Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File:                     IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier:          Sq8kG42RqGdtSWvHAYFZkjcwQABvqStpIM26jWiol6Y=
Subject key identifier:   C6:20:8D:33:BC:70:41:A3:CE:7F:19:F2:C2:B5:93:92:D9:2F:11:7D
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer:       /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial:       0197715129CEB17775C89450374B87E69423
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number:          03A0
Signing time:             Sun 15 Jun 2025 02:00:33 +0000
Manifest this update:     Sun 15 Jun 2025 02:00:33 +0000
Manifest next update:     Mon 16 Jun 2025 02:00:33 +0000
Files and hashes:         1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: NrAG10h+H9axtW4Dbh2r2cJH2rT9/IXMxCm7Xk0/bkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 02:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:51:29:ce:b1:77:75:c8:94:50:37:4b:87:e6:94:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=204050cc59536f2d9407692823890ccdda854508
        Validity
            Not Before: Jun 15 02:00:33 2025 GMT
            Not After : Jun 16 02:00:33 2025 GMT
        Subject: CN=c6208d33bc7041a3ce7f19f2c2b59392d92f117d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:21:10:e7:89:86:40:12:e7:14:47:26:d3:8d:
                    ff:9a:fc:b3:f9:9c:90:e3:f4:0e:02:68:41:e3:a0:
                    48:86:1b:4f:16:f3:06:c5:9e:44:37:46:48:5c:39:
                    c9:c7:0e:bc:f5:a5:cf:24:bb:d2:2e:92:9d:ee:cd:
                    95:29:7c:74:8a:6e:d9:86:0d:51:82:a4:fe:c2:e9:
                    8c:f9:fe:b2:0e:a5:6e:2b:16:a9:1f:fc:07:b7:1e:
                    12:46:2d:43:14:21:c9:61:39:a5:84:75:08:ed:85:
                    d6:68:6c:76:5c:c7:8f:ab:84:80:e9:76:6e:75:e1:
                    e3:eb:37:d7:1d:1f:b7:0d:56:a5:ff:af:8e:4b:38:
                    da:f0:57:e9:12:60:53:60:b2:0c:fe:85:62:dc:34:
                    9f:e7:75:e4:4f:2d:f2:40:17:7c:46:bd:88:27:86:
                    4a:84:16:31:31:f4:b5:c0:ef:89:26:c8:7b:f4:4d:
                    9e:c3:20:ad:e4:d5:83:9e:17:9e:24:3d:2b:0f:cf:
                    41:91:5a:84:51:fa:55:77:61:c6:f1:70:1d:81:d2:
                    a7:b1:1b:1c:33:d0:fb:c4:b8:13:56:85:52:4f:0d:
                    b1:84:7a:ed:80:c7:4d:11:50:09:f4:28:d8:4d:84:
                    af:0d:83:b0:d2:5d:f4:54:ed:cf:5e:fc:b6:9c:5e:
                    0d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:20:8D:33:BC:70:41:A3:CE:7F:19:F2:C2:B5:93:92:D9:2F:11:7D
            X509v3 Authority Key Identifier:
                keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:59:a9:21:2a:81:0b:0b:0f:38:67:17:72:f8:61:93:93:fd:
         5a:8c:7b:24:7a:88:76:0b:b8:1e:ce:3a:9b:04:44:d0:49:d3:
         17:14:0c:d1:b1:fc:47:4a:74:b2:98:8a:d9:fc:d3:2d:53:0a:
         f9:c7:dc:ef:66:51:49:81:55:13:fa:64:d1:9f:03:94:9f:84:
         33:71:55:b9:b8:e4:f3:bd:9b:7d:de:c9:62:e6:dc:c8:b9:b7:
         34:e3:e7:05:c8:c1:a3:b6:84:e8:be:68:8f:08:80:00:86:93:
         8d:ce:2c:8f:df:b7:c7:fe:2d:41:77:50:0b:82:1e:3f:12:f6:
         23:d2:70:35:eb:a0:74:4b:e1:e5:4e:eb:f7:d0:7a:db:df:1e:
         ba:2c:62:47:b5:7f:22:2c:fb:90:3a:3f:2c:7f:22:2e:43:f4:
         2f:7e:8a:07:58:9f:8e:ab:84:04:61:da:d1:eb:1e:63:e6:62:
         7b:e0:20:a9:9f:c8:5e:6c:23:82:fc:de:d9:ac:e6:2b:87:b3:
         54:ee:5f:dc:47:dd:b2:d8:56:5d:0e:e1:40:f4:1c:93:65:4f:
         4a:d9:99:05:05:6b:54:4c:bd:d0:de:2e:12:21:4e:ff:75:6a:
         9d:58:92:5d:db:e7:22:66:c6:55:06:53:21:d0:54:52:18:7b:
         c7:82:e0:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxUSnOsXd1yJRQN0uH5pQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjUwNjE1MDIwMDMzWhcNMjUwNjE2MDIwMDMzWjAzMTEwLwYDVQQD
EyhjNjIwOGQzM2JjNzA0MWEzY2U3ZjE5ZjJjMmI1OTM5MmQ5MmYxMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSEQ54mGQBLnFEcm043/mvyz+ZyQ
4/QOAmhB46BIhhtPFvMGxZ5EN0ZIXDnJxw689aXPJLvSLpKd7s2VKXx0im7Zhg1R
gqT+wumM+f6yDqVuKxapH/wHtx4SRi1DFCHJYTmlhHUI7YXWaGx2XMePq4SA6XZu
deHj6zfXHR+3DVal/6+OSzja8FfpEmBTYLIM/oVi3DSf53XkTy3yQBd8Rr2IJ4ZK
hBYxMfS1wO+JJsh79E2ewyCt5NWDnheeJD0rD89BkVqEUfpVd2HG8XAdgdKnsRsc
M9D7xLgTVoVSTw2xhHrtgMdNEVAJ9CjYTYSvDYOw0l30VO3PXvy2nF4N7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYgjTO8cEGjzn8Z8sK1k5LZLxF9MB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASFmpISqB
CwsPOGcXcvhhk5P9Wox7JHqIdgu4Hs46mwRE0EnTFxQM0bH8R0p0spiK2fzTLVMK
+cfc72ZRSYFVE/pk0Z8DlJ+EM3FVubjk872bfd7JYubcyLm3NOPnBcjBo7aE6L5o
jwiAAIaTjc4sj9+3x/4tQXdQC4IePxL2I9JwNeugdEvh5U7r99B6298euixiR7V/
Iiz7kDo/LH8iLkP0L36KB1ifjquEBGHa0eseY+Zie+AgqZ/IXmwjgvze2azmK4ez
VO5f3EfdsthWXQ7hQPQck2VPStmZBQVrVEy90N4uEiFO/3VqnViSXdvnImbGVQZT
IdBUUhh7x4LgtQ==
-----END CERTIFICATE-----