Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          SzZ+66V3sd9o3uV6JjPSFL4tuJAJdbHmyTJ4LWW0fAA=
Subject key identifier:   F9:E0:CC:0B:04:1D:20:9A:67:0D:EF:95:B7:FF:1B:70:19:FF:1B:85
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       01988167FDFF2E16D9C2DB845CB6BDB4C76E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          078E
Signing time:             Wed 06 Aug 2025 22:02:12 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:12 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:12 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: dMXUjO97UooCxzKU5vcFiBeobi51qv8CSpPHaZNqSv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:fd:ff:2e:16:d9:c2:db:84:5c:b6:bd:b4:c7:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Aug  6 22:02:12 2025 GMT
            Not After : Aug  7 22:02:12 2025 GMT
        Subject: CN=f9e0cc0b041d209a670def95b7ff1b7019ff1b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:05:3b:5a:4b:29:b4:e6:28:64:be:51:d7:0f:
                    56:36:97:d7:3a:8d:4b:da:df:45:44:0c:ba:a0:ce:
                    4d:5c:98:8a:2a:9a:b9:a1:0a:77:5e:9a:59:e5:3d:
                    4f:d6:e3:bd:de:54:45:84:b3:c7:26:04:e5:b5:36:
                    4d:f3:c5:57:42:8a:c0:fe:74:48:de:d4:ea:df:b0:
                    93:8c:bc:49:46:da:3b:e2:36:f2:1d:ea:d5:4d:9e:
                    22:3b:0f:ce:66:c2:6e:fc:46:65:68:06:ab:69:e8:
                    3d:e8:2e:f6:0a:a2:89:f9:f4:74:f7:a7:e1:7f:32:
                    6a:ec:ec:bd:1f:b4:04:31:77:82:26:bd:f2:ce:4c:
                    ac:0b:18:21:0f:42:b9:13:cd:54:48:66:90:5b:05:
                    24:01:14:3d:77:69:db:30:c0:78:d7:65:f3:96:9c:
                    ae:b8:17:05:6f:a4:fc:f6:6d:6a:79:07:83:57:2d:
                    2e:b0:b8:f9:17:47:25:c4:93:a3:b2:10:ae:2b:de:
                    1e:69:1c:31:6c:b6:48:9f:01:aa:c4:24:9e:b5:29:
                    ea:4e:e3:00:b4:00:4e:d8:39:95:c4:f6:86:5c:e9:
                    ad:68:38:03:58:93:be:a9:7a:1b:f8:12:18:b9:76:
                    f2:bc:e1:de:83:99:bb:54:5b:e4:44:f2:86:28:75:
                    87:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:E0:CC:0B:04:1D:20:9A:67:0D:EF:95:B7:FF:1B:70:19:FF:1B:85
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ad:60:99:3a:4c:e5:f8:10:1f:cb:79:93:71:77:a4:6a:56:
         6e:88:72:ab:1e:53:19:de:9f:c3:47:0e:9a:88:07:ae:9a:41:
         87:7c:a7:63:5f:4a:bd:27:b6:6f:43:7d:de:42:a3:5b:3c:0e:
         dc:8f:41:b3:ed:13:a7:a9:7b:ca:2d:8b:00:5e:c9:41:a0:28:
         90:1d:87:73:86:e2:b9:61:60:eb:6e:8f:bf:19:98:08:9f:1b:
         31:2b:c7:1e:4b:ac:d9:44:1c:60:61:2a:2d:99:98:74:12:57:
         bd:90:85:ae:05:57:79:94:c7:cf:1b:11:00:22:dd:b4:05:cd:
         6a:4a:1f:cb:43:a3:30:5b:02:e1:82:d3:cc:04:42:20:1f:03:
         82:64:3b:d5:31:3e:81:61:09:4f:2e:9e:f1:22:d4:8e:8c:7f:
         24:06:5c:0e:b2:86:b0:df:8e:01:98:2e:31:07:cb:59:f2:1a:
         c1:1c:8d:80:1f:ca:21:65:86:20:7b:2b:9c:8c:4a:e5:90:61:
         cb:28:3e:e1:41:e3:5a:c6:0c:87:62:f6:77:bb:7f:64:57:33:
         d2:89:63:d3:c0:bd:29:02:dd:e3:4e:93:57:eb:99:b1:ff:a1:
         a6:39:6d:b8:70:c8:b8:87:6b:89:8a:71:6b:4d:34:0b:d6:59:
         31:f2:1d:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ/3/LhbZwtuEXLa9tMduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUwODA2MjIwMjEyWhcNMjUwODA3MjIwMjEyWjAzMTEwLwYDVQQD
EyhmOWUwY2MwYjA0MWQyMDlhNjcwZGVmOTViN2ZmMWI3MDE5ZmYxYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8wU7WksptOYoZL5R1w9WNpfXOo1L
2t9FRAy6oM5NXJiKKpq5oQp3XppZ5T1P1uO93lRFhLPHJgTltTZN88VXQorA/nRI
3tTq37CTjLxJRto74jbyHerVTZ4iOw/OZsJu/EZlaAaraeg96C72CqKJ+fR096fh
fzJq7Oy9H7QEMXeCJr3yzkysCxghD0K5E81USGaQWwUkARQ9d2nbMMB412Xzlpyu
uBcFb6T89m1qeQeDVy0usLj5F0clxJOjshCuK94eaRwxbLZInwGqxCSetSnqTuMA
tABO2DmVxPaGXOmtaDgDWJO+qXob+BIYuXbyvOHeg5m7VFvkRPKGKHWHjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPngzAsEHSCaZw3vlbf/G3AZ/xuFMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOq1gmTpM
5fgQH8t5k3F3pGpWbohyqx5TGd6fw0cOmogHrppBh3ynY19KvSe2b0N93kKjWzwO
3I9Bs+0Tp6l7yi2LAF7JQaAokB2Hc4biuWFg626PvxmYCJ8bMSvHHkus2UQcYGEq
LZmYdBJXvZCFrgVXeZTHzxsRACLdtAXNakofy0OjMFsC4YLTzARCIB8DgmQ71TE+
gWEJTy6e8SLUjox/JAZcDrKGsN+OAZguMQfLWfIawRyNgB/KIWWGIHsrnIxK5ZBh
yyg+4UHjWsYMh2L2d7t/ZFcz0olj08C9KQLd406TV+uZsf+hpjltuHDIuIdriYpx
a000C9ZZMfIdeA==
-----END CERTIFICATE-----