Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          U02jOjecNDjZlb2xjGLmXcuju3UiuQM1/V3FV5t6W54=
Subject key identifier:   74:46:23:8F:A3:0D:0D:B3:DA:2E:F6:7F:E7:F2:2A:95:7A:53:54:F3
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       0198744FDEE80E499A861669929531E61B43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1611
Signing time:             Mon 04 Aug 2025 09:00:48 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:48 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:48 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: Bl8SGYdqEm+HNDTcSu+xjSSX2WRZauqUwe7+e5BY0Fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:de:e8:0e:49:9a:86:16:69:92:95:31:e6:1b:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Aug  4 09:00:48 2025 GMT
            Not After : Aug  5 09:00:48 2025 GMT
        Subject: CN=7446238fa30d0db3da2ef67fe7f22a957a5354f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d3:c8:b8:c2:e9:ca:70:94:fb:58:4d:a1:4e:
                    41:ae:be:c2:92:e1:fb:ff:36:07:aa:77:63:b5:70:
                    eb:7a:01:b4:1a:6d:8f:e1:d9:44:6e:8b:df:17:77:
                    2e:28:ff:79:cb:70:d8:24:a6:88:6e:0b:0a:d7:3e:
                    f4:c5:d6:9d:63:ff:68:a7:ca:92:65:8c:67:b6:41:
                    bd:2d:2c:16:4b:5a:2c:97:6c:2e:2f:7a:dd:b5:89:
                    0b:11:70:26:c0:2f:81:e9:65:0d:4c:7b:d9:f0:fd:
                    23:ac:b6:8f:1e:5a:4f:cf:da:d9:4e:18:c1:89:88:
                    6a:2f:da:c1:6c:26:cf:69:5a:62:55:76:e9:fe:80:
                    50:34:97:93:11:cf:a9:4f:2f:5b:f4:cd:0e:8b:f2:
                    c2:18:1b:09:cc:0c:41:44:34:26:16:c7:ca:60:14:
                    e2:5b:74:2d:80:91:12:f7:e9:64:30:f4:8b:a2:c6:
                    f2:fc:f9:57:4c:8f:f4:ce:31:3a:75:e6:aa:2a:92:
                    76:cc:9b:99:b5:ff:8e:9c:2d:51:ae:76:42:98:a2:
                    d8:8c:bd:92:6f:f6:2d:5b:d1:5b:ab:3f:17:ee:8d:
                    dc:ec:6c:87:ad:5c:aa:72:53:91:03:53:48:1a:9f:
                    db:41:7b:98:4f:3a:a5:13:ef:90:78:09:85:2b:a6:
                    59:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:46:23:8F:A3:0D:0D:B3:DA:2E:F6:7F:E7:F2:2A:95:7A:53:54:F3
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:5d:6d:c9:c7:69:6d:72:8b:9b:1e:19:6c:7d:6b:5f:b5:8b:
         b3:0a:53:c4:ee:48:d7:60:7e:e7:54:22:4f:e8:38:1a:79:06:
         a3:88:93:73:be:c0:f9:7a:a2:48:9c:86:ce:49:95:fd:b5:ee:
         4e:a6:42:6b:af:a7:5d:32:d1:40:e5:9f:8e:cc:d4:a5:e8:8f:
         0e:f4:df:6d:9b:ba:9f:8b:11:da:b1:c8:a5:54:8a:29:21:26:
         8c:ec:c2:39:7e:e2:80:1a:4e:db:9b:e7:09:70:1c:06:e1:22:
         1f:25:5b:27:e4:37:73:db:78:4c:58:cf:f7:49:fb:e7:33:e0:
         b8:48:db:c8:80:e7:20:76:09:98:ae:ba:90:ec:02:85:d1:b7:
         f2:50:0d:87:8d:0f:0f:a1:aa:28:df:77:64:5c:a6:bd:85:70:
         45:67:54:8a:72:26:64:cf:e3:c7:9f:e2:0d:5e:9b:7a:29:55:
         fd:98:55:ec:8a:32:5b:4d:ba:b2:83:5f:75:01:a8:2b:4a:23:
         74:0a:0d:00:14:47:b4:20:c5:57:75:bb:e7:10:aa:e6:43:01:
         41:81:da:46:da:07:43:29:e7:4f:80:ad:f0:d1:25:c4:ff:ce:
         22:a5:87:7e:23:a4:05:13:42:8d:ba:20:d6:f7:95:d3:ac:92:
         5a:ee:5c:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T97oDkmahhZpkpUx5htDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUwODA0MDkwMDQ4WhcNMjUwODA1MDkwMDQ4WjAzMTEwLwYDVQQD
Eyg3NDQ2MjM4ZmEzMGQwZGIzZGEyZWY2N2ZlN2YyMmE5NTdhNTM1NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstPIuMLpynCU+1hNoU5Brr7CkuH7
/zYHqndjtXDregG0Gm2P4dlEbovfF3cuKP95y3DYJKaIbgsK1z70xdadY/9op8qS
ZYxntkG9LSwWS1osl2wuL3rdtYkLEXAmwC+B6WUNTHvZ8P0jrLaPHlpPz9rZThjB
iYhqL9rBbCbPaVpiVXbp/oBQNJeTEc+pTy9b9M0Oi/LCGBsJzAxBRDQmFsfKYBTi
W3QtgJES9+lkMPSLosby/PlXTI/0zjE6deaqKpJ2zJuZtf+OnC1RrnZCmKLYjL2S
b/YtW9Fbqz8X7o3c7GyHrVyqclORA1NIGp/bQXuYTzqlE++QeAmFK6ZZgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRGI4+jDQ2z2i72f+fyKpV6U1TzMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFl1tycdp
bXKLmx4ZbH1rX7WLswpTxO5I12B+51QiT+g4GnkGo4iTc77A+XqiSJyGzkmV/bXu
TqZCa6+nXTLRQOWfjszUpeiPDvTfbZu6n4sR2rHIpVSKKSEmjOzCOX7igBpO25vn
CXAcBuEiHyVbJ+Q3c9t4TFjP90n75zPguEjbyIDnIHYJmK66kOwChdG38lANh40P
D6GqKN93ZFymvYVwRWdUinImZM/jx5/iDV6beilV/ZhV7IoyW026soNfdQGoK0oj
dAoNABRHtCDFV3W75xCq5kMBQYHaRtoHQynnT4Ct8NElxP/OIqWHfiOkBRNCjbog
1veV06ySWu5cHA==
-----END CERTIFICATE-----