Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          OgVW8DboG7h1P2PWCWHDs3CCbFO5ErtBKrkXcoLE+YY=
Subject key identifier:   3A:CC:14:82:B9:C7:41:B1:02:5B:5A:43:0B:73:ED:56:D9:C0:CE:86
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0196BB9218D52C8D8AC92F41416FFD1C8662
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          023F
Signing time:             Sat 10 May 2025 19:00:36 +0000
Manifest this update:     Sat 10 May 2025 19:00:36 +0000
Manifest next update:     Sun 11 May 2025 19:00:36 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: lblReXA8roZo1YPKdlQ37YpAWJJ2JZdIQng3kuwEzgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:92:18:d5:2c:8d:8a:c9:2f:41:41:6f:fd:1c:86:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: May 10 19:00:36 2025 GMT
            Not After : May 11 19:00:36 2025 GMT
        Subject: CN=3acc1482b9c741b1025b5a430b73ed56d9c0ce86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:55:08:5b:6e:e5:72:42:98:48:ad:9e:bb:99:
                    94:8e:5f:f5:47:09:e1:cd:2e:e2:eb:6e:c2:a3:00:
                    71:83:aa:81:1c:7a:6d:1d:d0:e2:f4:6c:94:25:1d:
                    a3:21:f2:db:9b:97:60:65:82:91:90:07:9d:0b:58:
                    20:67:1a:d3:b6:a6:ad:8c:ab:b9:91:60:12:22:63:
                    74:f1:31:9d:ef:1c:8e:8f:9e:01:84:ce:15:48:cf:
                    08:6a:50:b3:b4:84:03:4e:58:f8:b9:2e:c3:f8:fd:
                    7f:09:ce:e6:5f:14:94:99:74:02:a5:ea:ec:e6:47:
                    5f:97:5d:ed:a5:ed:bd:d8:f0:a6:92:25:76:cd:d9:
                    7f:32:62:2a:06:19:58:19:9b:94:72:e8:2a:36:08:
                    77:f3:76:7a:76:bf:a9:06:1a:45:8b:e6:a8:50:03:
                    3e:06:19:f6:bb:27:d1:c5:df:43:6c:33:ff:1e:4c:
                    54:1a:51:3e:9c:78:af:60:92:ec:17:c8:6e:c0:38:
                    9a:94:f1:d5:b0:fa:cc:8e:52:e0:25:77:2b:37:ca:
                    8a:d4:43:9f:11:71:d8:22:05:8e:a2:28:e6:10:c9:
                    da:59:57:78:bc:d1:03:ca:16:c2:63:8d:d4:4d:5a:
                    e6:e1:e2:9a:a4:a7:f7:5b:bb:1d:15:4c:a5:0a:9a:
                    b5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:CC:14:82:B9:C7:41:B1:02:5B:5A:43:0B:73:ED:56:D9:C0:CE:86
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:fe:f9:dd:c0:28:75:77:6e:69:cd:4a:8e:58:01:f8:b5:b5:
         5b:31:16:35:c1:47:03:fd:d2:cc:62:b9:c8:52:28:2a:e4:2a:
         d9:07:3e:ba:53:bf:43:db:01:ee:5a:00:f6:40:47:44:ec:46:
         2b:fc:33:c8:05:6e:db:b7:a3:5d:57:c6:7c:2f:5a:77:55:1b:
         54:ca:19:84:d7:50:ab:af:8b:74:29:fa:b1:a4:9f:b4:dd:6b:
         ff:3c:c5:65:24:e1:59:7c:0f:b9:55:7f:ea:0d:d7:1b:af:c3:
         15:cf:c9:91:98:4f:cf:60:6d:3c:0d:c9:96:c2:6f:bf:6e:41:
         6a:b3:92:e3:3c:ac:ff:41:0b:1a:a5:d2:75:69:7b:fe:26:f3:
         f3:cf:7e:16:30:3f:6c:5c:20:4b:4c:f6:97:e1:29:0c:67:b7:
         84:18:77:5d:33:96:1e:ab:ee:9d:ac:39:ef:69:0f:69:9e:d6:
         cb:71:ba:53:48:06:44:95:d1:05:20:fe:fe:54:98:81:05:31:
         b1:a1:b3:53:c6:d3:af:72:fc:0a:45:fe:db:5b:70:25:e9:1c:
         e9:b4:48:e1:8d:2a:d0:bd:bc:46:c9:02:28:e8:f3:11:e4:58:
         01:44:20:77:52:fb:7a:f8:44:b1:96:b7:40:40:a6:6c:9c:13:
         91:fc:90:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7khjVLI2KyS9BQW/9HIZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUwNTEwMTkwMDM2WhcNMjUwNTExMTkwMDM2WjAzMTEwLwYDVQQD
EygzYWNjMTQ4MmI5Yzc0MWIxMDI1YjVhNDMwYjczZWQ1NmQ5YzBjZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1UIW27lckKYSK2eu5mUjl/1Rwnh
zS7i627CowBxg6qBHHptHdDi9GyUJR2jIfLbm5dgZYKRkAedC1ggZxrTtqatjKu5
kWASImN08TGd7xyOj54BhM4VSM8IalCztIQDTlj4uS7D+P1/Cc7mXxSUmXQCpers
5kdfl13tpe292PCmkiV2zdl/MmIqBhlYGZuUcugqNgh383Z6dr+pBhpFi+aoUAM+
Bhn2uyfRxd9DbDP/HkxUGlE+nHivYJLsF8huwDialPHVsPrMjlLgJXcrN8qK1EOf
EXHYIgWOoijmEMnaWVd4vNEDyhbCY43UTVrm4eKapKf3W7sdFUylCpq18wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrMFIK5x0GxAltaQwtz7VbZwM6GMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkP753cAo
dXduac1KjlgB+LW1WzEWNcFHA/3SzGK5yFIoKuQq2Qc+ulO/Q9sB7loA9kBHROxG
K/wzyAVu27ejXVfGfC9ad1UbVMoZhNdQq6+LdCn6saSftN1r/zzFZSThWXwPuVV/
6g3XG6/DFc/JkZhPz2BtPA3JlsJvv25BarOS4zys/0ELGqXSdWl7/ibz889+FjA/
bFwgS0z2l+EpDGe3hBh3XTOWHqvunaw572kPaZ7Wy3G6U0gGRJXRBSD+/lSYgQUx
saGzU8bTr3L8CkX+21twJekc6bRI4Y0q0L28RskCKOjzEeRYAUQgd1L7evhEsZa3
QECmbJwTkfyQ0A==
-----END CERTIFICATE-----