Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          5ArtCgOz3pA8Y9Hw0HKNEYPPqI8PaW1zhFXaB1pRGlw=
Subject key identifier:   8A:AF:E1:FB:FE:FF:BA:D3:24:5B:69:A8:40:74:60:F5:C5:56:4A:58
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       019A4EF579D30584CAAB3B5B1D639F7B1785
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0E1A
Signing time:             Tue 04 Nov 2025 13:01:41 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:41 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:41 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: DMrv57nLpVXT/oRzy3/xd+aHN/7gfnc+oZ3ppnKjAQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:79:d3:05:84:ca:ab:3b:5b:1d:63:9f:7b:17:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Nov  4 13:01:41 2025 GMT
            Not After : Nov  5 13:01:41 2025 GMT
        Subject: CN=8aafe1fbfeffbad3245b69a8407460f5c5564a58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c8:a2:3f:19:05:e3:5e:5f:53:89:6f:dd:1f:
                    ef:76:f0:0f:42:11:51:f6:3f:09:47:0e:f1:9f:c6:
                    e2:b6:d3:2a:16:78:e5:96:c2:ae:73:f0:57:c8:0b:
                    1f:54:31:bc:51:dd:04:80:46:0d:cb:d9:15:d6:95:
                    ee:88:88:92:23:80:8f:69:89:28:43:75:99:63:c7:
                    c8:eb:98:68:a9:e3:fb:c9:e5:d6:26:7e:9d:61:fe:
                    a1:22:e0:a4:27:5f:77:f8:e7:1a:33:39:bf:95:f4:
                    83:dd:2c:5a:77:49:db:8b:de:d3:1f:27:59:95:02:
                    96:db:2e:21:59:bd:e3:61:a3:b4:d6:32:be:9a:88:
                    6b:53:da:b4:33:12:5b:7b:c5:ab:3b:06:fe:52:50:
                    9a:74:66:db:a6:53:11:52:80:d3:43:37:04:3f:75:
                    78:fb:0d:42:31:57:9c:57:ac:3f:ec:af:01:06:4b:
                    23:82:37:95:de:c7:f8:77:54:f7:f1:1f:96:d5:35:
                    50:f3:51:c6:a0:29:d7:89:7b:d9:3f:9e:c7:55:32:
                    3d:a6:42:78:44:b0:e2:e8:b9:9f:2d:e7:83:06:6a:
                    93:2f:05:4b:1b:8e:51:b4:48:a0:b7:a0:f0:a8:67:
                    65:e7:97:6f:6b:27:95:ce:ba:ae:9b:88:1d:31:8d:
                    06:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:AF:E1:FB:FE:FF:BA:D3:24:5B:69:A8:40:74:60:F5:C5:56:4A:58
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:5d:1f:f6:92:d4:79:3e:5a:57:5e:40:27:2a:eb:72:2e:70:
         80:a1:8f:6e:dd:7f:5c:9a:d8:1e:80:5d:c9:00:22:89:1e:44:
         dc:c2:c2:74:9a:1b:84:cd:44:08:cc:d5:4f:ed:ba:50:c3:f5:
         e3:0e:fa:27:60:26:1d:8f:23:30:8e:0d:00:32:64:5f:d0:63:
         6f:88:73:c2:2b:bf:05:7b:78:7d:8c:13:60:ce:d7:82:4c:a6:
         56:8e:0f:85:98:2e:70:71:66:96:cb:41:0e:21:3d:d1:36:7b:
         f6:9d:93:89:7c:ee:5c:f2:65:4e:14:14:65:a7:e5:70:66:3a:
         0a:7b:c9:4b:dc:ba:ad:12:a9:b9:97:51:a4:7b:f6:65:12:9a:
         92:63:05:72:94:8a:f3:99:26:14:95:12:ee:83:f1:72:aa:6c:
         a5:ab:a5:2e:9b:35:c9:11:d9:24:07:3b:88:e6:74:f6:02:c6:
         d9:50:39:76:04:79:43:cd:64:a7:4f:8a:26:a3:fc:73:40:af:
         1f:e3:9c:ec:82:bd:1c:00:ed:2a:34:ee:97:f7:d5:39:18:1e:
         da:02:94:11:98:b0:a1:0a:03:97:59:01:24:86:33:58:a1:10:
         7f:3a:c8:24:12:f8:b4:b6:71:48:3d:22:1a:de:4a:71:33:75:
         d8:60:d7:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9XnTBYTKqztbHWOfexeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUxMTA0MTMwMTQxWhcNMjUxMTA1MTMwMTQxWjAzMTEwLwYDVQQD
Eyg4YWFmZTFmYmZlZmZiYWQzMjQ1YjY5YTg0MDc0NjBmNWM1NTY0YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MiiPxkF415fU4lv3R/vdvAPQhFR
9j8JRw7xn8bittMqFnjllsKuc/BXyAsfVDG8Ud0EgEYNy9kV1pXuiIiSI4CPaYko
Q3WZY8fI65hoqeP7yeXWJn6dYf6hIuCkJ193+OcaMzm/lfSD3Sxad0nbi97THydZ
lQKW2y4hWb3jYaO01jK+mohrU9q0MxJbe8WrOwb+UlCadGbbplMRUoDTQzcEP3V4
+w1CMVecV6w/7K8BBksjgjeV3sf4d1T38R+W1TVQ81HGoCnXiXvZP57HVTI9pkJ4
RLDi6LmfLeeDBmqTLwVLG45RtEigt6DwqGdl55dvayeVzrqum4gdMY0GPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqv4fv+/7rTJFtpqEB0YPXFVkpYMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAF0f9pLU
eT5aV15AJyrrci5wgKGPbt1/XJrYHoBdyQAiiR5E3MLCdJobhM1ECMzVT+26UMP1
4w76J2AmHY8jMI4NADJkX9Bjb4hzwiu/BXt4fYwTYM7XgkymVo4PhZgucHFmlstB
DiE90TZ79p2TiXzuXPJlThQUZaflcGY6CnvJS9y6rRKpuZdRpHv2ZRKakmMFcpSK
85kmFJUS7oPxcqpspaulLps1yRHZJAc7iOZ09gLG2VA5dgR5Q81kp0+KJqP8c0Cv
H+Oc7IK9HADtKjTul/fVORge2gKUEZiwoQoDl1kBJIYzWKEQfzrIJBL4tLZxSD0i
Gt5KcTN12GDXyQ==
-----END CERTIFICATE-----