Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
File:                     IOsM1NM69OKLeobbIS2VkaC-YuM.mft (raw, json)
Hash identifier:          ZH8mbfc+67EoAh+QJNjU7j9ykdho75AS8Yt3fWhUSLE=
Subject key identifier:   37:11:73:F0:5E:1A:9F:FC:2F:7D:20:D5:7A:17:7B:AA:5E:73:50:83
Authority key identifier: 20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3
Certificate issuer:       /CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
Certificate serial:       0197696126C2CCB144CF35E9C1CCF7B62DB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
Manifest number:          11B1
Signing time:             Fri 13 Jun 2025 13:01:03 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:03 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:03 +0000
Files and hashes:         1: IOsM1NM69OKLeobbIS2VkaC-YuM.crl (hash: FkcFEWfF3e6uj/qjhX7rcEUB3jshJnICmApKenh6N+c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:26:c2:cc:b1:44:cf:35:e9:c1:cc:f7:b6:2d:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
        Validity
            Not Before: Jun 13 13:01:03 2025 GMT
            Not After : Jun 14 13:01:03 2025 GMT
        Subject: CN=371173f05e1a9ffc2f7d20d57a177baa5e735083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:25:a4:7c:ba:9d:40:57:8a:55:49:2a:fa:14:
                    49:bb:68:28:5d:59:00:ef:98:a4:6e:11:20:34:43:
                    e2:23:1a:2d:ee:06:92:e7:6d:17:c3:4c:88:07:78:
                    35:4f:77:98:69:1c:71:e3:53:47:6e:e5:c2:fa:50:
                    0f:4c:29:2a:54:94:3b:8e:4a:e3:e5:23:ee:26:8d:
                    87:eb:1c:4a:97:94:4b:a9:56:5d:46:58:f4:6b:c6:
                    3a:37:37:e1:f7:5a:1b:e0:2b:12:6e:f7:27:3d:27:
                    0f:df:60:49:22:66:6a:7c:01:5c:2a:8e:f0:3b:20:
                    60:90:4f:21:0a:ac:e4:65:77:21:bd:a4:f4:81:ed:
                    58:ba:f3:2a:c9:31:c5:39:bd:61:27:4f:a6:c8:c7:
                    bf:26:d0:cd:ce:59:11:e7:6c:64:56:38:85:fc:57:
                    03:fd:ab:08:3b:a4:ee:dc:01:a4:ca:51:b5:fa:4f:
                    02:86:d2:70:c6:d0:02:71:67:65:03:c0:e1:5f:2b:
                    6f:62:fc:be:da:01:de:ca:5b:cd:46:7d:f0:6f:13:
                    75:4a:63:09:c0:e0:03:d2:4e:05:8c:f7:3d:c7:5b:
                    e6:85:eb:41:e9:ea:4c:9f:b5:b6:ac:1e:1c:27:5c:
                    e8:4d:67:33:75:f5:e5:6c:ff:29:ed:83:3a:db:69:
                    76:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:11:73:F0:5E:1A:9F:FC:2F:7D:20:D5:7A:17:7B:AA:5E:73:50:83
            X509v3 Authority Key Identifier:
                keyid:20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:d3:6d:65:c5:09:0f:b6:ba:00:53:3f:3b:f0:d1:43:a4:73:
         fc:21:30:16:1c:49:c9:6b:d2:7f:36:82:cd:06:18:e6:91:ab:
         5c:76:2d:7d:b2:67:bf:92:d0:fe:36:fa:61:7a:14:17:93:16:
         b7:0d:94:98:00:a9:c8:31:b2:06:61:f6:64:82:64:0b:0d:3f:
         01:55:e5:c6:5b:48:38:e4:44:fc:55:c0:9a:22:5f:ac:61:59:
         ad:47:83:92:54:94:1d:69:ad:62:72:1a:38:9d:76:0f:0d:d5:
         b8:86:7a:d9:ba:9b:9b:d0:46:c4:81:51:1d:f6:ff:d8:37:5a:
         a4:db:45:c4:d2:bc:05:c8:a0:58:a4:eb:5b:a4:ef:df:7d:f1:
         06:d4:14:1b:b5:8d:2a:33:99:fb:94:10:e3:0c:03:24:8a:9a:
         25:f9:55:82:96:a2:75:76:82:b1:b8:38:f2:12:4e:e5:33:5f:
         29:24:08:5c:c7:20:07:e3:0c:20:95:5e:bb:8b:59:04:23:95:
         a4:ca:58:d7:bd:5a:c0:b3:9c:e4:db:93:ee:2e:76:3e:0d:1c:
         05:44:5a:09:72:70:a6:d2:0c:0a:dc:fe:88:a9:05:5c:f5:fa:
         39:90:92:77:1f:57:8f:14:7f:94:30:f5:2f:81:dd:27:79:28:
         2e:58:13:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYSbCzLFEzzXpwcz3ti21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWIwY2Q0ZDMzYWY0ZTI4YjdhODZkYjIxMmQ5NTkxYTBi
ZTYyZTMwHhcNMjUwNjEzMTMwMTAzWhcNMjUwNjE0MTMwMTAzWjAzMTEwLwYDVQQD
EygzNzExNzNmMDVlMWE5ZmZjMmY3ZDIwZDU3YTE3N2JhYTVlNzM1MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCWkfLqdQFeKVUkq+hRJu2goXVkA
75ikbhEgNEPiIxot7gaS520Xw0yIB3g1T3eYaRxx41NHbuXC+lAPTCkqVJQ7jkrj
5SPuJo2H6xxKl5RLqVZdRlj0a8Y6Nzfh91ob4CsSbvcnPScP32BJImZqfAFcKo7w
OyBgkE8hCqzkZXchvaT0ge1YuvMqyTHFOb1hJ0+myMe/JtDNzlkR52xkVjiF/FcD
/asIO6Tu3AGkylG1+k8ChtJwxtACcWdlA8DhXytvYvy+2gHeylvNRn3wbxN1SmMJ
wOAD0k4FjPc9x1vmhetB6epMn7W2rB4cJ1zoTWczdfXlbP8p7YM622l2HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDcRc/BeGp/8L30g1XoXe6pec1CDMB8GA1UdIwQY
MBaAFCDrDNTTOvTii3qG2yEtlZGgvmLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUt
NDU5ZDFlNmQwZWU5LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUtNDU5ZDFlNmQwZWU5
LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsdNtZcUJ
D7a6AFM/O/DRQ6Rz/CEwFhxJyWvSfzaCzQYY5pGrXHYtfbJnv5LQ/jb6YXoUF5MW
tw2UmACpyDGyBmH2ZIJkCw0/AVXlxltIOORE/FXAmiJfrGFZrUeDklSUHWmtYnIa
OJ12Dw3VuIZ62bqbm9BGxIFRHfb/2DdapNtFxNK8BcigWKTrW6Tv333xBtQUG7WN
KjOZ+5QQ4wwDJIqaJflVgpaidXaCsbg48hJO5TNfKSQIXMcgB+MMIJVeu4tZBCOV
pMpY171awLOc5NuT7i52Pg0cBURaCXJwptIMCtz+iKkFXPX6OZCSdx9XjxR/lDD1
L4HdJ3koLlgTBw==
-----END CERTIFICATE-----