Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          L7F3h8V4xLC6JNAJMjBonvuxmq8u9UQQr7uo1U+ioWI=
Subject key identifier:   E5:6C:4D:75:FA:0B:B0:11:82:DC:E9:A6:48:F5:6C:E4:D2:E1:E9:6D
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       0196BD80A9FF3DFF3E551E45233FC22A6D0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          0678
Signing time:             Sun 11 May 2025 04:00:47 +0000
Manifest this update:     Sun 11 May 2025 04:00:47 +0000
Manifest next update:     Mon 12 May 2025 04:00:47 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: JkFV0cPKrY14LI7WxtqDiis4v97kVTYyuzlqsGHye+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 22:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:a9:ff:3d:ff:3e:55:1e:45:23:3f:c2:2a:6d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: May 11 04:00:47 2025 GMT
            Not After : May 12 04:00:47 2025 GMT
        Subject: CN=e56c4d75fa0bb01182dce9a648f56ce4d2e1e96d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f7:fd:33:27:cc:02:c8:95:3f:56:4c:ca:08:
                    be:fa:ed:84:19:a0:b6:e9:b7:a3:86:7a:77:cb:2f:
                    fa:f7:c3:82:ad:aa:dd:ab:f1:95:b0:67:50:3f:7a:
                    f9:eb:1c:ab:e9:ac:0d:ce:b0:66:a9:31:5c:11:31:
                    e8:06:0f:c9:4e:1f:3f:70:3f:a3:ca:9f:f2:10:e2:
                    b2:e7:77:db:da:f2:14:7e:09:08:c2:7c:6c:1a:a3:
                    3d:bc:ce:be:70:43:b4:80:2c:49:86:fb:d7:71:e4:
                    b8:b8:76:56:9b:87:b3:62:d0:82:63:58:0b:b4:f5:
                    43:16:5d:22:ff:17:8b:3b:bc:dd:0f:36:eb:46:ac:
                    43:39:79:4b:a2:30:42:3a:dd:c0:21:a1:de:c9:07:
                    b6:f6:dc:b8:8c:40:e7:a1:3a:88:be:a6:bb:4d:be:
                    19:f9:3c:f9:ea:de:36:53:3a:fa:3e:4c:32:2e:b5:
                    1b:f9:91:04:67:17:55:14:85:86:39:98:84:9f:6d:
                    29:2e:20:e3:0d:e9:f9:5f:2a:10:27:7b:1d:f0:3e:
                    81:bf:c6:c9:1d:04:5c:c8:a8:d0:0b:0c:03:29:dc:
                    f5:d2:a9:19:13:79:61:27:bb:91:36:79:9d:7f:17:
                    7f:20:36:de:bf:2f:d5:3b:86:f0:5e:20:c8:8a:d3:
                    8d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:6C:4D:75:FA:0B:B0:11:82:DC:E9:A6:48:F5:6C:E4:D2:E1:E9:6D
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:40:af:93:e4:01:75:7d:ac:8e:b2:49:fd:d6:8d:1d:f8:4c:
         21:86:d6:bf:5c:51:a6:3e:97:11:e7:89:cb:55:94:21:04:cc:
         76:3e:be:f7:b8:cc:81:8a:6b:3b:0b:ba:c9:13:f3:2f:6b:8e:
         f2:7f:a0:f9:cf:2e:a9:90:d3:96:6b:6a:62:82:a0:df:ff:0d:
         a1:d4:72:1b:e7:64:bc:c7:81:52:14:31:68:0d:0d:8b:15:7d:
         99:f3:32:50:94:68:85:df:53:dc:d2:9e:f2:f1:6d:50:bf:8f:
         39:9f:9e:84:df:fa:93:9c:f5:05:f7:9a:1c:b4:da:83:79:92:
         a4:dc:8d:d5:20:af:e4:78:b0:f3:64:23:c7:22:71:93:bc:f5:
         73:71:28:4f:ca:ee:a7:f4:69:f5:81:3f:fb:7b:d6:34:d1:71:
         0a:c6:aa:51:4a:1a:1f:3a:53:58:bc:bc:72:64:36:27:82:17:
         f7:b3:d6:09:e7:92:31:2b:ea:66:e7:b6:dd:8e:3e:91:b5:b8:
         b3:74:dd:aa:81:37:10:f9:8e:32:a8:d0:1e:b8:52:0f:48:66:
         a1:f5:0d:9b:f3:19:78:0b:b5:f0:b9:80:c0:ed:14:0c:b1:a0:
         76:02:00:8c:73:0a:1e:21:be:dc:3a:41:3b:b2:99:f2:f5:82:
         05:bc:4e:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gKn/Pf8+VR5FIz/CKm0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUwNTExMDQwMDQ3WhcNMjUwNTEyMDQwMDQ3WjAzMTEwLwYDVQQD
EyhlNTZjNGQ3NWZhMGJiMDExODJkY2U5YTY0OGY1NmNlNGQyZTFlOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPf9MyfMAsiVP1ZMygi++u2EGaC2
6bejhnp3yy/698OCrardq/GVsGdQP3r56xyr6awNzrBmqTFcETHoBg/JTh8/cD+j
yp/yEOKy53fb2vIUfgkIwnxsGqM9vM6+cEO0gCxJhvvXceS4uHZWm4ezYtCCY1gL
tPVDFl0i/xeLO7zdDzbrRqxDOXlLojBCOt3AIaHeyQe29ty4jEDnoTqIvqa7Tb4Z
+Tz56t42Uzr6PkwyLrUb+ZEEZxdVFIWGOZiEn20pLiDjDen5XyoQJ3sd8D6Bv8bJ
HQRcyKjQCwwDKdz10qkZE3lhJ7uRNnmdfxd/IDbevy/VO4bwXiDIitONBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVsTXX6C7ARgtzppkj1bOTS4eltMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakCvk+QB
dX2sjrJJ/daNHfhMIYbWv1xRpj6XEeeJy1WUIQTMdj6+97jMgYprOwu6yRPzL2uO
8n+g+c8uqZDTlmtqYoKg3/8NodRyG+dkvMeBUhQxaA0NixV9mfMyUJRohd9T3NKe
8vFtUL+POZ+ehN/6k5z1BfeaHLTag3mSpNyN1SCv5Hiw82QjxyJxk7z1c3EoT8ru
p/Rp9YE/+3vWNNFxCsaqUUoaHzpTWLy8cmQ2J4IX97PWCeeSMSvqZue23Y4+kbW4
s3TdqoE3EPmOMqjQHrhSD0hmofUNm/MZeAu18LmAwO0UDLGgdgIAjHMKHiG+3DpB
O7KZ8vWCBbxOug==
-----END CERTIFICATE-----