Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
File:                     ICsQHBBwOrYDIfxj3NZpClJNuxA.mft (raw, json)
Hash identifier:          edOYsLcAAVqPl3AdfE+JwSLfwoj4RDANOaQpuxBcLH4=
Subject key identifier:   7F:C5:78:10:4B:22:59:3D:18:0E:A2:90:EC:2C:C2:26:18:B4:29:B7
Authority key identifier: 20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
Certificate issuer:       /CN=202b101c10703ab60321fc63dcd6690a524dbb10
Certificate serial:       019896A617768DBB3C6B0509C13C48456C2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
Manifest number:          099C
Signing time:             Mon 11 Aug 2025 01:02:04 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:04 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:04 +0000
Files and hashes:         1: ICsQHBBwOrYDIfxj3NZpClJNuxA.crl (hash: 0M9lbDyO/vwPi1ctJTMzciRIdLoY/ppdFczsfUPyifQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:17:76:8d:bb:3c:6b:05:09:c1:3c:48:45:6c:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202b101c10703ab60321fc63dcd6690a524dbb10
        Validity
            Not Before: Aug 11 01:02:04 2025 GMT
            Not After : Aug 12 01:02:04 2025 GMT
        Subject: CN=7fc578104b22593d180ea290ec2cc22618b429b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:20:2d:b0:84:9b:19:34:3f:d0:aa:e5:30:d1:
                    2e:99:39:26:eb:35:9b:47:9e:2c:10:e9:22:09:fa:
                    96:fe:34:3e:6b:b1:e2:d6:85:91:09:46:ef:eb:13:
                    27:89:10:05:21:fc:8e:cc:68:82:87:a2:99:3e:ed:
                    3b:d4:d0:fc:f1:5f:9f:5d:f9:ba:40:91:ce:34:ea:
                    78:2f:c2:41:fa:3d:ab:27:08:57:93:ba:4a:0d:69:
                    ab:ca:ba:a3:f0:0d:ee:80:cf:6f:48:57:e2:59:3d:
                    46:8e:54:40:0b:2a:f9:91:c2:58:98:67:39:17:76:
                    97:b8:78:6d:1d:1d:1b:11:b6:95:7d:71:9a:f0:f0:
                    af:c5:4c:3d:7b:e8:f6:d8:50:7e:2e:ed:a2:4c:5b:
                    86:29:c4:bf:fd:f2:d5:f6:6d:e7:26:01:49:1e:1b:
                    45:ad:93:36:41:f1:ba:6d:d5:06:b4:4d:f8:2a:b5:
                    f7:ec:79:38:ba:bf:38:54:64:85:dc:60:19:61:88:
                    7d:4a:e2:24:13:1d:26:71:0d:df:17:15:82:75:db:
                    d8:bf:05:b1:fe:82:4e:02:44:6b:4c:5e:8c:fc:8f:
                    b4:d2:02:0b:68:79:8b:e0:b7:63:fa:74:7b:b1:ef:
                    96:c1:8b:fe:6a:56:a8:e5:ed:eb:14:29:40:9c:da:
                    fc:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C5:78:10:4B:22:59:3D:18:0E:A2:90:EC:2C:C2:26:18:B4:29:B7
            X509v3 Authority Key Identifier:
                keyid:20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:f1:29:d3:6e:c6:48:88:07:e0:d4:77:90:a3:60:8f:63:ee:
         84:24:01:c8:e7:00:a3:b7:39:6e:8c:d6:1d:7c:7a:b0:0d:4d:
         d2:3d:42:21:4c:11:bc:ae:7b:a6:2d:bf:c7:f3:28:4f:df:96:
         8d:4e:6f:61:41:bb:7a:67:c6:00:2c:f3:66:35:a7:38:2b:e7:
         e9:dd:72:56:ee:f8:7f:0b:8f:45:c3:c7:6c:e9:b9:90:7c:b1:
         ad:49:0f:b1:c0:fd:3e:90:c2:fb:55:4f:e6:b3:db:49:ef:d6:
         05:25:d2:82:82:9b:b0:0c:8c:94:85:7d:97:22:a5:63:0f:66:
         a8:b1:44:1b:b9:e3:28:c2:d5:77:e5:a0:65:42:61:c7:86:9e:
         42:68:ab:68:73:af:b6:fb:29:45:4a:9b:1f:eb:e6:71:da:76:
         e2:67:6d:d4:0c:e0:2b:e4:39:6a:df:eb:53:29:bc:ce:69:7e:
         37:c0:00:e6:81:79:3c:07:98:39:69:bf:07:a2:a3:74:f1:5a:
         ea:d7:bc:db:bf:be:88:c2:b6:3b:f6:d6:33:a7:f5:41:4e:3f:
         61:b7:63:d1:14:77:33:47:bd:7b:ba:6b:52:f9:b1:3f:c5:78:
         77:bf:74:03:ec:90:b0:49:f5:24:4c:c4:b5:ef:c0:72:c1:a5:
         f1:ca:2e:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWphd2jbs8awUJwTxIRWwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmIxMDFjMTA3MDNhYjYwMzIxZmM2M2RjZDY2OTBhNTI0
ZGJiMTAwHhcNMjUwODExMDEwMjA0WhcNMjUwODEyMDEwMjA0WjAzMTEwLwYDVQQD
Eyg3ZmM1NzgxMDRiMjI1OTNkMTgwZWEyOTBlYzJjYzIyNjE4YjQyOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CAtsISbGTQ/0KrlMNEumTkm6zWb
R54sEOkiCfqW/jQ+a7Hi1oWRCUbv6xMniRAFIfyOzGiCh6KZPu071ND88V+fXfm6
QJHONOp4L8JB+j2rJwhXk7pKDWmryrqj8A3ugM9vSFfiWT1GjlRACyr5kcJYmGc5
F3aXuHhtHR0bEbaVfXGa8PCvxUw9e+j22FB+Lu2iTFuGKcS//fLV9m3nJgFJHhtF
rZM2QfG6bdUGtE34KrX37Hk4ur84VGSF3GAZYYh9SuIkEx0mcQ3fFxWCddvYvwWx
/oJOAkRrTF6M/I+00gILaHmL4Ldj+nR7se+WwYv+alao5e3rFClAnNr8TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/FeBBLIlk9GA6ikOwswiYYtCm3MB8GA1UdIwQY
MBaAFCArEBwQcDq2AyH8Y9zWaQpSTbsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYt
YTQ0YzhlNjU0ZGY2LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYtYTQ0YzhlNjU0ZGY2
LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvEp027G
SIgH4NR3kKNgj2PuhCQByOcAo7c5bozWHXx6sA1N0j1CIUwRvK57pi2/x/MoT9+W
jU5vYUG7emfGACzzZjWnOCvn6d1yVu74fwuPRcPHbOm5kHyxrUkPscD9PpDC+1VP
5rPbSe/WBSXSgoKbsAyMlIV9lyKlYw9mqLFEG7njKMLVd+WgZUJhx4aeQmiraHOv
tvspRUqbH+vmcdp24mdt1AzgK+Q5at/rUym8zml+N8AA5oF5PAeYOWm/B6KjdPFa
6te827++iMK2O/bWM6f1QU4/Ybdj0RR3M0e9e7prUvmxP8V4d790A+yQsEn1JEzE
te/AcsGl8coujg==
-----END CERTIFICATE-----