Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          QsU9O3MnE8ROBwmX2jbzMzNIcfBVaUR5yUeJUFjXGuQ=
Subject key identifier:   73:84:E7:7D:FD:45:76:56:07:31:85:05:D7:0F:CC:F5:15:CC:FD:5E
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       0197518FDB0984D7694F27802466786D5694
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          03D8
Signing time:             Sun 08 Jun 2025 22:01:11 +0000
Manifest this update:     Sun 08 Jun 2025 22:01:11 +0000
Manifest next update:     Mon 09 Jun 2025 22:01:11 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: JqRLd3e/A6cCzPa/GwKmCAoBSU/hBcd7nvk8UdwBT1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:8f:db:09:84:d7:69:4f:27:80:24:66:78:6d:56:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Jun  8 22:01:11 2025 GMT
            Not After : Jun  9 22:01:11 2025 GMT
        Subject: CN=7384e77dfd45765607318505d70fccf515ccfd5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8c:12:55:e5:01:0c:cf:7f:03:d8:30:f5:ce:
                    38:1b:1e:e1:46:f0:6f:20:29:8b:d9:50:d5:c0:c7:
                    47:2c:07:d9:d3:76:8d:eb:ae:5d:d8:fd:f7:b8:09:
                    43:cf:2f:41:3e:c2:08:07:b5:f8:a3:a5:58:3e:7b:
                    be:54:29:12:c1:3c:81:83:ab:f6:45:bf:96:2a:09:
                    45:4d:72:98:13:1a:1d:2a:c6:1f:04:33:af:13:dc:
                    89:90:53:3c:66:ab:e2:56:c9:c9:e0:18:f5:2e:71:
                    d4:15:85:ab:b2:21:70:5e:9a:0f:e2:c1:c5:8a:7d:
                    1d:ef:93:ef:93:37:c2:b0:76:c1:eb:33:a5:8e:3f:
                    63:fd:63:e9:2c:d7:0d:8d:6d:60:e4:5e:bf:b9:1c:
                    a2:84:61:66:6e:34:e6:91:02:73:b7:3f:48:52:b6:
                    85:b6:5b:45:28:eb:87:fc:00:33:f4:ce:9a:ca:c0:
                    f6:3b:1f:87:a8:ca:9f:e7:3d:f5:18:8c:2b:7c:0c:
                    dd:d6:c3:d9:f0:56:c5:46:8b:89:bd:88:e7:3d:4f:
                    fb:96:3e:37:19:d1:2b:e5:bd:d1:10:dd:e5:7a:61:
                    c2:46:45:bc:72:1c:36:30:70:05:77:5b:b2:eb:01:
                    9d:39:cd:d6:33:23:af:a2:6d:8e:a4:82:e5:36:69:
                    99:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:84:E7:7D:FD:45:76:56:07:31:85:05:D7:0F:CC:F5:15:CC:FD:5E
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:63:2c:d5:2e:3c:b6:b0:b9:9a:d0:c4:76:37:bd:ff:b9:4b:
         ed:48:e0:82:bf:60:97:cf:8a:21:23:79:a8:d5:4c:b4:7c:99:
         23:6f:bc:a7:21:0c:28:fc:54:39:8f:31:75:26:f1:34:a4:5e:
         69:f1:4e:64:f7:d0:91:46:79:11:fb:ab:7c:f2:1f:a7:b7:44:
         d6:e6:f2:b9:10:c9:36:7c:5e:16:4d:be:11:03:12:40:bf:bd:
         79:26:77:e6:a3:dc:69:61:16:bf:d2:2e:29:2f:fa:7b:59:52:
         b6:d1:2e:a7:68:c9:3a:59:41:f8:67:21:c9:37:87:67:1c:cb:
         12:83:30:0f:c8:14:fd:11:f7:ac:a4:89:1d:78:b3:9c:b9:4b:
         bf:43:55:91:18:2d:65:13:9b:5a:05:f2:03:cf:02:b0:52:8c:
         29:68:5e:c5:56:66:36:7d:e8:05:5d:38:3a:7b:a5:70:ab:4a:
         85:11:01:8c:da:cb:79:bb:49:ef:55:1b:64:ce:1e:fd:8a:05:
         df:fb:fd:f8:a7:9e:ce:f6:a4:07:f9:5c:e1:d3:7a:2c:57:ff:
         33:03:4e:ec:f9:f8:2b:4d:c6:2d:57:b1:87:14:24:52:86:8a:
         a4:c8:75:f7:7e:e8:8c:1c:b3:26:8f:2a:88:26:f2:13:f8:f2:
         de:87:84:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRj9sJhNdpTyeAJGZ4bVaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwNjA4MjIwMTExWhcNMjUwNjA5MjIwMTExWjAzMTEwLwYDVQQD
Eyg3Mzg0ZTc3ZGZkNDU3NjU2MDczMTg1MDVkNzBmY2NmNTE1Y2NmZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4wSVeUBDM9/A9gw9c44Gx7hRvBv
ICmL2VDVwMdHLAfZ03aN665d2P33uAlDzy9BPsIIB7X4o6VYPnu+VCkSwTyBg6v2
Rb+WKglFTXKYExodKsYfBDOvE9yJkFM8ZqviVsnJ4Bj1LnHUFYWrsiFwXpoP4sHF
in0d75PvkzfCsHbB6zOljj9j/WPpLNcNjW1g5F6/uRyihGFmbjTmkQJztz9IUraF
tltFKOuH/AAz9M6aysD2Ox+HqMqf5z31GIwrfAzd1sPZ8FbFRouJvYjnPU/7lj43
GdEr5b3REN3lemHCRkW8chw2MHAFd1uy6wGdOc3WMyOvom2OpILlNmmZSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOE5339RXZWBzGFBdcPzPUVzP1eMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2Ms1S48
trC5mtDEdje9/7lL7Ujggr9gl8+KISN5qNVMtHyZI2+8pyEMKPxUOY8xdSbxNKRe
afFOZPfQkUZ5EfurfPIfp7dE1ubyuRDJNnxeFk2+EQMSQL+9eSZ35qPcaWEWv9Iu
KS/6e1lSttEup2jJOllB+GchyTeHZxzLEoMwD8gU/RH3rKSJHXiznLlLv0NVkRgt
ZRObWgXyA88CsFKMKWhexVZmNn3oBV04OnulcKtKhREBjNrLebtJ71UbZM4e/YoF
3/v9+KeezvakB/lc4dN6LFf/MwNO7Pn4K03GLVexhxQkUoaKpMh1937ojByzJo8q
iCbyE/jy3oeEQQ==
-----END CERTIFICATE-----