Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
File:                     iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json)
Hash identifier:          iTuPTuJCLKVchiA5gulDNyOx/Rc6ktEJafVsAo+pZNc=
Subject key identifier:   2A:3E:9A:CE:DF:C9:5F:E6:AE:2B:E7:DC:82:7E:A4:D1:B4:84:0F:D4
Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A
Certificate issuer:       /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
Certificate serial:       019768F3241DF7707934904673DC625BD5CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
Manifest number:          044E
Signing time:             Fri 13 Jun 2025 11:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 11:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 11:00:54 +0000
Files and hashes:         1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: ++nx4Lco5nT3SlMAgbi5BDTai6Unz5odS/ZY5ZLDY6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 11:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:f3:24:1d:f7:70:79:34:90:46:73:dc:62:5b:d5:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
        Validity
            Not Before: Jun 13 11:00:54 2025 GMT
            Not After : Jun 14 11:00:54 2025 GMT
        Subject: CN=2a3e9acedfc95fe6ae2be7dc827ea4d1b4840fd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f1:7a:b9:8b:40:71:35:16:31:88:db:49:00:
                    98:4e:f2:be:75:13:a7:ac:30:eb:fc:60:b5:e7:6c:
                    9f:4e:e2:6e:62:14:d9:9d:98:47:25:fa:76:da:21:
                    7c:f4:34:73:aa:31:f0:6e:87:ef:48:ca:dc:d1:c7:
                    06:7b:f3:a9:c0:a5:b4:79:86:2c:db:e2:49:f1:9c:
                    ce:a4:9e:b9:b2:fc:c5:d2:11:9c:4b:3c:81:f5:be:
                    a0:ff:01:65:13:8d:94:7a:00:0e:ab:ef:dc:14:c9:
                    63:43:1b:12:68:a5:9c:64:04:29:dc:56:17:83:b1:
                    3e:7e:5c:d1:61:13:aa:03:e8:ab:9e:e9:41:26:b3:
                    b5:e3:42:11:86:74:41:4b:8d:af:b3:d9:fe:bb:d9:
                    98:f2:0e:cc:4f:f4:c8:df:4d:84:79:92:0e:21:55:
                    dd:4f:55:2d:47:f1:a7:a4:9c:bd:f0:4e:73:20:c8:
                    1f:de:a3:be:b1:8b:1c:3c:71:fa:54:df:42:54:e8:
                    75:14:5f:40:a9:3c:37:75:ef:84:c0:81:df:e1:ba:
                    ac:f0:78:fb:99:23:fe:38:5d:52:a5:f6:71:42:b0:
                    1d:ea:b3:92:08:e1:a1:2a:b2:e2:94:0d:98:a3:2b:
                    1f:aa:c6:8c:c3:e2:d8:61:f8:88:39:01:97:b6:b9:
                    07:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:3E:9A:CE:DF:C9:5F:E6:AE:2B:E7:DC:82:7E:A4:D1:B4:84:0F:D4
            X509v3 Authority Key Identifier:
                keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:3b:20:31:0a:d6:f4:7f:5d:4e:26:d4:3f:fd:56:7c:76:ed:
         ce:8e:2e:2f:eb:91:d6:5e:1d:1a:8f:98:99:a0:06:76:8e:94:
         2d:d8:8c:31:1d:1d:f2:29:08:e1:fe:14:4c:4a:db:03:c5:d0:
         10:b3:9d:ea:4f:a6:14:26:19:ef:57:2c:41:63:69:cb:e1:c3:
         74:d8:07:6d:33:c0:81:c6:c1:b5:c1:86:eb:6b:76:0d:10:0c:
         45:10:eb:fe:a0:89:0a:07:54:9f:ec:f7:27:c0:ca:df:fb:38:
         7a:a6:31:90:e6:2b:32:4e:b0:60:ee:66:16:68:1a:ce:11:a5:
         19:2f:56:78:00:f8:a4:c9:ba:b9:9a:d8:49:e9:84:f6:00:1c:
         72:00:40:47:e8:07:91:3b:3a:78:37:72:c2:6d:cf:5f:51:c6:
         da:14:a7:34:ec:dc:b5:7e:2e:b7:c0:ad:3d:42:f3:b2:cf:8f:
         82:1c:09:00:5f:fa:f4:ae:3e:87:e5:53:a6:bd:1b:87:b8:a5:
         bd:c9:07:2d:1b:cd:6b:6e:45:76:e1:b0:e3:6d:25:02:c6:85:
         cd:7e:5d:82:14:ca:15:21:60:68:a3:9d:85:38:e9:05:c3:c4:
         f5:31:4d:a6:cc:d1:3d:e4:ed:7d:08:fc:ad:41:5b:60:fb:a9:
         a2:f9:77:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8yQd93B5NJBGc9xiW9XPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm
ZjQ1OGEwHhcNMjUwNjEzMTEwMDU0WhcNMjUwNjE0MTEwMDU0WjAzMTEwLwYDVQQD
EygyYTNlOWFjZWRmYzk1ZmU2YWUyYmU3ZGM4MjdlYTRkMWI0ODQwZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfF6uYtAcTUWMYjbSQCYTvK+dROn
rDDr/GC152yfTuJuYhTZnZhHJfp22iF89DRzqjHwbofvSMrc0ccGe/OpwKW0eYYs
2+JJ8ZzOpJ65svzF0hGcSzyB9b6g/wFlE42UegAOq+/cFMljQxsSaKWcZAQp3FYX
g7E+flzRYROqA+irnulBJrO140IRhnRBS42vs9n+u9mY8g7MT/TI302EeZIOIVXd
T1UtR/GnpJy98E5zIMgf3qO+sYscPHH6VN9CVOh1FF9AqTw3de+EwIHf4bqs8Hj7
mSP+OF1SpfZxQrAd6rOSCOGhKrLilA2YoysfqsaMw+LYYfiIOQGXtrkHDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCo+ms7fyV/mrivn3IJ+pNG0hA/UMB8GA1UdIwQY
MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt
YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy
LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtTsgMQrW
9H9dTibUP/1WfHbtzo4uL+uR1l4dGo+YmaAGdo6ULdiMMR0d8ikI4f4UTErbA8XQ
ELOd6k+mFCYZ71csQWNpy+HDdNgHbTPAgcbBtcGG62t2DRAMRRDr/qCJCgdUn+z3
J8DK3/s4eqYxkOYrMk6wYO5mFmgazhGlGS9WeAD4pMm6uZrYSemE9gAccgBAR+gH
kTs6eDdywm3PX1HG2hSnNOzctX4ut8CtPULzss+PghwJAF/69K4+h+VTpr0bh7il
vckHLRvNa25FduGw420lAsaFzX5dghTKFSFgaKOdhTjpBcPE9TFNpszRPeTtfQj8
rUFbYPupovl3dA==
-----END CERTIFICATE-----