Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          9S9LA42WdHfO+/eaGDVmJtHA5bvcBLWIHuAmvJ3i2/Q=
Subject key identifier:   2C:F3:E5:4B:26:82:DD:28:09:E0:20:DE:EE:5A:81:44:C7:9B:52:9E
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       0197B6A0AC321EECB4605B53F1EFCAA86882
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          06F9
Signing time:             Sat 28 Jun 2025 13:01:12 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:12 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:12 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: gNzIZlbS0hEIkSF8gA3OP18xDUy3GUydmuo/wVGM0GE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:ac:32:1e:ec:b4:60:5b:53:f1:ef:ca:a8:68:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Jun 28 13:01:12 2025 GMT
            Not After : Jun 29 13:01:12 2025 GMT
        Subject: CN=2cf3e54b2682dd2809e020deee5a8144c79b529e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0f:b6:7d:e5:e7:ab:52:a7:00:86:cc:c7:ac:
                    db:37:05:18:24:00:04:4a:d3:14:70:b8:ab:43:af:
                    7e:7d:f0:50:31:af:15:4f:1f:ef:f4:02:e8:bc:18:
                    1b:d3:e6:f5:6a:cc:0b:ab:5c:84:71:75:00:0f:7e:
                    03:d4:00:2f:ad:cb:7c:a0:00:79:3c:e8:38:7b:24:
                    a5:86:e7:87:9f:8a:5c:a4:cf:63:76:ec:79:41:e3:
                    82:f2:0b:96:ad:f0:cb:02:0f:2c:b0:ac:bf:59:b3:
                    f5:5a:66:55:5b:b6:af:ee:74:52:4c:cb:18:7a:01:
                    fb:b3:8e:bf:5a:be:af:6f:90:4d:45:1e:eb:87:10:
                    91:da:57:9b:f2:67:96:25:f9:ba:b8:6c:37:40:3c:
                    6c:b2:66:14:13:98:93:49:e0:bb:93:5d:68:cd:1d:
                    e1:e2:6e:b4:17:69:25:b3:2f:00:f8:a5:e3:28:91:
                    19:57:63:e6:a6:8c:a5:2f:c5:1a:30:3e:d9:4c:74:
                    57:2c:3d:01:4d:fc:11:b3:1c:6a:9b:23:8f:74:8d:
                    1c:db:77:da:a7:1d:c4:b4:f4:d5:55:01:8e:b4:6f:
                    a5:42:f4:b4:35:45:81:06:0a:c3:6b:26:0a:71:03:
                    b9:3a:94:61:26:51:cd:9b:37:4e:22:0f:2a:40:07:
                    38:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:F3:E5:4B:26:82:DD:28:09:E0:20:DE:EE:5A:81:44:C7:9B:52:9E
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:1c:de:59:50:49:3e:80:78:7b:27:b1:ea:f7:58:2d:b8:88:
         98:5e:20:4e:d9:f6:3e:bf:37:dd:50:a9:08:93:a2:01:94:7b:
         e8:f1:62:8a:0b:f4:4e:21:fd:90:3c:08:b3:7b:eb:e1:5a:2c:
         e6:43:9b:50:b2:32:af:6b:8d:aa:ef:62:7f:9e:8c:77:2e:e4:
         8d:70:8a:12:43:a6:e3:c4:ee:6a:61:b6:22:bb:db:9a:49:a1:
         01:6c:e6:c1:83:8f:6d:de:cd:f9:a7:aa:2c:8e:37:72:4b:55:
         c8:de:65:f0:c7:16:24:81:9e:34:b2:42:47:60:77:37:8f:21:
         ab:50:d3:c6:15:9a:c2:fe:95:19:3c:62:d7:25:51:cb:56:62:
         72:76:16:36:fb:bc:3b:c5:b2:7e:ba:78:d7:3c:56:81:19:68:
         ad:25:f3:02:db:16:f5:bb:13:e2:23:df:ff:b8:ec:04:b6:4c:
         48:e4:7e:d6:6f:4a:41:7e:80:e7:a8:07:6a:b8:bc:91:f8:7a:
         60:55:c0:e5:cf:48:a5:8f:3c:36:b6:99:a8:5b:70:f7:5a:cb:
         e4:66:17:92:6b:55:d5:05:5f:92:e8:27:6a:0d:53:72:b0:b7:
         95:5f:d7:b7:14:26:2a:79:77:46:7b:6c:20:bb:6e:e7:cc:08:
         4d:41:d1:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oKwyHuy0YFtT8e/KqGiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUwNjI4MTMwMTEyWhcNMjUwNjI5MTMwMTEyWjAzMTEwLwYDVQQD
EygyY2YzZTU0YjI2ODJkZDI4MDllMDIwZGVlZTVhODE0NGM3OWI1MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw+2feXnq1KnAIbMx6zbNwUYJAAE
StMUcLirQ69+ffBQMa8VTx/v9ALovBgb0+b1aswLq1yEcXUAD34D1AAvrct8oAB5
POg4eySlhueHn4pcpM9jdux5QeOC8guWrfDLAg8ssKy/WbP1WmZVW7av7nRSTMsY
egH7s46/Wr6vb5BNRR7rhxCR2leb8meWJfm6uGw3QDxssmYUE5iTSeC7k11ozR3h
4m60F2klsy8A+KXjKJEZV2PmpoylL8UaMD7ZTHRXLD0BTfwRsxxqmyOPdI0c23fa
px3EtPTVVQGOtG+lQvS0NUWBBgrDayYKcQO5OpRhJlHNmzdOIg8qQAc4hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzz5Usmgt0oCeAg3u5agUTHm1KeMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYBzeWVBJ
PoB4eyex6vdYLbiImF4gTtn2Pr833VCpCJOiAZR76PFiigv0TiH9kDwIs3vr4Vos
5kObULIyr2uNqu9if56Mdy7kjXCKEkOm48TuamG2IrvbmkmhAWzmwYOPbd7N+aeq
LI43cktVyN5l8McWJIGeNLJCR2B3N48hq1DTxhWawv6VGTxi1yVRy1ZicnYWNvu8
O8Wyfrp41zxWgRlorSXzAtsW9bsT4iPf/7jsBLZMSOR+1m9KQX6A56gHari8kfh6
YFXA5c9IpY88NraZqFtw91rL5GYXkmtV1QVfkugnag1TcrC3lV/XtxQmKnl3Rnts
ILtu58wITUHR8w==
-----END CERTIFICATE-----