Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          ieK6pcdI1/efdux2QoEbJd8ggl9ILdgLI6ZqHHS9YqM=
Subject key identifier:   7A:F9:37:A5:61:93:87:9C:46:68:87:A6:8F:35:0B:D6:5B:E7:10:4C
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       019873E37C8CE72EFFA54ED7FB54ED428377
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          1613
Signing time:             Mon 04 Aug 2025 07:02:25 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:25 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:25 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: vgJIEywpBOXnRadSgwgRc/CV7SR6FWKucmbvRyobK9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:7c:8c:e7:2e:ff:a5:4e:d7:fb:54:ed:42:83:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Aug  4 07:02:25 2025 GMT
            Not After : Aug  5 07:02:25 2025 GMT
        Subject: CN=7af937a56193879c466887a68f350bd65be7104c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:14:57:69:4a:66:0e:de:b4:b3:08:57:9b:9d:
                    7d:d8:26:65:48:6e:85:d0:d1:0a:ef:2f:1a:d8:ed:
                    36:91:1c:41:97:a1:7e:d7:9c:43:89:92:9e:7d:f6:
                    3b:bb:e6:12:2a:d7:48:41:aa:2d:10:e0:70:43:e8:
                    2f:ae:c5:40:e0:72:15:b0:c5:b2:d0:c9:53:56:a9:
                    73:fc:21:d5:d6:de:be:a5:1b:a9:85:7a:9f:be:02:
                    c7:82:f7:0a:24:b8:2e:d9:e0:b2:7e:fc:24:23:eb:
                    59:a0:5d:6b:84:14:8e:37:f7:f0:a9:fb:f9:bf:d0:
                    da:95:0c:40:8d:42:5e:3b:33:c6:06:b6:14:8e:67:
                    64:40:55:d2:c2:42:8b:74:10:df:ec:d0:41:82:f0:
                    2c:b2:e1:90:14:13:c7:93:72:d6:c6:33:b5:6e:27:
                    10:13:ab:7c:a8:85:47:8c:2d:81:9a:9f:ab:aa:02:
                    50:5e:15:20:1d:90:96:b7:ea:a1:95:48:fc:77:d5:
                    ac:ab:0a:da:ed:eb:15:13:b4:b8:0b:80:f8:a7:19:
                    94:7f:67:7c:22:3d:47:63:96:b7:46:a5:5c:79:8b:
                    ce:f8:73:64:cc:10:95:13:06:eb:e8:ca:a3:78:60:
                    e5:f5:52:12:fb:96:e0:6e:35:07:82:2a:e0:86:50:
                    db:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F9:37:A5:61:93:87:9C:46:68:87:A6:8F:35:0B:D6:5B:E7:10:4C
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:c8:6e:8b:47:42:1f:59:76:40:23:2d:73:ea:aa:eb:03:3f:
         1c:a8:b4:a0:a6:a8:2c:7a:e1:2e:a0:8e:35:24:ba:85:9d:87:
         58:32:14:fc:96:d6:48:f5:83:9f:48:b0:3d:83:f4:02:de:29:
         b5:dc:81:15:9b:28:18:f5:48:21:46:d6:fd:82:39:0e:68:4c:
         38:72:9b:8a:f4:bb:65:3a:ff:92:c2:6d:7a:26:97:3a:7f:8d:
         39:56:da:b8:ec:dd:5a:12:91:c4:6f:30:a5:e4:6a:4e:43:cd:
         6a:34:59:e3:fe:62:dc:39:8d:6d:5e:92:c5:80:8e:25:35:67:
         f6:7f:b4:e7:a6:d3:6e:62:4b:6c:a8:e4:9a:6c:16:c6:f5:d7:
         f6:d2:29:f5:57:e4:62:2e:a7:c0:17:86:33:bd:6d:b5:cb:45:
         45:9a:8f:d3:78:5c:c8:ca:96:b3:92:93:9b:b7:fe:b3:93:68:
         18:be:2a:ea:fb:7f:2d:c9:e1:b1:9e:09:23:6a:38:f7:6a:30:
         7d:e1:81:33:82:45:1f:be:d7:09:cd:0e:ec:de:e0:0f:dc:05:
         27:71:ff:b8:a2:ab:4a:3b:cc:8b:60:c3:08:1f:f7:60:d4:24:
         72:3c:ac:de:34:4e:0e:4a:e6:81:b8:5c:8d:ec:21:5d:e6:ea:
         ff:93:24:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz43yM5y7/pU7X+1TtQoN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjUwODA0MDcwMjI1WhcNMjUwODA1MDcwMjI1WjAzMTEwLwYDVQQD
Eyg3YWY5MzdhNTYxOTM4NzljNDY2ODg3YTY4ZjM1MGJkNjViZTcxMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxRXaUpmDt60swhXm5192CZlSG6F
0NEK7y8a2O02kRxBl6F+15xDiZKeffY7u+YSKtdIQaotEOBwQ+gvrsVA4HIVsMWy
0MlTVqlz/CHV1t6+pRuphXqfvgLHgvcKJLgu2eCyfvwkI+tZoF1rhBSON/fwqfv5
v9DalQxAjUJeOzPGBrYUjmdkQFXSwkKLdBDf7NBBgvAssuGQFBPHk3LWxjO1bicQ
E6t8qIVHjC2Bmp+rqgJQXhUgHZCWt+qhlUj8d9Wsqwra7esVE7S4C4D4pxmUf2d8
Ij1HY5a3RqVceYvO+HNkzBCVEwbr6MqjeGDl9VIS+5bgbjUHgirghlDbdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHr5N6Vhk4ecRmiHpo81C9Zb5xBMMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMhui0dC
H1l2QCMtc+qq6wM/HKi0oKaoLHrhLqCONSS6hZ2HWDIU/JbWSPWDn0iwPYP0At4p
tdyBFZsoGPVIIUbW/YI5DmhMOHKbivS7ZTr/ksJteiaXOn+NOVbauOzdWhKRxG8w
peRqTkPNajRZ4/5i3DmNbV6SxYCOJTVn9n+056bTbmJLbKjkmmwWxvXX9tIp9Vfk
Yi6nwBeGM71ttctFRZqP03hcyMqWs5KTm7f+s5NoGL4q6vt/LcnhsZ4JI2o492ow
feGBM4JFH77XCc0O7N7gD9wFJ3H/uKKrSjvMi2DDCB/3YNQkcjys3jRODkrmgbhc
jewhXebq/5MkSw==
-----END CERTIFICATE-----