Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft
File:                     Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft (raw, json)
Hash identifier:          QVFAUAhAUUYgUyZNhRBchbCeDJlHzCpQrodYU9rldIQ=
Subject key identifier:   1E:A0:4C:7F:C5:2A:2E:F7:C1:89:F1:FC:21:7C:E8:8F:65:2E:54:3B
Authority key identifier: 21:CE:31:1C:8E:D6:0B:EF:1B:5E:4F:7D:3B:86:41:07:81:44:18:A3
Certificate issuer:       /CN=21ce311c8ed60bef1b5e4f7d3b864107814418a3
Certificate serial:       0198D7A941FA08FED340294ECBD0E6DDA246
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft
Manifest number:          09EB
Signing time:             Sat 23 Aug 2025 16:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:50 +0000
Files and hashes:         1: Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl (hash: hAj7BWzokOvVxytpufr8ddp56JN16crDvTjmZiCzhYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:41:fa:08:fe:d3:40:29:4e:cb:d0:e6:dd:a2:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21ce311c8ed60bef1b5e4f7d3b864107814418a3
        Validity
            Not Before: Aug 23 16:00:50 2025 GMT
            Not After : Aug 24 16:00:50 2025 GMT
        Subject: CN=1ea04c7fc52a2ef7c189f1fc217ce88f652e543b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:47:f2:9c:ec:24:4c:b0:93:45:c5:ac:a1:6e:
                    d4:2e:b7:1c:fc:18:06:8d:14:a1:93:a2:8b:5a:69:
                    e1:d6:55:c5:8a:25:56:c5:d4:13:a0:ea:fa:35:16:
                    fd:53:78:6c:aa:3e:96:49:3f:d5:35:12:96:37:d9:
                    b0:6f:12:53:50:95:39:a9:1c:fc:27:ab:a0:36:67:
                    65:db:44:ee:d5:21:ec:c9:07:23:1c:ed:c2:5a:cd:
                    77:6d:ef:7a:bb:0c:57:24:8e:c1:56:3b:fe:46:ed:
                    d7:81:41:7f:be:90:54:27:aa:b3:09:a9:f2:b9:ca:
                    3e:81:c8:a4:e5:3c:f9:c2:0e:33:67:cc:2f:4d:cc:
                    5e:3a:2c:ea:c3:cf:12:d6:ec:02:3a:88:97:a4:2f:
                    35:72:5e:3d:98:1f:7e:bc:37:30:0c:74:2b:8e:93:
                    a0:83:e1:e2:35:6b:2e:44:f4:6c:08:1f:00:95:c6:
                    ae:e4:e8:92:a5:7c:05:63:2e:33:8a:fa:3c:4e:93:
                    06:a8:ce:8b:c8:c9:ab:08:d3:4a:cb:d0:cb:65:20:
                    84:de:6e:f0:d4:ed:38:13:84:e5:03:e6:b8:07:e2:
                    8d:ce:04:1c:8f:40:d4:6d:af:2d:37:84:05:68:09:
                    10:53:7c:a2:db:bb:6f:de:75:f6:12:2e:de:dc:a0:
                    6b:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:A0:4C:7F:C5:2A:2E:F7:C1:89:F1:FC:21:7C:E8:8F:65:2E:54:3B
            X509v3 Authority Key Identifier:
                keyid:21:CE:31:1C:8E:D6:0B:EF:1B:5E:4F:7D:3B:86:41:07:81:44:18:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:5a:d8:73:7f:55:6d:51:45:9e:15:46:2a:17:cb:9d:19:32:
         87:71:69:dd:66:2f:73:c1:1b:9f:5b:04:b6:c8:ce:f1:b4:ad:
         7d:ed:c9:92:05:58:34:01:83:18:15:eb:48:ea:a8:0e:72:34:
         70:20:86:4f:70:d3:53:d8:58:90:5b:44:29:7a:81:e9:60:46:
         fb:c0:76:07:ae:d2:f3:47:3d:7c:b4:cb:2b:27:e1:45:fe:b1:
         d8:42:06:19:fb:8c:a6:02:b3:a9:5c:e1:38:55:7c:f1:f1:b0:
         10:28:f9:83:24:c2:cf:80:0b:d3:2b:c1:ed:58:02:3c:58:a0:
         05:db:4b:fe:e6:62:48:bb:80:a5:c9:e0:7c:47:46:46:69:4f:
         b5:aa:9b:65:29:35:dd:cc:a2:63:14:68:16:3d:51:9c:14:ad:
         24:3c:a2:b9:eb:c8:c9:8c:a7:da:c4:77:bf:96:48:14:17:a8:
         7d:40:59:c7:18:fd:00:1a:4b:81:78:a8:2a:c8:63:f8:ee:18:
         13:12:f7:83:c4:72:b1:82:e2:19:c1:3b:03:c2:12:e0:72:e6:
         48:59:e7:d3:60:28:51:b8:a8:29:ff:da:3d:4b:97:59:7e:b8:
         98:3f:82:a2:9a:8f:d0:f7:29:e0:b4:87:67:73:6e:2b:02:8b:
         d8:7a:bd:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqUH6CP7TQClOy9Dm3aJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2UzMTFjOGVkNjBiZWYxYjVlNGY3ZDNiODY0MTA3ODE0
NDE4YTMwHhcNMjUwODIzMTYwMDUwWhcNMjUwODI0MTYwMDUwWjAzMTEwLwYDVQQD
EygxZWEwNGM3ZmM1MmEyZWY3YzE4OWYxZmMyMTdjZTg4ZjY1MmU1NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEfynOwkTLCTRcWsoW7ULrcc/BgG
jRShk6KLWmnh1lXFiiVWxdQToOr6NRb9U3hsqj6WST/VNRKWN9mwbxJTUJU5qRz8
J6ugNmdl20Tu1SHsyQcjHO3CWs13be96uwxXJI7BVjv+Ru3XgUF/vpBUJ6qzCany
uco+gcik5Tz5wg4zZ8wvTcxeOizqw88S1uwCOoiXpC81cl49mB9+vDcwDHQrjpOg
g+HiNWsuRPRsCB8Alcau5OiSpXwFYy4zivo8TpMGqM6LyMmrCNNKy9DLZSCE3m7w
1O04E4TlA+a4B+KNzgQcj0DUba8tN4QFaAkQU3yi27tv3nX2Ei7e3KBr9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6gTH/FKi73wYnx/CF86I9lLlQ7MB8GA1UdIwQY
MBaAFCHOMRyO1gvvG15PfTuGQQeBRBijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82YmFjNTUtOWFhYS00NTMwLThmZjQt
NjAyN2E2ODM5YWU0LzEvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82YmFjNTUtOWFhYS00NTMwLThmZjQtNjAyN2E2ODM5YWU0
LzEvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFrYc39V
bVFFnhVGKhfLnRkyh3Fp3WYvc8Ebn1sEtsjO8bStfe3JkgVYNAGDGBXrSOqoDnI0
cCCGT3DTU9hYkFtEKXqB6WBG+8B2B67S80c9fLTLKyfhRf6x2EIGGfuMpgKzqVzh
OFV88fGwECj5gyTCz4AL0yvB7VgCPFigBdtL/uZiSLuApcngfEdGRmlPtaqbZSk1
3cyiYxRoFj1RnBStJDyiuevIyYyn2sR3v5ZIFBeofUBZxxj9ABpLgXioKshj+O4Y
ExL3g8RysYLiGcE7A8IS4HLmSFnn02AoUbioKf/aPUuXWX64mD+CopqP0Pcp4LSH
Z3NuKwKL2Hq9zA==
-----END CERTIFICATE-----