Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          HLG4S2dWd1ROErctBon7U0XKXOsGkQfq5BGkZOlrWU4=
Subject key identifier:   C7:1C:58:B4:55:E0:90:B5:5C:62:64:EE:5C:8A:7F:44:EF:DB:88:7C
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       01977AC244768082D399FFF05B0EDAC68F4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          09F8
Signing time:             Mon 16 Jun 2025 22:00:41 +0000
Manifest this update:     Mon 16 Jun 2025 22:00:41 +0000
Manifest next update:     Tue 17 Jun 2025 22:00:41 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: VSAEupyzSMY+2DZB7WDoOEWzT2A3RD0WICBNdPMDKVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:c2:44:76:80:82:d3:99:ff:f0:5b:0e:da:c6:8f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Jun 16 22:00:41 2025 GMT
            Not After : Jun 17 22:00:41 2025 GMT
        Subject: CN=c71c58b455e090b55c6264ee5c8a7f44efdb887c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:75:8a:60:30:2c:69:55:81:3a:5c:7b:55:1d:
                    8d:56:7c:15:fd:0f:9e:8c:eb:e6:c4:d4:5d:eb:21:
                    a2:fc:7d:41:85:15:6e:38:8e:24:03:5e:ed:86:cf:
                    0b:11:c6:41:14:36:2f:ca:da:f0:32:f2:b5:df:9c:
                    03:74:32:4b:8a:a3:e4:1a:6f:eb:bc:f4:00:85:94:
                    a2:03:76:93:6b:80:56:86:c2:74:d8:87:ea:72:b4:
                    24:9f:f6:df:2c:11:d1:9a:38:10:ec:1a:f2:d1:52:
                    ef:41:5b:99:07:ef:ed:ba:c4:6d:69:a1:a1:bb:d5:
                    ed:35:4c:53:cf:8d:1d:c5:c1:94:2b:3e:1b:43:af:
                    87:76:01:22:f8:8b:41:cb:28:fd:4e:96:8b:b6:9d:
                    11:42:e3:8d:53:29:57:a6:34:b1:b1:83:11:a6:ad:
                    4f:ac:41:d8:3e:18:ea:be:80:ed:20:a3:14:d4:5d:
                    20:25:52:34:44:b8:84:7f:1f:58:e5:f2:32:0d:9f:
                    0d:3a:c4:d6:5e:ce:54:df:f6:97:b2:f6:02:be:bb:
                    07:b3:82:84:1f:d5:f7:53:25:f6:0e:03:b3:44:02:
                    97:90:de:32:22:19:d2:0f:11:6d:62:e5:fb:3d:90:
                    f3:8c:33:9a:88:f1:73:75:43:55:dd:3a:5a:38:25:
                    0d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:1C:58:B4:55:E0:90:B5:5C:62:64:EE:5C:8A:7F:44:EF:DB:88:7C
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:68:86:59:bb:38:3a:05:8b:88:88:97:89:fd:af:b3:65:92:
         a1:74:7f:88:04:66:5e:6f:6a:24:6f:10:de:f9:49:35:3b:9a:
         63:09:e1:cd:65:36:8c:ca:43:ec:af:75:87:f6:20:21:eb:c1:
         b3:96:83:e0:bd:04:66:35:bf:97:15:6e:77:82:86:04:6a:0b:
         42:9d:aa:c9:b6:f3:06:80:16:0e:d2:04:82:de:41:d9:20:f1:
         69:fb:3b:7f:cd:23:3c:e7:0d:78:70:45:65:d5:cc:29:83:8b:
         f3:5c:5b:fc:ae:c4:8f:2e:74:19:d1:d8:47:1b:a8:1c:f2:75:
         9e:9b:ba:7a:5e:e8:f6:b8:1a:23:79:c4:30:81:65:3d:c7:36:
         22:dd:af:65:ae:95:ad:05:24:8f:15:1b:db:82:de:8b:a4:f0:
         86:46:62:a8:a3:f0:05:be:df:2b:c8:ce:2c:ff:f0:63:91:40:
         80:8b:d0:9f:9d:df:64:85:b2:b0:5a:29:fc:ff:3d:4c:7d:29:
         db:5e:e1:d1:f2:ab:2b:69:90:f0:f2:62:81:7f:83:53:7e:58:
         ea:c8:5d:2f:a8:2a:22:a0:c6:26:33:1f:c8:62:dc:3a:51:1a:
         a5:ca:df:39:ab:74:6f:3b:6a:4f:df:40:30:a9:f0:29:8d:6e:
         f4:79:61:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6wkR2gILTmf/wWw7axo9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwNjE2MjIwMDQxWhcNMjUwNjE3MjIwMDQxWjAzMTEwLwYDVQQD
EyhjNzFjNThiNDU1ZTA5MGI1NWM2MjY0ZWU1YzhhN2Y0NGVmZGI4ODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3WKYDAsaVWBOlx7VR2NVnwV/Q+e
jOvmxNRd6yGi/H1BhRVuOI4kA17ths8LEcZBFDYvytrwMvK135wDdDJLiqPkGm/r
vPQAhZSiA3aTa4BWhsJ02IfqcrQkn/bfLBHRmjgQ7Bry0VLvQVuZB+/tusRtaaGh
u9XtNUxTz40dxcGUKz4bQ6+HdgEi+ItByyj9TpaLtp0RQuONUylXpjSxsYMRpq1P
rEHYPhjqvoDtIKMU1F0gJVI0RLiEfx9Y5fIyDZ8NOsTWXs5U3/aXsvYCvrsHs4KE
H9X3UyX2DgOzRAKXkN4yIhnSDxFtYuX7PZDzjDOaiPFzdUNV3TpaOCUNpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMccWLRV4JC1XGJk7lyKf0Tv24h8MB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAamiGWbs4
OgWLiIiXif2vs2WSoXR/iARmXm9qJG8Q3vlJNTuaYwnhzWU2jMpD7K91h/YgIevB
s5aD4L0EZjW/lxVud4KGBGoLQp2qybbzBoAWDtIEgt5B2SDxafs7f80jPOcNeHBF
ZdXMKYOL81xb/K7Ejy50GdHYRxuoHPJ1npu6el7o9rgaI3nEMIFlPcc2It2vZa6V
rQUkjxUb24Lei6TwhkZiqKPwBb7fK8jOLP/wY5FAgIvQn53fZIWysFop/P89TH0p
217h0fKrK2mQ8PJigX+DU35Y6shdL6gqIqDGJjMfyGLcOlEapcrfOat0bztqT99A
MKnwKY1u9HlhQg==
-----END CERTIFICATE-----