Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          zww2BNDuEaEiGivJTopDpd5lPTSsfLozptUXpJbSYM8=
Subject key identifier:   80:29:2B:B5:4A:DD:16:DD:48:4F:E1:E9:C7:A2:CC:E7:2A:EB:D7:BD
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       019681A2300B30E4C51A5F8467D50188BA35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          0685
Signing time:             Tue 29 Apr 2025 13:00:12 +0000
Manifest this update:     Tue 29 Apr 2025 13:00:12 +0000
Manifest next update:     Wed 30 Apr 2025 13:00:12 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: Yiuw0FKgG4TDtmBUDKI+88FgZIraOeCKowkdcyZ/vYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a2:30:0b:30:e4:c5:1a:5f:84:67:d5:01:88:ba:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Apr 29 13:00:12 2025 GMT
            Not After : Apr 30 13:00:12 2025 GMT
        Subject: CN=80292bb54add16dd484fe1e9c7a2cce72aebd7bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9b:ca:58:83:91:2c:c3:a8:12:99:da:32:10:
                    fd:11:da:1f:f1:24:5e:50:87:6f:07:fa:47:40:4e:
                    a5:54:9e:d9:8f:bc:af:2a:ac:f6:34:e5:9b:bc:9c:
                    85:1e:f5:16:c6:44:93:cc:7d:68:0c:83:b7:eb:fa:
                    82:02:ed:40:3d:42:ce:a1:0b:d9:2d:0d:48:b9:b9:
                    35:04:11:59:77:71:9f:c2:a8:39:71:88:1b:ed:98:
                    c2:6d:df:5e:a8:66:12:d7:69:be:ca:52:b6:d9:38:
                    18:66:b0:ac:ed:41:66:b8:45:68:6d:c5:91:e2:16:
                    89:9b:19:24:dd:11:66:af:72:8e:dd:f2:fb:68:9d:
                    38:9c:8d:a9:9e:bf:b6:67:a1:f8:90:5c:6f:39:ad:
                    99:69:ab:48:7a:0a:95:4a:22:b7:d6:d4:ae:47:ad:
                    69:f6:ba:06:39:13:9e:0e:97:1d:96:16:45:e9:cb:
                    75:8c:a1:33:c8:69:8e:04:e7:3f:c4:39:15:99:19:
                    4f:7f:78:22:f6:87:d7:06:88:27:0c:ff:b6:8a:1b:
                    57:2b:99:f9:e5:36:c7:65:34:13:7a:a0:42:da:ac:
                    ef:54:13:9c:68:ab:f6:2a:f6:fb:66:5d:d3:24:db:
                    1b:49:16:2d:5b:8f:f5:4b:3a:fa:9d:18:a6:a0:82:
                    ee:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:29:2B:B5:4A:DD:16:DD:48:4F:E1:E9:C7:A2:CC:E7:2A:EB:D7:BD
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ec:be:d2:9e:d6:ba:7b:d0:68:2d:83:b2:37:54:fc:6d:b2:
         0a:a9:2f:28:c9:c4:b8:c6:11:84:eb:7b:a1:1f:7b:8a:65:49:
         bd:9b:7f:16:43:10:db:50:a8:4c:3a:ed:b5:19:0b:55:72:6f:
         43:c3:fa:33:7e:3d:23:7a:ae:6d:fd:46:f2:8d:35:0b:e3:65:
         8c:04:6c:36:da:15:d6:e3:95:ce:bd:81:45:19:35:f1:4c:92:
         49:a4:09:89:dc:59:bb:ef:37:94:c4:03:67:5e:13:e3:c8:e1:
         9d:1b:ac:21:1f:0e:b7:94:de:13:48:ec:92:80:82:10:29:6f:
         77:47:3a:79:a5:46:71:9b:04:16:64:3a:9a:4b:fd:ea:e5:d6:
         8e:bd:64:12:83:25:17:42:ed:d6:48:c0:c4:aa:41:5a:84:9c:
         dc:8d:f4:3a:58:eb:36:46:50:c7:b5:64:ca:16:70:12:38:fa:
         c5:3f:6e:49:12:35:b7:c4:ac:ad:53:5f:90:6f:2a:c2:7d:d5:
         5d:b8:06:b1:c0:22:df:04:53:67:bc:6d:15:63:78:87:f8:ed:
         71:47:ca:e0:f6:2d:5a:23:27:16:ad:49:88:8b:ec:f7:7e:11:
         f4:b1:a2:f8:fb:89:04:dd:25:90:58:52:23:98:8c:af:96:d9:
         99:b9:85:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBojALMOTFGl+EZ9UBiLo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUwNDI5MTMwMDEyWhcNMjUwNDMwMTMwMDEyWjAzMTEwLwYDVQQD
Eyg4MDI5MmJiNTRhZGQxNmRkNDg0ZmUxZTljN2EyY2NlNzJhZWJkN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJvKWIORLMOoEpnaMhD9Edof8SRe
UIdvB/pHQE6lVJ7Zj7yvKqz2NOWbvJyFHvUWxkSTzH1oDIO36/qCAu1APULOoQvZ
LQ1Iubk1BBFZd3Gfwqg5cYgb7ZjCbd9eqGYS12m+ylK22TgYZrCs7UFmuEVobcWR
4haJmxkk3RFmr3KO3fL7aJ04nI2pnr+2Z6H4kFxvOa2ZaatIegqVSiK31tSuR61p
9roGOROeDpcdlhZF6ct1jKEzyGmOBOc/xDkVmRlPf3gi9ofXBognDP+2ihtXK5n5
5TbHZTQTeqBC2qzvVBOcaKv2Kvb7Zl3TJNsbSRYtW4/1Szr6nRimoILubQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIApK7VK3RbdSE/h6ceizOcq69e9MB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+y+0p7W
unvQaC2DsjdU/G2yCqkvKMnEuMYRhOt7oR97imVJvZt/FkMQ21CoTDrttRkLVXJv
Q8P6M349I3qubf1G8o01C+NljARsNtoV1uOVzr2BRRk18UySSaQJidxZu+83lMQD
Z14T48jhnRusIR8Ot5TeE0jskoCCEClvd0c6eaVGcZsEFmQ6mkv96uXWjr1kEoMl
F0Lt1kjAxKpBWoSc3I30OljrNkZQx7VkyhZwEjj6xT9uSRI1t8SsrVNfkG8qwn3V
XbgGscAi3wRTZ7xtFWN4h/jtcUfK4PYtWiMnFq1JiIvs934R9LGi+PuJBN0lkFhS
I5iMr5bZmbmFWQ==
-----END CERTIFICATE-----