Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File:                     iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier:          a8bJrKhHBkcl8RvyUZRnruE5QTT/6fRN3qkSJV129O4=
Subject key identifier:   79:89:E4:23:2F:97:CA:84:8A:2B:2E:C7:97:D0:6B:B3:B8:EC:62:0F
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer:       /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial:       0197696085D29732396DDB2259F25BC5CFB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number:          0F85
Signing time:             Fri 13 Jun 2025 13:00:22 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:22 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:22 +0000
Files and hashes:         1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: ITFktpCkhpRH8x2jP0FuynwHxoo6fLP0lVWLJR+a8Ws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:85:d2:97:32:39:6d:db:22:59:f2:5b:c5:cf:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
        Validity
            Not Before: Jun 13 13:00:22 2025 GMT
            Not After : Jun 14 13:00:22 2025 GMT
        Subject: CN=7989e4232f97ca848a2b2ec797d06bb3b8ec620f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:4e:11:8c:c9:6d:83:d9:ec:a0:4a:53:d4:d5:
                    9e:50:3a:48:10:cc:f6:ef:95:0e:40:c4:d2:f3:9c:
                    e6:23:1f:53:8b:3c:08:04:22:e6:7a:9c:6b:97:db:
                    47:18:03:3f:da:31:ad:e7:5c:b9:37:78:41:0e:95:
                    de:22:b0:42:7c:97:e8:a0:30:2d:31:74:42:8b:27:
                    35:f2:4b:4d:2f:58:74:01:c4:d8:16:cb:54:74:4c:
                    e0:59:a8:43:fe:3d:46:c6:46:f1:0c:32:fc:4b:7c:
                    42:f7:b2:82:70:97:a0:b2:ff:6c:66:48:bd:94:0a:
                    c6:a1:5c:a6:91:9d:2f:fc:a5:28:d3:41:d9:7c:4f:
                    50:04:b5:a9:4b:98:ac:c8:5f:57:cc:5f:6c:31:43:
                    a1:06:0d:2e:ed:2b:91:fe:21:6c:82:21:2c:f4:65:
                    f5:d7:48:f3:ad:b9:28:ae:85:7b:43:31:7c:19:02:
                    e6:5a:00:5c:26:da:1a:b8:50:2e:73:3f:e8:f0:70:
                    3b:16:1a:89:78:e1:28:eb:2f:ad:bf:1a:f3:e8:e6:
                    85:c5:ab:14:e2:54:79:be:a1:f0:d9:f1:65:5d:6f:
                    fa:23:98:d9:36:aa:82:16:47:99:55:29:24:85:59:
                    b1:07:a7:d8:ba:9f:64:cd:27:55:81:6e:51:f9:00:
                    8c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:89:E4:23:2F:97:CA:84:8A:2B:2E:C7:97:D0:6B:B3:B8:EC:62:0F
            X509v3 Authority Key Identifier:
                keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:19:79:e5:a1:ae:ee:e3:50:b1:7f:5e:aa:d1:ff:dd:34:6f:
         c6:6c:91:d3:41:ae:75:e7:c9:5c:cc:75:ca:c7:4d:90:dc:20:
         5b:7d:e3:fa:da:eb:85:5f:93:92:e2:3f:f4:b3:f0:96:d2:08:
         b6:00:0a:fd:0c:41:77:24:99:06:d6:80:2d:8a:85:a7:65:4f:
         f9:ab:74:7e:41:42:e0:52:ae:95:9b:ba:e5:f5:1e:9c:a0:00:
         38:30:53:da:9f:2c:db:31:ed:25:65:ec:10:d5:bb:e5:23:c0:
         2b:a8:ec:3b:f9:d4:20:24:fb:09:e5:fe:a5:02:66:28:d5:cd:
         d7:a5:c7:be:88:04:f7:2d:3b:71:c8:ff:8f:39:16:7e:e6:e2:
         66:be:65:2c:4e:07:3f:9d:85:b4:61:86:8e:f0:47:1b:99:58:
         7d:c0:0f:88:cc:d7:b9:02:a6:79:60:94:71:7f:fc:87:d2:58:
         70:f3:6a:75:b6:b3:45:2d:18:0a:97:94:03:35:fe:62:cd:bc:
         d7:ff:9e:50:ae:2e:d4:88:08:e7:b1:58:59:e2:88:05:5e:86:
         c5:49:d9:91:42:c8:02:9b:d6:1d:59:29:39:57:b8:ae:d1:17:
         e1:22:f3:3f:93:6e:aa:12:99:6a:53:d5:ab:0f:5f:fe:de:c6:
         9b:6b:b2:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYIXSlzI5bdsiWfJbxc+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUwNjEzMTMwMDIyWhcNMjUwNjE0MTMwMDIyWjAzMTEwLwYDVQQD
Eyg3OTg5ZTQyMzJmOTdjYTg0OGEyYjJlYzc5N2QwNmJiM2I4ZWM2MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU4RjMltg9nsoEpT1NWeUDpIEMz2
75UOQMTS85zmIx9TizwIBCLmepxrl9tHGAM/2jGt51y5N3hBDpXeIrBCfJfooDAt
MXRCiyc18ktNL1h0AcTYFstUdEzgWahD/j1GxkbxDDL8S3xC97KCcJegsv9sZki9
lArGoVymkZ0v/KUo00HZfE9QBLWpS5isyF9XzF9sMUOhBg0u7SuR/iFsgiEs9GX1
10jzrbkoroV7QzF8GQLmWgBcJtoauFAucz/o8HA7FhqJeOEo6y+tvxrz6OaFxasU
4lR5vqHw2fFlXW/6I5jZNqqCFkeZVSkkhVmxB6fYup9kzSdVgW5R+QCMewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmJ5CMvl8qEiisux5fQa7O47GIPMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxl55aGu
7uNQsX9eqtH/3TRvxmyR00GudefJXMx1ysdNkNwgW33j+trrhV+TkuI/9LPwltII
tgAK/QxBdySZBtaALYqFp2VP+at0fkFC4FKulZu65fUenKAAODBT2p8s2zHtJWXs
ENW75SPAK6jsO/nUICT7CeX+pQJmKNXN16XHvogE9y07ccj/jzkWfubiZr5lLE4H
P52FtGGGjvBHG5lYfcAPiMzXuQKmeWCUcX/8h9JYcPNqdbazRS0YCpeUAzX+Ys28
1/+eUK4u1IgI57FYWeKIBV6GxUnZkULIApvWHVkpOVe4rtEX4SLzP5NuqhKZalPV
qw9f/t7Gm2uy8Q==
-----END CERTIFICATE-----