Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          x3/CCTp2Y9GECEJ7ul6vhVgU1Bq+YrfCsGwKT9cwjXA=
Subject key identifier:   17:91:E6:38:08:84:B5:9B:81:0C:48:1B:FF:14:B3:F7:91:FA:B5:A1
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       0197B6A14615CBC2CEA11143C17DC29C99AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          11FA
Signing time:             Sat 28 Jun 2025 13:01:51 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:51 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:51 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: V7+LTHcunSN4FyICFy11EiBJyY569ky1lVwLMv7rLC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:46:15:cb:c2:ce:a1:11:43:c1:7d:c2:9c:99:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Jun 28 13:01:51 2025 GMT
            Not After : Jun 29 13:01:51 2025 GMT
        Subject: CN=1791e6380884b59b810c481bff14b3f791fab5a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0a:ac:2e:24:e3:d2:c1:d0:97:11:99:ac:a5:
                    72:1e:41:09:56:40:c1:da:0a:5d:fd:49:b1:8e:e5:
                    fe:54:ec:f8:3a:39:ce:e0:14:83:ab:9e:cd:df:a1:
                    0b:fd:84:d1:7a:24:5a:50:8d:e5:9c:ac:0b:fd:8e:
                    ca:f9:95:57:48:a7:cc:ac:cd:62:12:79:48:a7:eb:
                    f8:4d:1f:42:f1:09:a3:3d:08:a8:32:38:3e:2f:82:
                    8a:a1:c8:96:c2:1a:51:72:ac:f1:0b:a3:ef:52:6b:
                    70:71:23:eb:7b:d4:da:84:d9:62:15:b3:a8:0b:b8:
                    22:71:75:0e:8d:2d:12:b9:27:d9:58:c0:a0:be:ba:
                    6f:c1:1a:6b:09:91:2e:41:e0:9f:ef:92:dc:05:b0:
                    19:05:af:d6:38:38:fb:ee:32:cc:14:74:39:cb:91:
                    96:4c:98:c9:db:46:8d:17:01:57:55:86:d2:32:23:
                    04:5e:33:df:85:d5:8c:53:f1:47:24:00:a3:bf:5d:
                    7d:21:3d:de:c4:47:2d:5a:dd:bd:e4:da:9f:89:bb:
                    e2:24:a5:5e:2d:b4:6a:ba:74:3b:31:90:2f:43:46:
                    74:57:cc:38:91:dd:c4:e4:94:23:fc:d6:f3:d8:73:
                    09:c0:17:df:26:7e:f5:d1:d9:30:9d:81:80:9e:07:
                    7d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:91:E6:38:08:84:B5:9B:81:0C:48:1B:FF:14:B3:F7:91:FA:B5:A1
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:74:b3:36:06:c7:a1:4e:33:cb:0f:d0:f2:6a:f9:89:df:fc:
         08:77:2c:a7:bc:42:52:39:25:70:35:2e:01:33:ee:2b:e0:1a:
         3f:92:c7:99:25:66:5d:a9:76:eb:70:82:b5:40:91:fa:f4:f7:
         79:06:c7:c5:2c:2a:22:59:55:83:f3:f1:88:4b:1f:17:59:b6:
         bf:34:73:09:dc:69:f4:94:7b:6a:aa:e2:85:d5:b7:e2:ce:04:
         83:23:e6:5e:19:3f:b5:5f:c6:03:08:cb:a6:77:3c:c4:22:9f:
         f6:e7:bb:67:c0:88:78:6f:bd:e4:02:80:10:4f:de:d8:7a:29:
         30:9f:58:d9:ec:f3:83:d7:83:12:24:de:d6:6d:a2:f2:6c:d4:
         81:a0:e4:ac:3a:7a:06:12:04:83:62:44:4f:79:a4:d4:89:b5:
         9a:e9:b9:2a:c7:3f:8f:ac:0d:da:6b:de:35:c4:89:d0:94:ff:
         72:37:49:ac:98:53:ff:27:30:33:2d:50:58:70:df:45:ed:1b:
         26:a6:c7:3b:71:de:14:8f:aa:37:a0:82:e8:31:56:fc:41:ba:
         d0:a4:21:6c:d0:86:07:f5:5f:e6:58:f4:2c:ec:b7:0e:c1:e9:
         60:33:74:be:f7:83:b2:57:a6:ed:c8:ee:19:19:f3:10:98:15:
         bd:4f:42:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oUYVy8LOoRFDwX3CnJmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUwNjI4MTMwMTUxWhcNMjUwNjI5MTMwMTUxWjAzMTEwLwYDVQQD
EygxNzkxZTYzODA4ODRiNTliODEwYzQ4MWJmZjE0YjNmNzkxZmFiNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgqsLiTj0sHQlxGZrKVyHkEJVkDB
2gpd/UmxjuX+VOz4OjnO4BSDq57N36EL/YTReiRaUI3lnKwL/Y7K+ZVXSKfMrM1i
EnlIp+v4TR9C8QmjPQioMjg+L4KKociWwhpRcqzxC6PvUmtwcSPre9TahNliFbOo
C7gicXUOjS0SuSfZWMCgvrpvwRprCZEuQeCf75LcBbAZBa/WODj77jLMFHQ5y5GW
TJjJ20aNFwFXVYbSMiMEXjPfhdWMU/FHJACjv119IT3exEctWt295NqfibviJKVe
LbRqunQ7MZAvQ0Z0V8w4kd3E5JQj/Nbz2HMJwBffJn710dkwnYGAngd9owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeR5jgIhLWbgQxIG/8Us/eR+rWhMB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlXSzNgbH
oU4zyw/Q8mr5id/8CHcsp7xCUjklcDUuATPuK+AaP5LHmSVmXal263CCtUCR+vT3
eQbHxSwqIllVg/PxiEsfF1m2vzRzCdxp9JR7aqrihdW34s4EgyPmXhk/tV/GAwjL
pnc8xCKf9ue7Z8CIeG+95AKAEE/e2HopMJ9Y2ezzg9eDEiTe1m2i8mzUgaDkrDp6
BhIEg2JET3mk1Im1mum5Ksc/j6wN2mveNcSJ0JT/cjdJrJhT/ycwMy1QWHDfRe0b
JqbHO3HeFI+qN6CC6DFW/EG60KQhbNCGB/Vf5lj0LOy3DsHpYDN0vveDslem7cju
GRnzEJgVvU9CkQ==
-----END CERTIFICATE-----