Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          2n/UJ6kJm3g4ZLAsdnX6Xo06FXUs8vHTnG1lcEBqdW4=
Subject key identifier:   66:E7:7C:B0:C1:8D:4F:17:C7:7E:06:38:A8:15:C4:3D:22:56:28:84
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       01984B554F9CCF08152BF2174583464914EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1600
Signing time:             Sun 27 Jul 2025 10:02:18 +0000
Manifest this update:     Sun 27 Jul 2025 10:02:18 +0000
Manifest next update:     Mon 28 Jul 2025 10:02:18 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: 6vihJLO4QGZDAv6SDvmhV/Olqrcva9qndJ2DOWP8POw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4b:55:4f:9c:cf:08:15:2b:f2:17:45:83:46:49:14:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Jul 27 10:02:18 2025 GMT
            Not After : Jul 28 10:02:18 2025 GMT
        Subject: CN=66e77cb0c18d4f17c77e0638a815c43d22562884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:59:52:39:bf:d4:95:74:f0:92:fc:8e:60:ba:
                    be:92:0b:28:df:58:2a:91:c1:91:7e:51:bf:31:e0:
                    55:22:b4:db:93:b8:88:89:fd:21:0b:24:8b:cb:da:
                    a1:c6:6d:16:14:d9:28:6b:88:86:d1:9a:62:c4:f6:
                    41:8e:1a:76:af:b7:ef:db:31:74:6e:8c:74:87:dc:
                    fd:16:a8:87:79:7a:a2:58:a8:97:e6:3c:15:99:49:
                    fd:39:8d:43:25:4f:75:20:bc:85:1e:45:4e:96:9c:
                    0f:e0:bf:33:01:79:bf:75:d3:46:1e:b0:1f:09:74:
                    d4:3a:52:e6:c9:78:18:58:3e:54:65:cf:cf:54:b2:
                    b8:a9:34:dd:51:ac:d0:af:f1:db:b6:eb:65:3c:f9:
                    3b:de:f7:bf:79:be:a4:e8:59:6e:a8:16:c1:68:40:
                    3f:fc:03:5d:be:00:e5:04:12:1d:82:08:ef:de:76:
                    05:b9:6e:5b:0a:ae:86:c5:bb:a7:0a:24:3a:2c:51:
                    ac:ea:9d:5b:cf:4d:f2:c4:76:06:6d:33:a8:e9:5a:
                    fb:74:10:d7:b3:c3:9c:ed:ac:18:81:ee:82:b2:ea:
                    29:31:65:b2:2b:2c:eb:83:29:a1:97:23:7c:2f:04:
                    93:f3:d4:b7:ba:ba:b0:be:e5:7a:ad:d2:46:9f:4e:
                    6a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E7:7C:B0:C1:8D:4F:17:C7:7E:06:38:A8:15:C4:3D:22:56:28:84
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:6c:49:53:70:2d:77:79:08:ea:d7:6c:dd:9e:9c:b9:66:11:
         77:20:d4:67:c5:08:6e:d6:51:ef:68:fc:40:27:61:73:d0:b1:
         2d:56:43:2b:3d:41:a9:34:2a:16:1f:0d:b6:52:13:0b:2f:b2:
         58:f5:3a:df:51:11:8c:27:97:cc:2f:4d:f5:30:e7:01:bb:48:
         64:51:46:df:2a:16:e9:11:ea:57:a9:be:12:63:bc:89:0c:55:
         47:62:be:2a:e5:22:0d:9e:ec:74:17:6c:51:ad:b9:bb:92:34:
         3f:99:0b:37:2a:32:c6:4a:4c:d2:98:7f:74:05:1a:69:ee:df:
         d5:85:2f:39:fa:a3:aa:df:0a:1f:a0:5d:0f:82:8c:1b:e9:5a:
         6b:6b:92:7e:6e:b0:3c:00:f8:34:ee:93:78:0b:33:aa:ec:62:
         40:8a:7f:76:54:1e:88:b6:e1:5c:77:65:ff:a3:9b:51:a9:55:
         3b:0b:67:0c:a1:fd:1d:06:e4:3a:e7:58:dd:af:d4:67:6a:f6:
         11:5b:c7:ff:5c:fd:af:1a:cd:71:6c:f5:2d:4d:fa:8a:50:eb:
         3a:87:5e:09:fd:0a:93:fe:4e:18:1c:94:ce:49:52:82:46:3c:
         c6:38:5a:00:14:31:77:a3:6a:f7:90:d2:bb:37:80:f3:20:13:
         c6:2e:33:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhLVU+czwgVK/IXRYNGSRTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjUwNzI3MTAwMjE4WhcNMjUwNzI4MTAwMjE4WjAzMTEwLwYDVQQD
Eyg2NmU3N2NiMGMxOGQ0ZjE3Yzc3ZTA2MzhhODE1YzQzZDIyNTYyODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFlSOb/UlXTwkvyOYLq+kgso31gq
kcGRflG/MeBVIrTbk7iIif0hCySLy9qhxm0WFNkoa4iG0ZpixPZBjhp2r7fv2zF0
box0h9z9FqiHeXqiWKiX5jwVmUn9OY1DJU91ILyFHkVOlpwP4L8zAXm/ddNGHrAf
CXTUOlLmyXgYWD5UZc/PVLK4qTTdUazQr/HbtutlPPk73ve/eb6k6FluqBbBaEA/
/ANdvgDlBBIdggjv3nYFuW5bCq6GxbunCiQ6LFGs6p1bz03yxHYGbTOo6Vr7dBDX
s8Oc7awYge6CsuopMWWyKyzrgymhlyN8LwST89S3urqwvuV6rdJGn05qPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbnfLDBjU8Xx34GOKgVxD0iViiEMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWxJU3At
d3kI6tds3Z6cuWYRdyDUZ8UIbtZR72j8QCdhc9CxLVZDKz1BqTQqFh8NtlITCy+y
WPU631ERjCeXzC9N9TDnAbtIZFFG3yoW6RHqV6m+EmO8iQxVR2K+KuUiDZ7sdBds
Ua25u5I0P5kLNyoyxkpM0ph/dAUaae7f1YUvOfqjqt8KH6BdD4KMG+laa2uSfm6w
PAD4NO6TeAszquxiQIp/dlQeiLbhXHdl/6ObUalVOwtnDKH9HQbkOudY3a/UZ2r2
EVvH/1z9rxrNcWz1LU36ilDrOodeCf0Kk/5OGByUzklSgkY8xjhaABQxd6Nq95DS
uzeA8yATxi4z3Q==
-----END CERTIFICATE-----