Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          8zXadRheGzK01/b3ZFtDgNnTpq/Rc6IqcC1wKkkz2PU=
Subject key identifier:   0D:58:92:CA:47:B4:FA:1F:77:88:A5:1D:B1:BE:1A:54:12:3A:D2:27
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       01976A05A59351B42A8C4A799C4B618F4358
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          033C
Signing time:             Fri 13 Jun 2025 16:00:44 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:44 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:44 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: n/ylg4LXeQZ5VWm+jdVF0rquQ/Gx8H5zZT4EpJk2X+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:a5:93:51:b4:2a:8c:4a:79:9c:4b:61:8f:43:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Jun 13 16:00:44 2025 GMT
            Not After : Jun 14 16:00:44 2025 GMT
        Subject: CN=0d5892ca47b4fa1f7788a51db1be1a54123ad227
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f6:d3:33:5b:76:79:4b:ec:5d:4b:6a:5e:3c:
                    0b:f7:e8:e8:19:c8:e7:68:de:20:13:30:45:31:02:
                    31:4a:66:f3:5f:bd:72:45:fd:fe:f7:a7:74:b6:4f:
                    a6:61:a4:8e:9e:18:a1:d7:cf:ab:96:7b:1b:ee:ea:
                    09:f7:e9:f6:ec:a6:46:fe:01:c9:13:b4:20:b1:f1:
                    ee:9c:4c:a0:e3:71:b0:11:a6:b6:32:c0:76:f3:d4:
                    e4:81:31:da:07:58:96:62:2f:16:9d:9f:10:05:3b:
                    c7:7b:05:22:ef:0e:29:8a:ee:0d:9f:6d:f9:fd:30:
                    1f:b9:f0:f6:2c:37:e2:01:c4:9d:d0:bf:a0:bd:c9:
                    fa:9d:fb:ee:99:3c:b0:de:ee:90:57:7a:4d:3c:2f:
                    59:1d:83:73:0b:8f:46:be:00:95:6d:45:a9:23:5b:
                    12:fd:92:e8:f3:ae:8b:6a:db:b8:aa:35:32:85:68:
                    a7:be:53:96:7e:84:7e:e5:4f:fd:9c:12:31:8e:a4:
                    3b:be:e1:f2:f3:70:62:c1:46:38:90:49:44:2a:ad:
                    4a:ad:58:f1:17:23:3f:0f:69:a4:49:69:b1:84:50:
                    0d:3d:ff:b5:e4:f6:5c:be:6d:fd:d5:fa:63:33:de:
                    94:43:ff:f3:83:26:86:94:58:56:b4:cd:00:4a:8e:
                    bc:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:58:92:CA:47:B4:FA:1F:77:88:A5:1D:B1:BE:1A:54:12:3A:D2:27
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:0f:a2:99:4c:fa:a6:df:ff:96:81:3a:23:e9:da:53:57:0d:
         77:5a:a1:c5:03:a0:36:56:56:40:d8:75:06:31:3f:f4:30:ab:
         34:45:93:97:2a:68:0f:9d:08:64:11:24:55:d5:2f:fc:c9:7e:
         5f:2b:cd:a1:75:33:68:c1:f7:01:39:f4:12:8c:17:f0:48:d1:
         0b:0f:78:26:c1:a8:ee:66:3a:a5:21:a9:92:ee:99:27:63:74:
         cc:b5:43:d3:ff:af:e3:7a:2c:6e:8a:a7:9a:6a:6a:03:17:21:
         7b:0f:48:e4:1b:0c:53:da:5c:cf:86:86:9c:7c:08:96:d3:dc:
         af:f7:1c:c5:23:fb:5f:b5:3b:d5:87:6d:0b:1d:96:3d:52:1d:
         89:09:62:33:03:a5:7f:bd:87:fa:5b:22:45:13:a0:da:6d:5d:
         34:81:34:71:28:f4:72:92:04:dd:d4:fd:e1:cc:69:62:21:53:
         0b:3a:53:77:4c:19:ce:50:7e:1a:d7:c7:6e:f7:44:73:bd:94:
         84:69:58:38:c4:6d:09:74:c1:b7:cc:1a:9d:a0:a5:60:d5:0c:
         9a:93:ce:6c:fc:5b:d5:cc:96:ed:00:26:21:31:9c:51:dc:ae:
         30:09:fc:ce:b1:7a:10:18:9d:51:9d:e2:d5:d9:82:d7:9d:ac:
         e2:7f:a6:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBaWTUbQqjEp5nEthj0NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjUwNjEzMTYwMDQ0WhcNMjUwNjE0MTYwMDQ0WjAzMTEwLwYDVQQD
EygwZDU4OTJjYTQ3YjRmYTFmNzc4OGE1MWRiMWJlMWE1NDEyM2FkMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPbTM1t2eUvsXUtqXjwL9+joGcjn
aN4gEzBFMQIxSmbzX71yRf3+96d0tk+mYaSOnhih18+rlnsb7uoJ9+n27KZG/gHJ
E7QgsfHunEyg43GwEaa2MsB289TkgTHaB1iWYi8WnZ8QBTvHewUi7w4piu4Nn235
/TAfufD2LDfiAcSd0L+gvcn6nfvumTyw3u6QV3pNPC9ZHYNzC49GvgCVbUWpI1sS
/ZLo866Latu4qjUyhWinvlOWfoR+5U/9nBIxjqQ7vuHy83BiwUY4kElEKq1KrVjx
FyM/D2mkSWmxhFANPf+15PZcvm391fpjM96UQ//zgyaGlFhWtM0ASo68sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1YkspHtPofd4ilHbG+GlQSOtInMB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcA+imUz6
pt//loE6I+naU1cNd1qhxQOgNlZWQNh1BjE/9DCrNEWTlypoD50IZBEkVdUv/Ml+
XyvNoXUzaMH3ATn0EowX8EjRCw94JsGo7mY6pSGpku6ZJ2N0zLVD0/+v43osboqn
mmpqAxchew9I5BsMU9pcz4aGnHwIltPcr/ccxSP7X7U71YdtCx2WPVIdiQliMwOl
f72H+lsiRROg2m1dNIE0cSj0cpIE3dT94cxpYiFTCzpTd0wZzlB+GtfHbvdEc72U
hGlYOMRtCXTBt8wanaClYNUMmpPObPxb1cyW7QAmITGcUdyuMAn8zrF6EBidUZ3i
1dmC152s4n+mvA==
-----END CERTIFICATE-----