Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          TEUVqin97sBHh7Yh+uiJwrV2QPjU0mopVs9GbAW+2TE=
Subject key identifier:   37:90:8D:4F:DB:AD:2B:FE:3A:04:54:D0:7A:CF:8D:1C:BA:37:24:DD
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       019A503E44B87B2441A8E7B6944B76D7EE98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          08D4
Signing time:             Tue 04 Nov 2025 19:00:49 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:49 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:49 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: m2mr6m1dvxQJL1rNmnhMnziEsT0xMOcDYN0IpuhbW/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:44:b8:7b:24:41:a8:e7:b6:94:4b:76:d7:ee:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Nov  4 19:00:49 2025 GMT
            Not After : Nov  5 19:00:49 2025 GMT
        Subject: CN=37908d4fdbad2bfe3a0454d07acf8d1cba3724dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:35:e2:48:31:09:bf:51:d9:9a:aa:47:26:db:
                    c8:c7:dc:ee:07:0d:b8:f6:11:59:40:b3:06:e2:d9:
                    64:53:d4:b6:8e:7b:12:fe:18:db:97:e9:a9:a2:db:
                    6e:8a:b3:57:da:03:fe:d0:93:6b:35:21:47:71:98:
                    50:c2:91:dd:0e:90:16:9a:9b:c8:15:24:7b:ce:6a:
                    87:81:82:1e:e0:c1:67:bb:e4:94:6a:9d:85:da:50:
                    49:16:50:5d:5a:ee:3d:77:92:b9:eb:92:c0:d2:7a:
                    9c:5f:93:f0:38:85:36:e4:b5:31:be:84:a8:3f:b6:
                    16:7f:32:c0:10:b7:f6:ac:d0:3d:74:3c:8b:a1:5a:
                    91:08:0d:a4:13:7d:b3:4e:42:4b:89:c7:dc:2c:1f:
                    9b:cc:f0:24:7f:ef:a5:93:4e:85:0f:4b:66:43:64:
                    49:35:ca:0a:a0:22:62:09:84:61:6f:c0:0d:d9:e5:
                    51:17:06:8c:58:34:5f:a0:c4:6b:ff:a1:5c:cd:20:
                    a1:8a:1b:a8:0b:14:0b:bc:91:61:94:f9:80:42:95:
                    b5:27:64:91:31:b3:d9:ef:61:15:c3:3c:f2:3d:02:
                    87:5c:74:29:80:36:8c:59:5f:95:f6:2d:bc:ea:63:
                    3a:db:a4:4e:bd:44:e2:b0:ed:1f:78:4a:77:80:3f:
                    cc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:90:8D:4F:DB:AD:2B:FE:3A:04:54:D0:7A:CF:8D:1C:BA:37:24:DD
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:6d:8f:b0:6f:b1:05:88:b6:0f:a7:0c:f0:09:63:da:19:66:
         19:93:9d:d1:69:6b:0b:9a:b1:7a:da:b1:ef:21:e1:a3:6d:8f:
         21:99:45:bb:29:c0:6b:c5:7f:79:0f:a9:f6:37:95:df:72:8e:
         9e:2d:bf:8b:a2:51:db:d9:11:83:bb:87:70:68:66:82:f9:1b:
         de:14:db:a4:3a:a2:2c:a8:80:83:4d:e0:7d:c3:86:90:18:ec:
         d6:dd:e3:d3:e4:f2:d1:ab:7a:b3:5c:8b:ae:6f:c3:23:b5:d4:
         1f:6c:1a:88:24:15:1f:00:4e:e2:58:9b:50:13:9f:ed:1b:db:
         19:e1:de:c4:d6:b8:13:c5:6e:6e:8e:57:31:35:67:c9:d3:40:
         f1:81:42:9f:4b:d5:35:5e:f5:af:b9:32:6e:b1:cd:ad:60:33:
         bc:3a:2d:76:0b:04:37:09:7c:5b:f5:3a:a7:f4:7b:c0:41:b0:
         41:ad:16:a6:87:fd:77:03:b6:c6:53:9a:25:6d:c9:05:f7:da:
         ec:0e:a7:40:68:74:c1:7e:a5:7d:00:10:5b:fa:f9:a1:0d:d9:
         b3:05:a8:85:33:54:4c:c6:25:e2:ef:9f:77:db:06:b9:25:a3:
         d0:67:15:62:2c:28:23:4b:9c:94:b0:e5:08:09:b4:e6:07:16:
         d4:31:91:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPkS4eyRBqOe2lEt21+6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjUxMTA0MTkwMDQ5WhcNMjUxMTA1MTkwMDQ5WjAzMTEwLwYDVQQD
EygzNzkwOGQ0ZmRiYWQyYmZlM2EwNDU0ZDA3YWNmOGQxY2JhMzcyNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTXiSDEJv1HZmqpHJtvIx9zuBw24
9hFZQLMG4tlkU9S2jnsS/hjbl+mpottuirNX2gP+0JNrNSFHcZhQwpHdDpAWmpvI
FSR7zmqHgYIe4MFnu+SUap2F2lBJFlBdWu49d5K565LA0nqcX5PwOIU25LUxvoSo
P7YWfzLAELf2rNA9dDyLoVqRCA2kE32zTkJLicfcLB+bzPAkf++lk06FD0tmQ2RJ
NcoKoCJiCYRhb8AN2eVRFwaMWDRfoMRr/6FczSChihuoCxQLvJFhlPmAQpW1J2SR
MbPZ72EVwzzyPQKHXHQpgDaMWV+V9i286mM626ROvUTisO0feEp3gD/MlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDeQjU/brSv+OgRU0HrPjRy6NyTdMB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH22PsG+x
BYi2D6cM8Alj2hlmGZOd0WlrC5qxetqx7yHho22PIZlFuynAa8V/eQ+p9jeV33KO
ni2/i6JR29kRg7uHcGhmgvkb3hTbpDqiLKiAg03gfcOGkBjs1t3j0+Ty0at6s1yL
rm/DI7XUH2waiCQVHwBO4libUBOf7RvbGeHexNa4E8Vubo5XMTVnydNA8YFCn0vV
NV71r7kybrHNrWAzvDotdgsENwl8W/U6p/R7wEGwQa0Wpof9dwO2xlOaJW3JBffa
7A6nQGh0wX6lfQAQW/r5oQ3ZswWohTNUTMYl4u+fd9sGuSWj0GcVYiwoI0uclLDl
CAm05gcW1DGR5w==
-----END CERTIFICATE-----