Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
File:                     I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft (raw, json)
Hash identifier:          2KsCHDDO9RUgMwPSkbf16v3voSKHreOeMQvHnym+EX0=
Subject key identifier:   FC:31:2B:B9:3B:C4:D2:A6:5C:A1:1D:2B:1F:67:11:42:2B:1D:EB:10
Authority key identifier: 23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8
Certificate issuer:       /CN=2393ff21c6f7310757a9dcd781da8805f23794d8
Certificate serial:       01974A7A8467066D36723E80FF48B06B01C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
Manifest number:          08C5
Signing time:             Sat 07 Jun 2025 13:00:32 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:32 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:32 +0000
Files and hashes:         1: I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl (hash: 9sg8oPHN66PiQsnnL8dwH73yGBxJSRREtsaW0VOuCZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:84:67:06:6d:36:72:3e:80:ff:48:b0:6b:01:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2393ff21c6f7310757a9dcd781da8805f23794d8
        Validity
            Not Before: Jun  7 13:00:32 2025 GMT
            Not After : Jun  8 13:00:32 2025 GMT
        Subject: CN=fc312bb93bc4d2a65ca11d2b1f6711422b1deb10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:6a:9f:b4:58:f3:bc:8e:45:1c:db:73:54:a2:
                    a2:c8:5d:ca:98:f9:03:74:29:e3:2d:e9:c4:a3:13:
                    c0:41:47:72:b9:34:39:1e:ac:0e:ef:b6:02:f5:c3:
                    a8:93:47:32:dd:aa:9b:47:52:ad:79:5b:c2:6e:41:
                    ef:36:7f:3d:88:b6:1a:62:ef:ce:f2:68:5d:6f:f8:
                    1b:ac:31:05:31:c9:70:1e:69:8f:fa:8d:4d:96:91:
                    79:bc:93:17:1f:ce:b9:4c:88:db:cc:bc:2c:ed:4d:
                    e6:94:de:c6:64:dc:28:4f:cf:e1:bf:b8:49:c5:6c:
                    9f:32:03:52:7e:b0:bb:6f:c5:e4:84:8f:20:16:e3:
                    fe:5d:f3:c9:a8:29:c5:27:07:04:6a:8a:9b:c0:97:
                    6f:95:47:92:d5:96:f9:5e:50:08:58:93:d9:df:10:
                    05:4e:a0:9e:fc:a7:7a:a5:fd:2e:8a:42:96:54:aa:
                    6e:69:cf:b1:4e:d4:ba:d4:ea:c6:f6:cd:72:fe:4f:
                    3c:29:41:4f:0d:c9:30:44:fa:2f:35:21:63:56:3f:
                    fb:2b:bd:a5:ff:f1:3a:ef:9b:33:28:99:06:4a:34:
                    8a:68:c7:ab:fe:64:f7:e2:e5:37:69:1f:12:6c:0f:
                    07:ef:8b:e4:7a:c8:93:d3:d3:05:cb:cd:ff:ab:3f:
                    e6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:31:2B:B9:3B:C4:D2:A6:5C:A1:1D:2B:1F:67:11:42:2B:1D:EB:10
            X509v3 Authority Key Identifier:
                keyid:23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:99:b0:b0:6f:a6:25:08:fe:a6:b5:ab:77:b6:70:04:60:e5:
         ce:b1:41:46:b8:10:33:60:36:43:30:15:a7:dc:ce:90:28:4b:
         0b:a0:cc:7e:aa:0d:49:76:eb:a1:6b:d1:35:1a:89:d0:62:a3:
         23:05:ac:d0:25:d4:dc:a1:fb:16:20:dc:b9:8c:a3:05:04:61:
         97:2b:a1:3e:5f:06:cd:dd:5e:a6:b1:6a:f8:86:d9:a9:44:b5:
         3c:e9:8e:10:61:81:c7:26:14:ed:6b:50:cc:91:a7:7c:66:2e:
         40:c2:90:cb:3b:b5:d2:64:b5:8d:df:eb:78:ba:3f:25:f0:c3:
         03:a4:49:06:e3:e7:30:9d:48:f9:7a:04:8f:74:45:18:ee:24:
         ac:88:8a:f3:90:0e:d3:86:49:11:90:c0:9d:bf:97:34:68:72:
         0d:86:a0:02:41:09:95:c7:c0:f2:1d:68:8b:c3:8f:ac:f7:3a:
         95:21:6d:44:ec:8f:fc:88:a3:da:82:0a:70:6f:f9:cf:35:f2:
         17:e8:59:7d:d3:1f:1e:ae:1e:01:47:25:46:39:df:9e:e6:94:
         cd:d3:4e:5c:73:2f:6f:91:40:91:50:a1:08:1a:c4:9e:1a:11:
         0f:4c:6b:5f:c4:29:b4:f8:ba:ac:e0:0c:0e:f4:12:42:b5:71:
         35:76:27:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeoRnBm02cj6A/0iwawHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOTNmZjIxYzZmNzMxMDc1N2E5ZGNkNzgxZGE4ODA1ZjIz
Nzk0ZDgwHhcNMjUwNjA3MTMwMDMyWhcNMjUwNjA4MTMwMDMyWjAzMTEwLwYDVQQD
EyhmYzMxMmJiOTNiYzRkMmE2NWNhMTFkMmIxZjY3MTE0MjJiMWRlYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42qftFjzvI5FHNtzVKKiyF3KmPkD
dCnjLenEoxPAQUdyuTQ5HqwO77YC9cOok0cy3aqbR1KteVvCbkHvNn89iLYaYu/O
8mhdb/gbrDEFMclwHmmP+o1NlpF5vJMXH865TIjbzLws7U3mlN7GZNwoT8/hv7hJ
xWyfMgNSfrC7b8XkhI8gFuP+XfPJqCnFJwcEaoqbwJdvlUeS1Zb5XlAIWJPZ3xAF
TqCe/Kd6pf0uikKWVKpuac+xTtS61OrG9s1y/k88KUFPDckwRPovNSFjVj/7K72l
//E675szKJkGSjSKaMer/mT34uU3aR8SbA8H74vkesiT09MFy83/qz/mnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwxK7k7xNKmXKEdKx9nEUIrHesQMB8GA1UdIwQY
MBaAFCOT/yHG9zEHV6nc14HaiAXyN5TYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQt
NWIzMDYzOWJhYmY2LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQtNWIzMDYzOWJhYmY2
LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHpmwsG+m
JQj+prWrd7ZwBGDlzrFBRrgQM2A2QzAVp9zOkChLC6DMfqoNSXbroWvRNRqJ0GKj
IwWs0CXU3KH7FiDcuYyjBQRhlyuhPl8Gzd1eprFq+IbZqUS1POmOEGGBxyYU7WtQ
zJGnfGYuQMKQyzu10mS1jd/reLo/JfDDA6RJBuPnMJ1I+XoEj3RFGO4krIiK85AO
04ZJEZDAnb+XNGhyDYagAkEJlcfA8h1oi8OPrPc6lSFtROyP/Iij2oIKcG/5zzXy
F+hZfdMfHq4eAUclRjnfnuaUzdNOXHMvb5FAkVChCBrEnhoRD0xrX8QptPi6rOAM
DvQSQrVxNXYnpQ==
-----END CERTIFICATE-----