Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          48a3E0wORA99CkuL7/KjDhDLvu2bp30K/W0WIQpoCAE=
Subject key identifier:   C8:BD:75:3D:09:DC:0E:43:93:02:E8:E3:90:60:7B:6F:15:BF:64:E2
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019921B0D736E14018AF3DE3A53D2DECF0BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0AD3
Signing time:             Sun 07 Sep 2025 01:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:01 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: u/BPNyBGx2Kb+8OCuR64eCGX8Jo0/Wv9JW+kgX34KRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:d7:36:e1:40:18:af:3d:e3:a5:3d:2d:ec:f0:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Sep  7 01:01:01 2025 GMT
            Not After : Sep  8 01:01:01 2025 GMT
        Subject: CN=c8bd753d09dc0e439302e8e390607b6f15bf64e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c0:20:3a:1c:35:f7:e1:e1:5c:7a:07:4a:0f:
                    64:b0:12:0c:47:1e:c9:6e:19:07:b8:a8:73:46:e0:
                    d4:49:e7:19:2a:6a:2c:82:5b:b6:f2:4c:ef:9d:6d:
                    01:73:c2:d5:90:28:94:0c:76:f2:34:e3:d4:ea:4b:
                    4f:a4:28:e4:fe:15:b5:58:b6:85:59:ff:48:7b:c9:
                    cc:f1:a0:aa:ed:79:f7:03:35:58:6d:11:a2:68:7d:
                    bf:4c:e0:1e:d1:3c:dd:18:43:a6:62:2a:97:56:fa:
                    88:47:e9:5f:7e:49:50:a0:24:80:36:21:00:13:13:
                    ea:77:50:ec:05:fa:99:68:a5:93:1d:a5:9e:38:a8:
                    d7:49:fe:13:88:16:06:5e:33:c0:73:b5:87:25:e3:
                    05:94:fb:62:c4:bd:24:70:e5:dd:1e:11:6c:46:7d:
                    ff:a6:1b:e6:b1:0d:19:89:f5:99:ac:cc:c4:f5:0f:
                    e3:db:52:63:39:3f:28:e3:1d:83:5c:9e:02:18:da:
                    eb:31:d8:2e:d8:e3:49:fe:07:e8:46:c0:69:ac:b1:
                    86:70:46:a2:1f:12:91:68:3a:0e:b7:99:3b:af:ba:
                    68:dd:5b:f3:f4:86:f3:49:67:79:10:51:54:6c:b0:
                    f4:ca:f0:4b:18:0d:91:28:d6:fb:5f:38:e2:1b:79:
                    6b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:BD:75:3D:09:DC:0E:43:93:02:E8:E3:90:60:7B:6F:15:BF:64:E2
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:c5:88:51:50:31:4a:39:13:30:6f:30:45:c7:96:75:bd:47:
         83:a8:22:78:33:24:35:e1:fa:8d:9b:fb:84:dc:28:f5:2d:a7:
         0a:0c:3e:c7:83:0d:fe:eb:f4:7d:00:55:c6:32:4e:69:2d:61:
         f1:42:eb:97:08:ea:9c:ea:68:3c:db:69:44:ac:9a:35:5f:ab:
         63:5c:38:80:12:a8:dd:41:d3:13:bc:82:26:e2:d3:11:f5:91:
         b1:95:86:83:c0:55:12:00:e3:99:0f:65:9a:74:0b:45:89:d4:
         c7:34:21:1c:38:d9:0c:43:13:9e:c9:77:b7:95:c8:c7:d8:68:
         a6:fc:fd:8a:b2:60:45:0b:48:a2:99:eb:e6:56:30:ba:74:c8:
         14:d7:f9:e7:2b:1d:8e:cd:28:64:a7:ed:ce:89:37:b4:4a:ba:
         93:e1:27:b0:37:5a:c3:f0:a9:ff:d2:37:65:84:7b:15:a0:7a:
         51:83:fd:5b:83:b8:e7:9f:53:44:eb:38:13:8c:65:e2:bf:a7:
         c0:9e:4f:1c:70:45:73:56:44:1a:4d:da:ab:06:b2:ee:cd:64:
         1a:65:dc:4c:1b:d7:93:a4:29:03:6b:c4:db:b3:fb:5e:90:22:
         9c:28:ea:e0:3f:c6:16:25:12:6f:ee:b0:a3:f4:c0:19:25:ad:
         21:f6:2f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsNc24UAYrz3jpT0t7PC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwOTA3MDEwMTAxWhcNMjUwOTA4MDEwMTAxWjAzMTEwLwYDVQQD
EyhjOGJkNzUzZDA5ZGMwZTQzOTMwMmU4ZTM5MDYwN2I2ZjE1YmY2NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sAgOhw19+HhXHoHSg9ksBIMRx7J
bhkHuKhzRuDUSecZKmosglu28kzvnW0Bc8LVkCiUDHbyNOPU6ktPpCjk/hW1WLaF
Wf9Ie8nM8aCq7Xn3AzVYbRGiaH2/TOAe0TzdGEOmYiqXVvqIR+lffklQoCSANiEA
ExPqd1DsBfqZaKWTHaWeOKjXSf4TiBYGXjPAc7WHJeMFlPtixL0kcOXdHhFsRn3/
phvmsQ0ZifWZrMzE9Q/j21JjOT8o4x2DXJ4CGNrrMdgu2ONJ/gfoRsBprLGGcEai
HxKRaDoOt5k7r7po3Vvz9IbzSWd5EFFUbLD0yvBLGA2RKNb7XzjiG3lr0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMi9dT0J3A5DkwLo45Bge28Vv2TiMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJcWIUVAx
SjkTMG8wRceWdb1Hg6gieDMkNeH6jZv7hNwo9S2nCgw+x4MN/uv0fQBVxjJOaS1h
8ULrlwjqnOpoPNtpRKyaNV+rY1w4gBKo3UHTE7yCJuLTEfWRsZWGg8BVEgDjmQ9l
mnQLRYnUxzQhHDjZDEMTnsl3t5XIx9hopvz9irJgRQtIopnr5lYwunTIFNf55ysd
js0oZKftzok3tEq6k+EnsDdaw/Cp/9I3ZYR7FaB6UYP9W4O4559TROs4E4xl4r+n
wJ5PHHBFc1ZEGk3aqway7s1kGmXcTBvXk6QpA2vE27P7XpAinCjq4D/GFiUSb+6w
o/TAGSWtIfYvJQ==
-----END CERTIFICATE-----