Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          cllxCWGSOtlV8d1fiNJJZwj28Bu9Lda96d83I21YeiA=
Subject key identifier:   84:35:5D:9D:2F:06:07:33:9A:21:3F:49:1B:E8:59:9D:D1:5B:B3:8E
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       019894B71E9F18869179223D885657405E54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1626
Signing time:             Sun 10 Aug 2025 16:01:25 +0000
Manifest this update:     Sun 10 Aug 2025 16:01:25 +0000
Manifest next update:     Mon 11 Aug 2025 16:01:25 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: GtboNUJqzP40+CcQsTCs7YJx/Wsx3iT93VZE8Tp0rAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 16:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:94:b7:1e:9f:18:86:91:79:22:3d:88:56:57:40:5e:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Aug 10 16:01:25 2025 GMT
            Not After : Aug 11 16:01:25 2025 GMT
        Subject: CN=84355d9d2f0607339a213f491be8599dd15bb38e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:43:19:b7:8e:00:d1:06:43:3e:87:fd:b1:24:
                    8a:ca:31:ad:2f:ee:90:9c:cd:1d:4c:1d:e4:7f:07:
                    d9:f6:52:b2:7a:39:e7:a8:e6:c5:41:fc:c1:be:b3:
                    20:2a:7c:c0:52:8a:75:0c:7d:08:a3:7a:12:41:bc:
                    5e:f6:c9:86:bf:db:63:3a:b4:47:cf:f1:ab:c9:86:
                    6c:66:7e:64:a0:95:c6:69:af:20:a3:bf:63:76:59:
                    7c:26:2c:35:cd:a7:d9:ef:06:56:8d:7f:7f:79:32:
                    f3:57:0d:6f:cc:ba:1c:2d:f3:d0:27:74:23:bb:18:
                    dc:fd:cf:45:15:20:50:f4:94:15:b4:1f:5b:73:f7:
                    c0:fa:d7:ae:7b:bb:a9:49:cb:9e:2b:82:19:8c:a7:
                    a8:b9:f4:9d:33:97:fb:d8:52:1c:5e:7a:6f:db:54:
                    9e:39:9b:6d:b1:11:4d:f4:02:f5:d8:54:b2:02:62:
                    64:15:da:8a:53:3f:34:66:b7:02:22:24:d2:0f:cb:
                    56:12:9e:33:5c:69:77:76:d1:65:bc:5f:e9:1c:99:
                    e7:f5:7a:aa:c2:de:54:e1:59:3c:65:71:aa:cb:85:
                    67:95:5a:7b:5d:67:05:b5:1c:17:2d:65:dd:b2:06:
                    24:a8:89:6e:07:ce:a0:01:d7:5f:0a:8e:b5:35:4c:
                    ee:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:35:5D:9D:2F:06:07:33:9A:21:3F:49:1B:E8:59:9D:D1:5B:B3:8E
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:b7:c1:a7:14:e6:0f:b4:b4:11:ca:88:cc:d8:94:8c:94:a6:
         4d:f7:61:53:9a:a3:7c:55:f5:a3:81:63:f1:4d:d9:e0:30:fc:
         2f:9a:b3:1f:c1:96:2b:3c:de:a9:95:c7:1c:4a:ec:40:29:bf:
         dd:42:fa:58:c0:18:fc:10:06:57:a7:b5:ed:96:48:49:65:32:
         1f:05:e2:72:4d:9d:98:69:5b:bf:d5:a6:cd:e4:97:d4:64:9a:
         08:86:77:1d:75:e8:1a:40:1c:c5:48:29:ff:c1:e7:53:59:7f:
         fa:82:61:ed:f4:41:51:2c:2b:49:c2:a7:9a:db:10:fe:fc:de:
         60:1f:f8:11:6e:59:89:91:c7:c6:12:89:da:9f:64:d7:12:62:
         86:db:6b:94:ef:a6:ba:fd:71:2e:8d:79:14:f7:fd:55:45:8b:
         10:96:e9:fc:80:68:ea:5b:71:6e:42:23:2a:ac:83:df:4f:66:
         79:db:12:75:11:cd:f9:e4:f3:e4:81:4b:d1:d0:4e:da:a9:a6:
         7f:57:4a:a1:73:bb:45:19:82:a8:dc:e3:c1:a6:8b:b1:06:4b:
         10:db:4d:3a:91:d0:db:48:7b:66:35:5c:70:e3:8c:95:79:c8:
         27:18:db:0a:ff:d5:d0:9b:40:ef:df:e0:d9:9f:4c:6c:f9:b8:
         52:71:77:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiUtx6fGIaReSI9iFZXQF5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUwODEwMTYwMTI1WhcNMjUwODExMTYwMTI1WjAzMTEwLwYDVQQD
Eyg4NDM1NWQ5ZDJmMDYwNzMzOWEyMTNmNDkxYmU4NTk5ZGQxNWJiMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEMZt44A0QZDPof9sSSKyjGtL+6Q
nM0dTB3kfwfZ9lKyejnnqObFQfzBvrMgKnzAUop1DH0Io3oSQbxe9smGv9tjOrRH
z/GryYZsZn5koJXGaa8go79jdll8Jiw1zafZ7wZWjX9/eTLzVw1vzLocLfPQJ3Qj
uxjc/c9FFSBQ9JQVtB9bc/fA+teue7upScueK4IZjKeoufSdM5f72FIcXnpv21Se
OZttsRFN9AL12FSyAmJkFdqKUz80ZrcCIiTSD8tWEp4zXGl3dtFlvF/pHJnn9Xqq
wt5U4Vk8ZXGqy4VnlVp7XWcFtRwXLWXdsgYkqIluB86gAddfCo61NUzuFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ1XZ0vBgczmiE/SRvoWZ3RW7OOMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqrfBpxTm
D7S0EcqIzNiUjJSmTfdhU5qjfFX1o4Fj8U3Z4DD8L5qzH8GWKzzeqZXHHErsQCm/
3UL6WMAY/BAGV6e17ZZISWUyHwXick2dmGlbv9WmzeSX1GSaCIZ3HXXoGkAcxUgp
/8HnU1l/+oJh7fRBUSwrScKnmtsQ/vzeYB/4EW5ZiZHHxhKJ2p9k1xJihttrlO+m
uv1xLo15FPf9VUWLEJbp/IBo6ltxbkIjKqyD309medsSdRHN+eTz5IFL0dBO2qmm
f1dKoXO7RRmCqNzjwaaLsQZLENtNOpHQ20h7ZjVccOOMlXnIJxjbCv/V0JtA79/g
2Z9MbPm4UnF3fQ==
-----END CERTIFICATE-----