Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          3myWXpdPotDGyf0QL55NrD8uZpnjpqk+Yxfx926+o8s=
Subject key identifier:   57:6A:CA:62:D2:70:43:0F:25:96:EA:65:80:2F:1B:81:4B:27:63:5C
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       0196760C668DE484FE881BEA0680432B907E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          0653
Signing time:             Sun 27 Apr 2025 07:00:46 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:46 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:46 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: JfxIJo6qgBEmq5LFpdaJMbkqnNlLy7U2RUfcKnTE+wo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:66:8d:e4:84:fe:88:1b:ea:06:80:43:2b:90:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Apr 27 07:00:46 2025 GMT
            Not After : Apr 28 07:00:46 2025 GMT
        Subject: CN=576aca62d270430f2596ea65802f1b814b27635c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a9:6b:e0:74:36:e2:50:fc:55:51:f2:0c:8b:
                    d1:cd:20:18:a6:48:40:22:2f:69:75:c1:d5:c1:9f:
                    11:a3:a9:de:13:2e:d8:ee:7c:28:28:d6:6a:7c:c0:
                    87:1a:bc:ee:e6:25:6c:81:b5:ae:79:f8:d5:01:d0:
                    3b:6b:de:b4:06:5b:09:88:12:71:d1:33:b0:04:dc:
                    a6:6f:70:75:ed:ca:f9:5c:8a:ee:f8:0d:1c:b5:1a:
                    3d:df:49:02:19:ad:bb:24:46:62:b1:7d:fb:d5:c5:
                    f8:93:e5:21:bd:f6:2a:eb:3c:30:f6:67:01:08:6c:
                    78:99:b0:53:f7:ff:fc:66:a5:f0:07:3a:f5:ae:52:
                    a8:6c:40:a2:6f:6a:c0:19:76:4a:44:27:68:51:1c:
                    ed:ee:62:b7:8d:34:aa:f0:b4:1a:6d:e7:f5:a4:3a:
                    fd:19:3f:f1:d3:5e:47:24:87:2a:f0:83:8f:04:2f:
                    68:c6:5f:5e:5a:1b:e7:d5:99:22:7e:58:b4:93:79:
                    1a:90:e3:be:66:f4:1e:aa:85:9f:ba:c1:d9:a1:94:
                    4f:a5:40:8c:b1:80:95:c2:f0:33:65:20:ed:6c:5c:
                    5d:76:cc:3a:9f:ea:4e:8c:f6:43:ce:d0:7b:20:5e:
                    b6:e7:31:03:12:07:23:27:75:eb:03:6a:76:fb:09:
                    b4:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:6A:CA:62:D2:70:43:0F:25:96:EA:65:80:2F:1B:81:4B:27:63:5C
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:af:97:bd:99:49:42:d3:56:55:28:a0:2e:72:41:af:f4:a9:
         c5:36:99:25:c8:74:90:80:f7:34:50:89:05:1d:e2:12:b2:85:
         9a:5f:d1:46:b4:e6:2d:7c:ba:6e:99:1e:70:da:d9:ff:54:ec:
         7b:3b:3a:74:5c:9e:e2:81:aa:65:a3:16:e2:8e:25:03:22:59:
         b4:0a:dd:36:53:a0:00:f2:5a:4c:7e:5c:0b:de:64:5d:9a:90:
         8c:15:da:5e:33:b4:64:13:74:1d:1e:de:b3:60:2e:08:e3:19:
         3e:55:58:d1:d9:e2:d0:88:0c:91:72:f8:85:87:91:b6:eb:bb:
         d0:10:e8:16:2d:1c:a9:9c:0e:6e:15:72:9b:05:cc:c2:5f:03:
         c8:86:e1:ab:44:9a:55:fc:77:c3:35:32:31:e0:9f:5e:a8:cf:
         0f:29:8c:e4:a7:45:92:86:f7:61:7a:10:93:cd:97:97:ba:ec:
         24:25:f9:34:b8:f1:29:9d:b3:d0:f5:a6:27:ed:ca:74:58:e9:
         db:77:45:a8:08:1e:eb:5c:46:7a:74:43:9e:bd:66:3c:39:22:
         04:8b:4d:8a:70:33:d4:72:ba:56:59:6d:9d:90:2b:e9:e1:24:
         81:22:91:d7:5e:e0:3e:eb:c2:b0:d0:dc:a1:1d:cc:c0:14:58:
         82:40:92:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DGaN5IT+iBvqBoBDK5B+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUwNDI3MDcwMDQ2WhcNMjUwNDI4MDcwMDQ2WjAzMTEwLwYDVQQD
Eyg1NzZhY2E2MmQyNzA0MzBmMjU5NmVhNjU4MDJmMWI4MTRiMjc2MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6lr4HQ24lD8VVHyDIvRzSAYpkhA
Ii9pdcHVwZ8Ro6neEy7Y7nwoKNZqfMCHGrzu5iVsgbWuefjVAdA7a960BlsJiBJx
0TOwBNymb3B17cr5XIru+A0ctRo930kCGa27JEZisX371cX4k+UhvfYq6zww9mcB
CGx4mbBT9//8ZqXwBzr1rlKobECib2rAGXZKRCdoURzt7mK3jTSq8LQabef1pDr9
GT/x015HJIcq8IOPBC9oxl9eWhvn1Zkifli0k3kakOO+ZvQeqoWfusHZoZRPpUCM
sYCVwvAzZSDtbFxddsw6n+pOjPZDztB7IF625zEDEgcjJ3XrA2p2+wm0AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdqymLScEMPJZbqZYAvG4FLJ2NcMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZK+XvZlJ
QtNWVSigLnJBr/SpxTaZJch0kID3NFCJBR3iErKFml/RRrTmLXy6bpkecNrZ/1Ts
ezs6dFye4oGqZaMW4o4lAyJZtArdNlOgAPJaTH5cC95kXZqQjBXaXjO0ZBN0HR7e
s2AuCOMZPlVY0dni0IgMkXL4hYeRtuu70BDoFi0cqZwObhVymwXMwl8DyIbhq0Sa
Vfx3wzUyMeCfXqjPDymM5KdFkob3YXoQk82Xl7rsJCX5NLjxKZ2z0PWmJ+3KdFjp
23dFqAge61xGenRDnr1mPDkiBItNinAz1HK6VlltnZAr6eEkgSKR117gPuvCsNDc
oR3MwBRYgkCSAg==
-----END CERTIFICATE-----