Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
File:                     iXlCagvNkDpVJkksxa97TysO2wQ.mft (raw, json)
Hash identifier:          N9gxqdDr3ynDFeCewuSgj4f4Uod4+u6GzGB+duqicLQ=
Subject key identifier:   31:FA:C3:95:A7:4A:F9:F2:AB:87:AE:9D:7B:34:A8:DC:4A:A0:6F:E7
Authority key identifier: 89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04
Certificate issuer:       /CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
Certificate serial:       01978B47DCEAAC00D4A42D6AA2DDB4BEC229
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
Manifest number:          0520
Signing time:             Fri 20 Jun 2025 03:00:31 +0000
Manifest this update:     Fri 20 Jun 2025 03:00:31 +0000
Manifest next update:     Sat 21 Jun 2025 03:00:31 +0000
Files and hashes:         1: iXlCagvNkDpVJkksxa97TysO2wQ.crl (hash: /fYPNwl+asXBWLbtXKsNOFXH7JAie47xnzjkLNhFk7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 21 Jun 2025 03:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:8b:47:dc:ea:ac:00:d4:a4:2d:6a:a2:dd:b4:be:c2:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
        Validity
            Not Before: Jun 20 03:00:31 2025 GMT
            Not After : Jun 21 03:00:31 2025 GMT
        Subject: CN=31fac395a74af9f2ab87ae9d7b34a8dc4aa06fe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3d:88:60:20:8a:eb:da:53:f1:6f:bd:f6:02:
                    02:70:cd:54:2e:dc:75:36:5e:35:f8:2b:b5:e4:78:
                    45:5d:09:4d:62:10:da:cc:83:eb:c5:dc:40:9b:e3:
                    c0:6c:07:93:83:cd:57:f7:3c:da:15:6b:57:fe:93:
                    b8:f1:07:96:c3:6e:94:42:dc:34:e6:53:1c:31:6e:
                    c4:15:b2:de:e8:b9:46:58:5d:9f:30:c8:81:4a:9e:
                    aa:e7:27:48:14:a7:5d:bd:df:ff:14:86:18:d7:a6:
                    5e:16:17:20:ea:49:ea:94:8d:57:53:d5:e9:e0:83:
                    8c:93:56:ab:6e:13:81:59:fc:0d:a1:8f:32:6a:30:
                    2f:7b:5d:56:f1:74:cf:78:28:98:b0:ef:ec:a9:cf:
                    4a:ce:ad:fd:3b:47:b2:0a:fa:7c:52:1e:87:3c:bb:
                    c3:1e:f4:05:03:7d:39:32:b3:fa:57:ad:23:f8:8f:
                    85:6b:0a:b1:a8:59:94:d3:35:f5:96:11:48:a8:02:
                    c9:55:81:a8:fa:f8:60:7d:36:d9:b2:74:a5:b6:77:
                    59:0c:25:2a:bc:8d:00:65:72:e3:0d:b8:52:a9:be:
                    18:53:3e:26:38:97:af:a4:d8:f3:01:c1:bd:59:88:
                    b8:ff:7a:e6:d5:e6:98:b3:33:fd:45:99:b5:15:20:
                    6b:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:FA:C3:95:A7:4A:F9:F2:AB:87:AE:9D:7B:34:A8:DC:4A:A0:6F:E7
            X509v3 Authority Key Identifier:
                keyid:89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:e0:82:11:54:08:4d:34:94:18:b2:ee:f7:1a:8b:6e:cf:67:
         6b:00:1f:4f:7f:8c:99:c0:85:d8:00:f1:f4:b7:c0:51:4a:d7:
         ff:8c:b8:37:61:d5:f6:74:e0:a4:0d:7f:c7:fc:31:71:91:70:
         4d:f3:4f:ea:fc:da:2a:62:9f:66:06:b7:f7:dc:68:0e:e6:9a:
         56:22:20:b3:22:5b:07:3f:33:77:ac:a8:26:02:cd:ba:48:4d:
         bd:e7:1a:01:4f:bc:2c:86:9f:57:16:e3:17:1c:0d:fb:8f:03:
         ee:b8:29:dd:5b:2d:f7:56:6c:05:a2:14:e8:d0:88:46:f6:7d:
         0f:42:88:13:4f:a5:25:97:2f:57:e9:c8:e2:0f:58:10:5f:37:
         71:6c:cb:b6:dd:fc:d2:4f:e3:cd:9a:3a:3f:d1:02:a7:34:ae:
         11:27:4f:0a:9e:ab:74:cc:08:fe:46:df:e7:8e:99:5d:ce:3d:
         48:90:3a:5d:66:3b:6e:be:f1:74:7c:f4:2f:e9:fc:9c:d2:4b:
         b3:f2:53:f9:d5:1f:69:56:10:2c:83:12:91:0b:2b:59:f5:71:
         07:89:05:d7:ad:e7:32:71:1e:cd:a4:04:ff:48:3b:31:db:b2:
         cf:04:bd:84:aa:2b:75:f4:e2:e5:bf:c3:a5:80:64:93:d0:69:
         2c:9d:75:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeLR9zqrADUpC1qot20vsIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Nzk0MjZhMGJjZDkwM2E1NTI2NDkyY2M1YWY3YjRmMmIw
ZWRiMDQwHhcNMjUwNjIwMDMwMDMxWhcNMjUwNjIxMDMwMDMxWjAzMTEwLwYDVQQD
EygzMWZhYzM5NWE3NGFmOWYyYWI4N2FlOWQ3YjM0YThkYzRhYTA2ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT2IYCCK69pT8W+99gICcM1ULtx1
Nl41+Cu15HhFXQlNYhDazIPrxdxAm+PAbAeTg81X9zzaFWtX/pO48QeWw26UQtw0
5lMcMW7EFbLe6LlGWF2fMMiBSp6q5ydIFKddvd//FIYY16ZeFhcg6knqlI1XU9Xp
4IOMk1arbhOBWfwNoY8yajAve11W8XTPeCiYsO/sqc9Kzq39O0eyCvp8Uh6HPLvD
HvQFA305MrP6V60j+I+FawqxqFmU0zX1lhFIqALJVYGo+vhgfTbZsnSltndZDCUq
vI0AZXLjDbhSqb4YUz4mOJevpNjzAcG9WYi4/3rm1eaYszP9RZm1FSBrAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDH6w5WnSvnyq4eunXs0qNxKoG/nMB8GA1UdIwQY
MBaAFIl5QmoLzZA6VSZJLMWve08rDtsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMt
NDlhYzI4MTQyMzE4LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMtNDlhYzI4MTQyMzE4
LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAuCCEVQI
TTSUGLLu9xqLbs9nawAfT3+MmcCF2ADx9LfAUUrX/4y4N2HV9nTgpA1/x/wxcZFw
TfNP6vzaKmKfZga399xoDuaaViIgsyJbBz8zd6yoJgLNukhNvecaAU+8LIafVxbj
FxwN+48D7rgp3Vst91ZsBaIU6NCIRvZ9D0KIE0+lJZcvV+nI4g9YEF83cWzLtt38
0k/jzZo6P9ECpzSuESdPCp6rdMwI/kbf546ZXc49SJA6XWY7br7xdHz0L+n8nNJL
s/JT+dUfaVYQLIMSkQsrWfVxB4kF163nMnEezaQE/0g7MduyzwS9hKordfTi5b/D
pYBkk9BpLJ112g==
-----END CERTIFICATE-----