Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          FJshJ06Y9elvD1oJ8WMLnjBtYePcsKf8KQzGNXA3OYw=
Subject key identifier:   C8:9B:04:0C:A1:B0:7E:EE:8E:BB:AF:F6:C2:78:19:B1:1E:FB:8F:04
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       01989CDDA1F21B62BBAD2C38CA8E4F56B1F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          1629
Signing time:             Tue 12 Aug 2025 06:00:27 +0000
Manifest this update:     Tue 12 Aug 2025 06:00:27 +0000
Manifest next update:     Wed 13 Aug 2025 06:00:27 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: FMxrs3e/fb/mxbznLceWVrYhs0OlBKwmNQWbuCsQmno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9c:dd:a1:f2:1b:62:bb:ad:2c:38:ca:8e:4f:56:b1:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Aug 12 06:00:27 2025 GMT
            Not After : Aug 13 06:00:27 2025 GMT
        Subject: CN=c89b040ca1b07eee8ebbaff6c27819b11efb8f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b4:0a:05:74:59:9e:82:4f:c4:a2:20:0d:db:
                    d2:5c:df:fd:b4:bb:30:5d:13:f3:37:ca:70:79:b1:
                    68:5d:d5:c5:b7:24:be:c5:f5:1c:1b:7e:3b:7c:14:
                    b3:42:ce:57:30:25:7d:0e:31:d4:11:21:1a:da:36:
                    35:56:d3:40:ac:dd:32:28:06:c6:b7:65:aa:4d:ff:
                    38:36:94:a4:0c:f6:3e:ed:1f:64:0b:d7:31:3f:c2:
                    57:5a:ce:fd:1b:7b:12:01:d8:e6:7f:c5:4b:f7:e6:
                    1b:64:b4:0f:14:e7:a3:1d:2c:e2:5d:e3:8b:87:68:
                    c4:b9:e8:a2:55:c1:d9:9a:39:a2:92:7a:9b:fc:10:
                    85:8d:51:ea:08:ca:fd:86:36:75:9a:e1:82:c8:fa:
                    26:91:61:be:ed:71:dc:d1:a2:37:73:5b:20:ff:be:
                    b1:ec:be:4f:61:d0:d7:61:9e:1c:23:a6:46:eb:11:
                    37:df:5e:54:6d:e5:b4:cd:6e:c8:d7:16:79:83:32:
                    79:f0:bb:25:f4:29:f4:ee:0e:f3:3e:54:09:20:c5:
                    80:20:09:cd:8d:cb:41:cd:73:ca:08:c3:94:d4:76:
                    ac:49:fc:c4:1b:13:39:a1:48:5f:30:25:37:6e:55:
                    f8:0c:83:55:b0:5d:29:ad:60:0a:0c:a1:a6:9d:6a:
                    e9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:9B:04:0C:A1:B0:7E:EE:8E:BB:AF:F6:C2:78:19:B1:1E:FB:8F:04
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:3b:ae:7c:e7:59:a5:af:09:2f:64:0b:a3:ca:97:47:fb:25:
         3d:ca:de:f9:cf:0b:c0:36:d2:8b:43:a8:d5:29:f0:5d:eb:8c:
         2e:7c:d1:fc:e8:60:c5:69:82:6e:8c:d8:75:a9:8b:34:35:1f:
         6d:04:4a:fc:33:09:5a:a5:a0:8a:b5:ee:9e:0b:43:43:0f:92:
         00:ee:70:9e:ef:29:06:0a:31:8c:c5:fd:8b:87:ec:43:30:20:
         4c:eb:3e:b8:a8:e2:a9:30:7d:e2:df:8d:85:8d:3b:ef:5f:46:
         2a:cb:0a:4f:3f:0f:3b:42:39:3e:f4:53:0d:4f:32:33:2c:f1:
         c9:8f:cb:ee:5c:0c:c8:8e:3d:fb:21:d5:ca:e5:ea:97:a7:a6:
         fc:10:00:11:bf:bc:b8:d2:f0:f1:35:2f:70:3b:d8:fa:fb:6e:
         cf:17:0d:f3:1c:73:9c:f5:c8:45:d7:e1:3a:63:02:86:1d:4a:
         e5:2f:08:fa:a5:81:3c:9e:e4:a9:9e:c6:85:cf:24:e2:34:52:
         8e:93:17:19:d7:bc:d7:eb:3f:b7:f6:50:09:d7:a8:9c:46:eb:
         80:03:fd:cf:c1:32:d8:f8:dc:a2:37:6d:90:39:49:a9:02:ce:
         cc:00:fc:72:3f:e9:d6:73:7d:90:0c:c9:f5:8b:10:65:37:d8:
         e4:6a:e3:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZic3aHyG2K7rSw4yo5PVrH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwODEyMDYwMDI3WhcNMjUwODEzMDYwMDI3WjAzMTEwLwYDVQQD
EyhjODliMDQwY2ExYjA3ZWVlOGViYmFmZjZjMjc4MTliMTFlZmI4ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7QKBXRZnoJPxKIgDdvSXN/9tLsw
XRPzN8pwebFoXdXFtyS+xfUcG347fBSzQs5XMCV9DjHUESEa2jY1VtNArN0yKAbG
t2WqTf84NpSkDPY+7R9kC9cxP8JXWs79G3sSAdjmf8VL9+YbZLQPFOejHSziXeOL
h2jEueiiVcHZmjmiknqb/BCFjVHqCMr9hjZ1muGCyPomkWG+7XHc0aI3c1sg/76x
7L5PYdDXYZ4cI6ZG6xE3315UbeW0zW7I1xZ5gzJ58Lsl9Cn07g7zPlQJIMWAIAnN
jctBzXPKCMOU1HasSfzEGxM5oUhfMCU3blX4DINVsF0prWAKDKGmnWrpzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMibBAyhsH7ujruv9sJ4GbEe+48EMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTuufOdZ
pa8JL2QLo8qXR/slPcre+c8LwDbSi0Oo1SnwXeuMLnzR/OhgxWmCbozYdamLNDUf
bQRK/DMJWqWgirXungtDQw+SAO5wnu8pBgoxjMX9i4fsQzAgTOs+uKjiqTB94t+N
hY07719GKssKTz8PO0I5PvRTDU8yMyzxyY/L7lwMyI49+yHVyuXql6em/BAAEb+8
uNLw8TUvcDvY+vtuzxcN8xxznPXIRdfhOmMChh1K5S8I+qWBPJ7kqZ7Ghc8k4jRS
jpMXGde81+s/t/ZQCdeonEbrgAP9z8Ey2PjcojdtkDlJqQLOzAD8cj/p1nN9kAzJ
9YsQZTfY5GrjMg==
-----END CERTIFICATE-----