Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          KonD7Cj1HOpw0MKsRt/SSlv/fX5vpUsFmzSL+syEyfQ=
Subject key identifier:   1E:5C:E2:F9:F1:60:5B:27:AA:AB:B8:FD:7D:42:AD:55:85:DB:AD:78
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       019922FAB5558AA4AAC12E59B77730B1110A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          04C9
Signing time:             Sun 07 Sep 2025 07:01:19 +0000
Manifest this update:     Sun 07 Sep 2025 07:01:19 +0000
Manifest next update:     Mon 08 Sep 2025 07:01:19 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: sGsAFiIdLaV7AIyrSJR7BIrSh4mkiZeVDaL7WOaLdMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:b5:55:8a:a4:aa:c1:2e:59:b7:77:30:b1:11:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Sep  7 07:01:19 2025 GMT
            Not After : Sep  8 07:01:19 2025 GMT
        Subject: CN=1e5ce2f9f1605b27aaabb8fd7d42ad5585dbad78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c5:69:90:21:4d:d7:b6:72:75:5d:42:40:15:
                    62:50:dd:5f:6a:99:0d:03:52:c0:2f:a6:3d:ff:55:
                    e6:44:44:d1:fe:c0:3d:da:93:6b:17:f5:48:e4:09:
                    04:c4:87:07:bb:e7:db:5b:5a:fc:d0:a2:26:9f:02:
                    c8:27:7c:4b:55:8d:b6:c1:b6:0d:ed:c4:c5:d4:dd:
                    4f:48:64:54:58:63:8b:45:3e:89:51:4e:5c:20:ce:
                    ae:59:2c:15:7e:fe:72:00:16:4d:e8:06:95:a1:3b:
                    9f:91:0d:80:83:b3:d8:f6:e8:42:85:e9:91:c0:f4:
                    2d:e3:61:d4:b6:8d:bb:c2:e1:55:2b:27:89:d3:f8:
                    2a:f1:ec:72:ad:df:be:10:e3:36:91:a8:d0:9b:d7:
                    7e:1c:56:28:97:79:f1:95:19:46:86:39:c0:9d:bf:
                    04:55:e5:e4:92:74:15:21:72:90:b3:f7:2d:01:1e:
                    bc:54:75:ae:90:a2:2a:6b:41:1f:e3:ce:fb:35:e4:
                    50:b6:f6:c8:e2:5c:de:2f:26:96:fc:93:77:53:8c:
                    c6:37:3b:d5:5d:01:c5:c8:3b:e8:d8:a9:23:ab:a6:
                    60:50:fe:ff:7d:c8:06:d2:e8:f8:ae:6a:82:ac:7d:
                    f8:9c:5a:76:1d:47:92:e6:6e:28:4d:43:b7:9f:f6:
                    91:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:5C:E2:F9:F1:60:5B:27:AA:AB:B8:FD:7D:42:AD:55:85:DB:AD:78
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:85:cd:58:95:95:3c:6e:1a:d7:69:cb:d2:bb:9a:94:f3:f1:
         b1:86:17:09:97:47:34:f0:45:b9:e0:1a:15:bd:18:26:1b:91:
         3b:a9:b4:fe:55:f4:c9:07:b9:13:44:fc:5a:9e:e7:9e:fb:a8:
         27:40:20:3a:1a:81:27:41:b7:b2:81:ef:cf:0a:b6:29:1e:ae:
         f0:4e:18:ac:11:cf:b2:94:ab:85:41:85:87:b6:6e:4f:ab:69:
         c4:68:98:19:4a:6c:95:13:b7:50:cc:21:77:14:56:b5:9a:aa:
         f6:d6:a9:93:4e:16:f0:e6:62:71:b2:7b:85:3b:b1:3a:39:0f:
         58:3a:f2:2d:4a:3b:5b:cf:68:c1:66:54:cf:b8:13:26:51:34:
         4a:14:2f:7b:db:e7:79:de:15:97:7a:10:d5:9f:e0:c7:2a:3e:
         79:2d:f6:00:12:c7:7c:bb:f1:6c:7c:d7:aa:d3:f7:e8:d1:85:
         71:68:09:cb:44:ad:19:09:ca:cc:89:0a:e9:af:a3:64:ef:d4:
         3c:b1:29:ba:18:b5:97:62:4d:e5:4c:e0:73:55:4d:89:36:5b:
         cf:7c:7a:b0:4d:75:6e:7a:49:0e:14:88:2e:cf:32:e3:1c:9a:
         8b:53:3b:ad:c8:03:3d:dc:04:91:2c:54:f4:d2:06:d8:87:19:
         69:39:cc:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+rVViqSqwS5Zt3cwsREKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjUwOTA3MDcwMTE5WhcNMjUwOTA4MDcwMTE5WjAzMTEwLwYDVQQD
EygxZTVjZTJmOWYxNjA1YjI3YWFhYmI4ZmQ3ZDQyYWQ1NTg1ZGJhZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcVpkCFN17ZydV1CQBViUN1fapkN
A1LAL6Y9/1XmRETR/sA92pNrF/VI5AkExIcHu+fbW1r80KImnwLIJ3xLVY22wbYN
7cTF1N1PSGRUWGOLRT6JUU5cIM6uWSwVfv5yABZN6AaVoTufkQ2Ag7PY9uhChemR
wPQt42HUto27wuFVKyeJ0/gq8exyrd++EOM2kajQm9d+HFYol3nxlRlGhjnAnb8E
VeXkknQVIXKQs/ctAR68VHWukKIqa0Ef4877NeRQtvbI4lzeLyaW/JN3U4zGNzvV
XQHFyDvo2Kkjq6ZgUP7/fcgG0uj4rmqCrH34nFp2HUeS5m4oTUO3n/aRzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5c4vnxYFsnqqu4/X1CrVWF2614MB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKIXNWJWV
PG4a12nL0rualPPxsYYXCZdHNPBFueAaFb0YJhuRO6m0/lX0yQe5E0T8Wp7nnvuo
J0AgOhqBJ0G3soHvzwq2KR6u8E4YrBHPspSrhUGFh7ZuT6tpxGiYGUpslRO3UMwh
dxRWtZqq9tapk04W8OZicbJ7hTuxOjkPWDryLUo7W89owWZUz7gTJlE0ShQve9vn
ed4Vl3oQ1Z/gxyo+eS32ABLHfLvxbHzXqtP36NGFcWgJy0StGQnKzIkK6a+jZO/U
PLEpuhi1l2JN5Uzgc1VNiTZbz3x6sE11bnpJDhSILs8y4xyai1M7rcgDPdwEkSxU
9NIG2IcZaTnMhQ==
-----END CERTIFICATE-----