Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          1qn26qDIEW8A1xpSCCOIuImo7VTIEqvgMMA/Z28LV8Q=
Subject key identifier:   95:79:3D:89:A1:8F:96:9C:DF:BC:7D:B5:A5:91:96:7C:6B:06:C3:8A
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       0197703E8715054CEF66A80A1A03F7254187
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          0175
Signing time:             Sat 14 Jun 2025 21:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 21:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 21:00:35 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: 6m0LSgIzFNroqNlKOgW4U3Kg3fztIPFyBdOLxB0fQ2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:3e:87:15:05:4c:ef:66:a8:0a:1a:03:f7:25:41:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jun 14 21:00:35 2025 GMT
            Not After : Jun 15 21:00:35 2025 GMT
        Subject: CN=95793d89a18f969cdfbc7db5a591967c6b06c38a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8f:e6:6f:c2:73:49:d5:2a:e5:6d:9f:bb:72:
                    b3:c1:e5:56:c3:cd:c9:e5:53:96:78:c2:a4:36:4b:
                    f9:6b:17:53:00:cd:cc:7d:8f:90:c7:4d:b9:68:02:
                    55:14:5b:a9:c0:37:18:bc:b5:41:4d:d7:35:df:1a:
                    84:12:8a:96:aa:44:17:6c:28:c9:d9:2c:5d:05:57:
                    3c:1d:d1:b2:36:e5:68:37:66:e7:6b:0e:7e:d7:ab:
                    b5:d2:ba:6f:1f:2b:df:dc:b7:41:eb:7f:d6:06:ce:
                    e0:f3:c0:41:7c:1f:45:33:04:cf:9c:28:0f:81:30:
                    1b:f2:4c:58:cf:c4:07:8a:cc:a2:f9:ee:d7:0f:96:
                    9e:db:a7:c9:db:f0:1c:1e:c3:17:c7:3f:52:33:6f:
                    a6:cc:01:5f:d2:6a:84:0f:f1:50:3a:09:df:bb:ea:
                    a2:86:a9:06:35:fa:3f:da:a4:8d:78:90:f6:9c:4f:
                    6f:35:75:c0:5e:69:39:b2:b5:49:6b:23:93:97:50:
                    78:6f:72:e5:c0:5d:3f:59:0b:68:36:83:20:9a:36:
                    58:8b:66:be:5e:f6:dc:31:25:14:f3:fc:79:f2:c5:
                    ae:84:1e:58:a9:d4:4d:80:98:6d:c2:68:a5:f5:6a:
                    8f:6d:6a:08:24:17:d4:3a:f3:66:1c:21:ef:ce:91:
                    72:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:79:3D:89:A1:8F:96:9C:DF:BC:7D:B5:A5:91:96:7C:6B:06:C3:8A
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:6e:e4:ec:f0:c0:d2:ef:7f:1c:6b:e1:a4:19:b8:10:50:f6:
         68:b7:8c:6e:76:10:cd:64:aa:7b:3c:59:10:cc:0e:24:ec:46:
         46:fa:c8:ce:8a:76:43:4e:ee:9b:08:85:c6:04:11:ee:7c:08:
         e2:00:bb:31:49:2d:90:29:de:7e:48:f5:46:34:24:be:39:65:
         42:9f:5c:b0:6f:2b:3c:aa:d0:c1:14:25:bb:da:79:5a:32:49:
         3c:5f:d6:54:76:f0:69:67:db:70:6f:cc:bf:cb:a5:ca:94:41:
         dd:9a:10:a9:99:fa:41:c2:f4:48:19:74:b9:d0:05:ea:26:04:
         8d:a9:29:88:2b:97:5a:bd:36:9d:bf:61:04:bc:6d:ef:37:dc:
         f4:8f:66:1a:95:cf:86:d9:b4:9e:11:79:34:97:56:45:90:e1:
         76:f2:ca:ef:59:e5:42:63:e7:53:73:dd:68:79:38:65:9f:0d:
         d2:83:5e:f4:d3:50:d3:c8:39:64:83:00:57:76:55:7b:f3:66:
         86:4b:8b:de:59:62:e2:da:30:a6:56:0b:8e:17:59:9b:76:bd:
         99:88:1f:dc:6c:c8:94:77:67:7b:4d:2e:fb:45:11:86:7c:f5:
         41:a0:eb:3a:9e:10:2b:d5:33:28:02:1b:71:84:12:f6:1c:07:
         e6:88:37:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwPocVBUzvZqgKGgP3JUGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwNjE0MjEwMDM1WhcNMjUwNjE1MjEwMDM1WjAzMTEwLwYDVQQD
Eyg5NTc5M2Q4OWExOGY5NjljZGZiYzdkYjVhNTkxOTY3YzZiMDZjMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI/mb8JzSdUq5W2fu3KzweVWw83J
5VOWeMKkNkv5axdTAM3MfY+Qx025aAJVFFupwDcYvLVBTdc13xqEEoqWqkQXbCjJ
2SxdBVc8HdGyNuVoN2bnaw5+16u10rpvHyvf3LdB63/WBs7g88BBfB9FMwTPnCgP
gTAb8kxYz8QHisyi+e7XD5ae26fJ2/AcHsMXxz9SM2+mzAFf0mqED/FQOgnfu+qi
hqkGNfo/2qSNeJD2nE9vNXXAXmk5srVJayOTl1B4b3LlwF0/WQtoNoMgmjZYi2a+
XvbcMSUU8/x58sWuhB5YqdRNgJhtwmil9WqPbWoIJBfUOvNmHCHvzpFyYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV5PYmhj5ac37x9taWRlnxrBsOKMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeG7k7PDA
0u9/HGvhpBm4EFD2aLeMbnYQzWSqezxZEMwOJOxGRvrIzop2Q07umwiFxgQR7nwI
4gC7MUktkCnefkj1RjQkvjllQp9csG8rPKrQwRQlu9p5WjJJPF/WVHbwaWfbcG/M
v8ulypRB3ZoQqZn6QcL0SBl0udAF6iYEjakpiCuXWr02nb9hBLxt7zfc9I9mGpXP
htm0nhF5NJdWRZDhdvLK71nlQmPnU3PdaHk4ZZ8N0oNe9NNQ08g5ZIMAV3ZVe/Nm
hkuL3lli4towplYLjhdZm3a9mYgf3GzIlHdne00u+0URhnz1QaDrOp4QK9UzKAIb
cYQS9hwH5og3gQ==
-----END CERTIFICATE-----