Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          2DjkUuOM2OyszirDuRcXZ+s6NlJrjfsE1zDzx5974/E=
Subject key identifier:   86:FE:7A:09:F5:F8:70:88:89:BC:04:76:26:9E:82:50:1C:57:D0:1B
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019769CEB6F189D2831553B9CE4A7C950644
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1587
Signing time:             Fri 13 Jun 2025 15:00:44 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:44 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:44 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: b3Iba6JPDYShqCbP2Ih+NYqpeMi5c5OTIMw8RR/NiQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:b6:f1:89:d2:83:15:53:b9:ce:4a:7c:95:06:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Jun 13 15:00:44 2025 GMT
            Not After : Jun 14 15:00:44 2025 GMT
        Subject: CN=86fe7a09f5f8708889bc0476269e82501c57d01b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9f:5a:d1:eb:1b:4b:dd:9b:56:57:b9:4a:e0:
                    47:c6:a2:30:0c:c2:a0:ba:21:49:01:07:00:0c:12:
                    44:84:69:96:8a:c1:eb:87:4a:e8:59:48:d4:be:ce:
                    74:64:55:5a:b2:b6:08:79:20:df:00:c7:7c:aa:74:
                    25:78:4e:5c:e2:85:02:41:ec:4e:13:32:15:14:0e:
                    76:6a:3d:a0:6c:de:a8:47:8b:15:08:87:e2:d4:57:
                    60:e3:6c:e0:7c:8b:8b:12:cb:92:be:8e:07:b6:35:
                    2a:35:3c:8a:46:6d:a9:a3:b7:de:0b:50:aa:83:10:
                    13:ac:28:76:06:4a:1d:ee:1b:31:f0:c7:0b:11:5a:
                    b2:33:5c:e2:79:f4:d4:d9:44:30:47:27:1f:fe:16:
                    ea:32:cd:4e:a8:1b:b4:12:e5:b0:40:d1:de:ce:6c:
                    91:12:82:12:3c:d3:a7:fa:c8:64:74:b9:23:ac:78:
                    c0:30:12:05:25:61:80:46:4c:e3:52:97:a9:f5:a2:
                    73:cd:43:a1:66:62:e6:7c:63:b3:cd:80:1c:a4:70:
                    72:ef:62:cd:6e:17:91:a3:58:de:d7:4f:5f:5e:e1:
                    07:e9:7d:62:f3:68:9d:37:d8:bd:f5:59:61:13:2b:
                    60:5e:8f:8d:9f:b3:dd:7b:55:54:ef:31:05:e2:04:
                    c5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:FE:7A:09:F5:F8:70:88:89:BC:04:76:26:9E:82:50:1C:57:D0:1B
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:f9:2f:bc:6b:bc:07:b0:ba:37:7b:5b:a4:a4:37:59:bd:e3:
         93:c5:4e:94:ad:4e:02:d9:86:6b:3a:74:58:92:39:62:ae:e0:
         ab:ad:85:fc:f4:21:97:60:b1:7f:1d:04:2a:8f:68:ab:58:63:
         ce:9e:94:19:ff:77:59:3b:0a:a3:61:58:08:b5:d3:48:98:cb:
         03:51:d7:c2:20:c8:5e:d2:b6:17:8a:3a:20:30:d5:6c:64:a3:
         35:50:6c:a8:f2:7c:52:c0:27:71:8b:60:2f:4c:2e:10:60:cb:
         bc:16:cc:5d:93:99:4d:df:bd:30:86:3b:1c:a4:68:19:9d:f8:
         68:fa:7d:53:07:a7:6b:90:3a:f6:e4:17:e5:c1:51:ba:d7:8e:
         39:f4:c6:e1:14:8c:fa:a0:a6:1a:55:33:8b:de:1e:d2:ff:ed:
         34:8a:8b:1d:3e:53:91:2b:09:35:65:46:11:82:61:0a:10:2d:
         07:9b:0d:b0:94:80:fb:c6:10:7c:fb:c9:9e:56:e6:6a:57:59:
         68:04:5e:91:67:eb:ba:26:1e:4d:d9:5f:7c:93:ee:97:c1:e6:
         62:f8:fa:1a:d1:d8:b6:06:2e:ef:51:23:bf:e6:57:3b:05:63:
         f4:e2:ae:37:9a:57:cd:8c:0e:d5:d7:53:37:ac:c7:85:f3:75:
         3b:79:3a:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzrbxidKDFVO5zkp8lQZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjUwNjEzMTUwMDQ0WhcNMjUwNjE0MTUwMDQ0WjAzMTEwLwYDVQQD
Eyg4NmZlN2EwOWY1Zjg3MDg4ODliYzA0NzYyNjllODI1MDFjNTdkMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ9a0esbS92bVle5SuBHxqIwDMKg
uiFJAQcADBJEhGmWisHrh0roWUjUvs50ZFVasrYIeSDfAMd8qnQleE5c4oUCQexO
EzIVFA52aj2gbN6oR4sVCIfi1Fdg42zgfIuLEsuSvo4HtjUqNTyKRm2po7feC1Cq
gxATrCh2Bkod7hsx8McLEVqyM1ziefTU2UQwRycf/hbqMs1OqBu0EuWwQNHezmyR
EoISPNOn+shkdLkjrHjAMBIFJWGARkzjUpep9aJzzUOhZmLmfGOzzYAcpHBy72LN
bheRo1je109fXuEH6X1i82idN9i99VlhEytgXo+Nn7Pde1VU7zEF4gTFTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIb+egn1+HCIibwEdiaeglAcV9AbMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKvkvvGu8
B7C6N3tbpKQ3Wb3jk8VOlK1OAtmGazp0WJI5Yq7gq62F/PQhl2Cxfx0EKo9oq1hj
zp6UGf93WTsKo2FYCLXTSJjLA1HXwiDIXtK2F4o6IDDVbGSjNVBsqPJ8UsAncYtg
L0wuEGDLvBbMXZOZTd+9MIY7HKRoGZ34aPp9Uwena5A69uQX5cFRuteOOfTG4RSM
+qCmGlUzi94e0v/tNIqLHT5TkSsJNWVGEYJhChAtB5sNsJSA+8YQfPvJnlbmaldZ
aARekWfruiYeTdlffJPul8HmYvj6GtHYtgYu71Ejv+ZXOwVj9OKuN5pXzYwO1ddT
N6zHhfN1O3k6jg==
-----END CERTIFICATE-----