Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          DFavs9rLWv9Jv9S5gMeiitzajzg+CO1yxDoIyRWyWiM=
Subject key identifier:   AC:A3:9D:DB:E5:74:DB:4C:F4:20:39:A7:58:AB:1C:8D:4C:7E:37:45
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0197BA7E51BA0A4614FBD82972C2770F88CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          02C3
Signing time:             Sun 29 Jun 2025 07:02:09 +0000
Manifest this update:     Sun 29 Jun 2025 07:02:09 +0000
Manifest next update:     Mon 30 Jun 2025 07:02:09 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: 4Pn3YWu4X+YaI3CzG/d+DsDL+dUNiYny6UGartydSqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 07:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7e:51:ba:0a:46:14:fb:d8:29:72:c2:77:0f:88:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Jun 29 07:02:09 2025 GMT
            Not After : Jun 30 07:02:09 2025 GMT
        Subject: CN=aca39ddbe574db4cf42039a758ab1c8d4c7e3745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:25:24:00:6c:6c:6f:fd:08:31:98:3a:20:ba:
                    7c:03:47:75:6f:f6:48:02:c8:25:2a:d9:6a:81:5e:
                    15:98:6c:64:63:bd:04:e7:a2:fd:0d:8e:0a:b4:b8:
                    67:8c:c0:56:2a:b5:c0:c7:17:25:20:30:ce:d6:e0:
                    a2:28:bb:40:dd:c3:93:f7:bf:60:52:16:87:23:26:
                    02:14:2d:cd:67:3d:0e:68:56:40:8e:33:65:fb:4f:
                    02:97:bf:a1:32:d9:f8:98:44:d6:57:b7:83:07:de:
                    74:dd:0f:27:fe:f4:61:67:0e:e6:60:50:f3:bc:38:
                    4a:91:f5:ed:7b:78:c0:34:75:af:c7:c9:d5:7a:a8:
                    fa:b6:b8:31:9a:7a:9d:b1:35:e4:a4:8c:cd:ed:7e:
                    a9:98:7f:bc:5f:89:b6:8e:21:06:c8:f1:c4:55:fd:
                    6a:3c:11:ea:70:13:52:eb:05:88:f5:1f:cf:73:b5:
                    2f:47:29:19:88:29:5c:ec:d7:61:6e:9d:48:ce:14:
                    70:a7:f1:27:59:8e:f2:b1:0f:e1:18:49:9b:04:9f:
                    9b:00:01:35:98:4c:b1:95:79:54:87:da:64:b0:23:
                    64:55:f4:27:b5:3f:30:85:87:2a:05:5c:d9:86:04:
                    98:b3:3f:ef:a7:df:fb:4c:53:7e:3e:da:ab:41:81:
                    5b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:A3:9D:DB:E5:74:DB:4C:F4:20:39:A7:58:AB:1C:8D:4C:7E:37:45
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:e8:8f:73:06:05:4f:69:bd:5f:91:23:95:ec:b7:21:b7:4b:
         78:5a:c9:3a:a5:de:da:ea:39:c0:82:5a:0a:12:c9:76:54:2e:
         8f:0f:64:c0:42:d6:c8:30:08:be:46:a6:49:dd:c5:b2:f6:33:
         52:aa:e6:91:1c:fc:ce:4f:f8:f0:2a:33:ec:5b:8e:59:38:e4:
         df:03:41:72:12:6c:83:50:eb:53:37:5c:36:96:b1:ce:ea:86:
         d2:cd:5b:21:1e:ca:f7:6f:a2:f3:77:9a:75:ff:fd:72:db:e8:
         ee:9b:85:1f:91:3b:77:99:e3:5c:9c:65:ed:a2:45:80:e1:d5:
         a6:b9:27:07:b4:7b:48:35:8e:61:a0:c4:b8:28:46:8e:ec:10:
         66:df:9a:dd:61:ba:b6:e8:35:0d:79:87:16:5b:7a:e1:30:65:
         a1:89:b2:fd:cc:85:46:06:8b:0a:cf:6a:57:7d:af:c8:fc:17:
         f2:1e:f8:52:79:a7:95:73:a5:e2:ea:ec:8d:4c:96:ed:26:80:
         1f:aa:8d:3c:b2:cf:b3:c0:c1:ad:e0:d7:cc:dc:34:3f:0e:25:
         63:6d:0e:e6:e6:16:19:df:3c:10:2e:3f:5b:54:61:1a:fc:70:
         c9:2b:e4:6e:80:01:93:31:d5:27:33:98:7d:14:f3:91:b0:ec:
         4a:84:58:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6flG6CkYU+9gpcsJ3D4jMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUwNjI5MDcwMjA5WhcNMjUwNjMwMDcwMjA5WjAzMTEwLwYDVQQD
EyhhY2EzOWRkYmU1NzRkYjRjZjQyMDM5YTc1OGFiMWM4ZDRjN2UzNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCUkAGxsb/0IMZg6ILp8A0d1b/ZI
AsglKtlqgV4VmGxkY70E56L9DY4KtLhnjMBWKrXAxxclIDDO1uCiKLtA3cOT979g
UhaHIyYCFC3NZz0OaFZAjjNl+08Cl7+hMtn4mETWV7eDB9503Q8n/vRhZw7mYFDz
vDhKkfXte3jANHWvx8nVeqj6trgxmnqdsTXkpIzN7X6pmH+8X4m2jiEGyPHEVf1q
PBHqcBNS6wWI9R/Pc7UvRykZiClc7Ndhbp1IzhRwp/EnWY7ysQ/hGEmbBJ+bAAE1
mEyxlXlUh9pksCNkVfQntT8whYcqBVzZhgSYsz/vp9/7TFN+PtqrQYFbMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyjndvldNtM9CA5p1irHI1MfjdFMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPeiPcwYF
T2m9X5Ejley3IbdLeFrJOqXe2uo5wIJaChLJdlQujw9kwELWyDAIvkamSd3FsvYz
UqrmkRz8zk/48Coz7FuOWTjk3wNBchJsg1DrUzdcNpaxzuqG0s1bIR7K92+i83ea
df/9ctvo7puFH5E7d5njXJxl7aJFgOHVprknB7R7SDWOYaDEuChGjuwQZt+a3WG6
tug1DXmHFlt64TBloYmy/cyFRgaLCs9qV32vyPwX8h74UnmnlXOl4ursjUyW7SaA
H6qNPLLPs8DBreDXzNw0Pw4lY20O5uYWGd88EC4/W1RhGvxwySvkboABkzHVJzOY
fRTzkbDsSoRYgw==
-----END CERTIFICATE-----