Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          yVFMQ3V5fZGEH8wG4hmC2kZT09/iGNAHGj0LUq0Lnis=
Subject key identifier:   EE:F7:63:69:DB:6A:FD:74:5D:C9:1B:07:CB:11:B8:DF:1E:DE:22:89
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       01977C0BF7C159D509DB0249672C3D85ADE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          075D
Signing time:             Tue 17 Jun 2025 04:00:48 +0000
Manifest this update:     Tue 17 Jun 2025 04:00:48 +0000
Manifest next update:     Wed 18 Jun 2025 04:00:48 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: L1pqL9PkCV3RdDfkraCGuOd6NfqvkhupPXSsr3GAtI4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 18 Jun 2025 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7c:0b:f7:c1:59:d5:09:db:02:49:67:2c:3d:85:ad:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Jun 17 04:00:48 2025 GMT
            Not After : Jun 18 04:00:48 2025 GMT
        Subject: CN=eef76369db6afd745dc91b07cb11b8df1ede2289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a3:56:05:69:4e:73:f0:44:da:06:81:64:03:
                    60:b9:36:d8:a5:fe:25:3c:7f:d8:1b:86:04:c7:41:
                    f4:0c:50:2e:14:54:e8:7b:42:a4:fc:be:85:50:30:
                    7f:fb:13:70:8d:c8:b2:22:a8:71:45:5d:e3:4f:cf:
                    8a:08:cc:fc:7f:f5:2b:94:6e:60:7d:77:c1:e2:06:
                    bd:0f:b6:17:71:74:8b:d9:8a:5a:f8:e4:2a:9c:ac:
                    55:30:da:77:6d:c8:bb:ea:c6:39:4a:99:6b:fe:93:
                    34:b7:c4:c5:b0:2c:2e:4b:e7:d5:79:81:4c:92:11:
                    68:d0:f2:17:0b:eb:1d:c3:eb:94:80:fd:37:cc:b9:
                    49:7f:ba:79:42:77:84:35:72:72:5f:fd:1d:ec:dc:
                    f6:33:31:28:07:29:c1:fe:71:73:91:72:b1:0d:19:
                    2d:f2:e3:3c:dc:71:e0:43:48:e8:24:65:74:0b:a2:
                    26:d5:ff:40:c1:4c:9c:b0:b5:3d:51:10:04:6f:a0:
                    a7:71:65:ea:97:a8:f8:e8:a1:34:e0:b0:ce:8d:5d:
                    81:d2:df:03:64:aa:9d:0c:c8:88:41:d3:56:52:e0:
                    b6:07:03:19:27:12:69:9f:21:86:d2:c9:8b:ec:24:
                    b4:c7:7d:31:c0:c9:7f:db:58:80:d9:5e:47:df:ac:
                    db:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:F7:63:69:DB:6A:FD:74:5D:C9:1B:07:CB:11:B8:DF:1E:DE:22:89
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:7a:dd:55:41:62:ad:20:dd:f9:f3:8b:b2:53:75:29:ab:b3:
         dd:f5:39:b3:61:25:07:fe:44:8d:c1:b5:73:ab:b9:39:3e:29:
         23:99:f1:76:a5:dd:dc:f1:8d:5e:ee:6e:4c:71:d3:fb:a8:1d:
         ed:3d:99:64:28:36:96:11:55:a7:d2:27:df:e7:93:e3:3b:ec:
         db:ce:5e:6e:e4:0b:c0:26:a2:f3:5b:b9:05:6d:30:63:ff:57:
         3b:68:05:93:98:a5:4e:41:04:69:c9:83:8f:bb:bc:4c:f2:3f:
         53:b3:11:97:ea:42:f4:8d:0a:74:f3:e1:39:88:1b:a7:aa:17:
         82:ff:3f:ea:8c:98:7b:df:62:8b:20:ed:f3:03:91:eb:ed:9d:
         6b:20:85:c7:a2:c7:1b:41:5f:29:3c:d9:0f:05:1b:c5:6c:8d:
         80:b5:84:57:12:6f:37:9e:47:2c:40:9e:2d:9c:d8:ae:dc:c8:
         38:37:e0:7b:5e:dd:c8:7a:df:41:0c:84:9d:09:c7:9f:a3:70:
         29:09:bd:59:31:89:8b:13:46:d6:9b:aa:2b:34:ea:fb:16:5e:
         7a:85:e7:ed:94:c2:ed:cd:d5:b1:17:ee:ab:91:51:20:1c:47:
         57:42:ba:b9:57:0e:99:4c:d1:da:78:f1:b7:01:04:db:e1:19:
         b0:a2:1b:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd8C/fBWdUJ2wJJZyw9ha3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjUwNjE3MDQwMDQ4WhcNMjUwNjE4MDQwMDQ4WjAzMTEwLwYDVQQD
EyhlZWY3NjM2OWRiNmFmZDc0NWRjOTFiMDdjYjExYjhkZjFlZGUyMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6NWBWlOc/BE2gaBZANguTbYpf4l
PH/YG4YEx0H0DFAuFFToe0Kk/L6FUDB/+xNwjciyIqhxRV3jT8+KCMz8f/UrlG5g
fXfB4ga9D7YXcXSL2Ypa+OQqnKxVMNp3bci76sY5Splr/pM0t8TFsCwuS+fVeYFM
khFo0PIXC+sdw+uUgP03zLlJf7p5QneENXJyX/0d7Nz2MzEoBynB/nFzkXKxDRkt
8uM83HHgQ0joJGV0C6Im1f9AwUycsLU9URAEb6CncWXql6j46KE04LDOjV2B0t8D
ZKqdDMiIQdNWUuC2BwMZJxJpnyGG0smL7CS0x30xwMl/21iA2V5H36zb3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO73Y2nbav10XckbB8sRuN8e3iKJMB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnrdVUFi
rSDd+fOLslN1Kauz3fU5s2ElB/5EjcG1c6u5OT4pI5nxdqXd3PGNXu5uTHHT+6gd
7T2ZZCg2lhFVp9In3+eT4zvs285ebuQLwCai81u5BW0wY/9XO2gFk5ilTkEEacmD
j7u8TPI/U7MRl+pC9I0KdPPhOYgbp6oXgv8/6oyYe99iiyDt8wOR6+2dayCFx6LH
G0FfKTzZDwUbxWyNgLWEVxJvN55HLECeLZzYrtzIODfge17dyHrfQQyEnQnHn6Nw
KQm9WTGJixNG1puqKzTq+xZeeoXn7ZTC7c3VsRfuq5FRIBxHV0K6uVcOmUzR2njx
twEE2+EZsKIbVQ==
-----END CERTIFICATE-----