Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
File:                     i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json)
Hash identifier:          /Pooa07txf5JmE2XCCr4mFZn+GaEPy0Pkx4LhgJFKPE=
Subject key identifier:   C6:98:5B:DA:3F:0A:F1:02:C5:A1:9C:B9:FC:66:DD:C0:6E:96:1F:F4
Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24
Certificate issuer:       /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
Certificate serial:       01975D25F62CB669D4FC8C70C81CBF7EAB57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
Manifest number:          0A5E
Signing time:             Wed 11 Jun 2025 04:00:58 +0000
Manifest this update:     Wed 11 Jun 2025 04:00:58 +0000
Manifest next update:     Thu 12 Jun 2025 04:00:58 +0000
Files and hashes:         1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: n64WobUd48qWW2/LU20LcujDhFg4DDlc66+Hy51ABaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 04:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:25:f6:2c:b6:69:d4:fc:8c:70:c8:1c:bf:7e:ab:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
        Validity
            Not Before: Jun 11 04:00:58 2025 GMT
            Not After : Jun 12 04:00:58 2025 GMT
        Subject: CN=c6985bda3f0af102c5a19cb9fc66ddc06e961ff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:74:f6:5c:81:7f:9c:58:a7:9b:6c:47:e5:c5:
                    71:44:3e:47:84:b5:2c:eb:07:18:69:16:03:73:44:
                    eb:1e:02:2b:ca:0b:29:63:05:27:23:6f:75:1e:2d:
                    c2:10:71:50:82:1d:f1:5c:60:bc:cd:be:ad:ef:1a:
                    13:2b:64:c3:12:78:65:31:7c:8a:e7:c8:22:62:dc:
                    12:5f:8f:f5:5d:37:57:0e:ec:5d:af:0e:6b:26:0f:
                    c9:6d:36:53:b4:8d:b1:50:fc:8c:bb:ff:7b:c1:6f:
                    c6:ed:c7:f5:7e:36:5f:8f:4b:fc:bf:ec:9b:14:e5:
                    a8:c4:06:3d:40:66:fd:24:82:b7:06:c1:f9:d5:bd:
                    5b:97:41:c9:8c:5b:e5:a9:17:8a:33:5d:ad:36:d6:
                    e8:72:31:02:26:f3:7f:af:0e:a1:e3:a4:84:7d:da:
                    4e:a7:e1:56:dd:32:6a:65:81:a7:08:2b:4b:9f:47:
                    f3:58:ae:53:1a:ae:b1:cb:93:5b:d1:6d:b0:97:35:
                    bf:61:31:cc:9d:6f:72:51:36:fd:0f:04:e0:71:c9:
                    9c:41:79:da:66:61:52:4c:04:f0:c8:6c:af:47:ea:
                    9f:a8:12:1d:ee:4d:58:0c:1d:1a:c6:91:23:fd:6a:
                    35:e9:e4:4a:87:ef:cf:c4:35:8d:38:4e:ee:17:ff:
                    f5:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:98:5B:DA:3F:0A:F1:02:C5:A1:9C:B9:FC:66:DD:C0:6E:96:1F:F4
            X509v3 Authority Key Identifier:
                keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:94:40:dd:39:3b:d8:c2:9e:08:5d:fe:33:03:0b:9b:00:5b:
         53:49:ad:f0:00:a5:42:0c:25:23:f8:51:b8:da:6c:37:b8:2b:
         18:07:43:1a:09:37:f0:b1:f6:87:91:e2:a1:95:ca:e3:26:c2:
         d8:0e:97:79:40:08:b7:27:41:10:d6:a4:b5:c9:fd:38:a6:8e:
         90:f4:20:61:45:db:31:bc:19:e8:15:c3:c6:dc:26:38:fa:42:
         ca:81:78:31:bc:f7:91:19:9e:a8:ff:28:30:56:d8:17:b9:9f:
         f5:09:0b:47:c0:ee:59:a6:58:3c:f4:87:5f:47:21:c1:88:64:
         f2:d7:1c:17:bb:41:7c:75:56:c7:ab:44:96:0f:f5:61:cc:09:
         ab:b2:51:7f:a8:b9:a0:44:72:d6:c4:82:a3:77:cd:2f:63:7a:
         54:28:d4:47:66:1c:71:26:db:ec:4b:7c:ac:00:bb:fc:b1:0f:
         60:6b:fc:17:e8:3d:8f:17:9a:e3:21:a6:93:57:e5:b5:49:5c:
         f6:33:9d:25:d5:ec:70:66:d4:3d:d4:e4:a1:72:cc:2a:5a:5a:
         5d:74:50:bf:4e:a0:3d:ce:83:95:69:2c:81:0d:af:3b:e9:fd:
         b7:27:dd:0d:dd:b1:68:4c:21:cc:14:57:37:47:74:b6:24:7d:
         d9:5c:61:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddJfYstmnU/IxwyBy/fqtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh
NmI4MjQwHhcNMjUwNjExMDQwMDU4WhcNMjUwNjEyMDQwMDU4WjAzMTEwLwYDVQQD
EyhjNjk4NWJkYTNmMGFmMTAyYzVhMTljYjlmYzY2ZGRjMDZlOTYxZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3T2XIF/nFinm2xH5cVxRD5HhLUs
6wcYaRYDc0TrHgIrygspYwUnI291Hi3CEHFQgh3xXGC8zb6t7xoTK2TDEnhlMXyK
58giYtwSX4/1XTdXDuxdrw5rJg/JbTZTtI2xUPyMu/97wW/G7cf1fjZfj0v8v+yb
FOWoxAY9QGb9JIK3BsH51b1bl0HJjFvlqReKM12tNtbocjECJvN/rw6h46SEfdpO
p+FW3TJqZYGnCCtLn0fzWK5TGq6xy5Nb0W2wlzW/YTHMnW9yUTb9DwTgccmcQXna
ZmFSTATwyGyvR+qfqBId7k1YDB0axpEj/Wo16eRKh+/PxDWNOE7uF//1dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaYW9o/CvECxaGcufxm3cBulh/0MB8GA1UdIwQY
MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt
NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2
LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtJRA3Tk7
2MKeCF3+MwMLmwBbU0mt8AClQgwlI/hRuNpsN7grGAdDGgk38LH2h5HioZXK4ybC
2A6XeUAItydBENaktcn9OKaOkPQgYUXbMbwZ6BXDxtwmOPpCyoF4Mbz3kRmeqP8o
MFbYF7mf9QkLR8DuWaZYPPSHX0chwYhk8tccF7tBfHVWx6tElg/1YcwJq7JRf6i5
oERy1sSCo3fNL2N6VCjUR2YccSbb7Et8rAC7/LEPYGv8F+g9jxea4yGmk1fltUlc
9jOdJdXscGbUPdTkoXLMKlpaXXRQv06gPc6DlWksgQ2vO+n9tyfdDd2xaEwhzBRX
N0d0tiR92Vxhxg==
-----END CERTIFICATE-----