FbSeARCOz3Ok8/d
E4pUEJvDzvnYBGArcV9Gi8FBYyWc3hdbtPfN4xiQ38BV3rM/AWNLsYvipwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPI7SbVQ86kwvwAbGwAcsTeWUKCMB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbNcml1HD
b/MryQp6+jt7o5p2jCn3mjyovcJvsKIhxDU1H2cmmkQ1n+X+6PLMksNwhEGcM4A7
sdOxNbJIjTaWZ8KBF3YDlDPt9Yc4L+j2nAZc7jXhMKCw1MSioIeg3He7K/db0BfT
CIpZErRsE5ommL8EXpeGRnoBJRwjwB9yqYDPZm308JqjgY3jEX98ARwlw0gyARow
IzbbtD2rP4KC46LGuNVnS1I/XEfIY6N+P2h+42k9/HItDnAJe+Eahy8H6Sw31Siq
ots5M1vtVardxrx/RiDu6KDuqMfHGNVOyRMZEBa+tHZ1X0Gak1viOI43/3Tt2/l6
/daGNM8Spv9G8w==
-----END CERTIFICATE-----