Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          eUftZAvWUAHT2z9YSTUw3vbd1XrQInPRI3+pTnicB3U=
Subject key identifier:   49:48:AA:F1:6E:35:E5:C7:5C:3A:88:F8:8E:95:AC:CB:A7:50:9B:A2
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       0197CA5EE8A6F830591850231580CA6837CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          15BC
Signing time:             Wed 02 Jul 2025 09:01:46 +0000
Manifest this update:     Wed 02 Jul 2025 09:01:46 +0000
Manifest next update:     Thu 03 Jul 2025 09:01:46 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: xhCOUyv5QI/buysno1Va6MsjYVj4+9sPG9PZdCE34mQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 09:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:5e:e8:a6:f8:30:59:18:50:23:15:80:ca:68:37:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Jul  2 09:01:46 2025 GMT
            Not After : Jul  3 09:01:46 2025 GMT
        Subject: CN=4948aaf16e35e5c75c3a88f88e95accba7509ba2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a6:52:6e:1e:ad:6d:26:64:6e:27:b1:12:60:
                    31:31:71:06:d1:70:30:77:20:4f:90:a6:d9:b9:26:
                    84:07:86:76:f9:93:77:c9:51:fd:49:fa:80:fd:8b:
                    15:19:1e:cd:1d:9d:b1:7c:c1:78:ff:8e:d0:61:dc:
                    29:4d:4d:1d:35:1e:17:f0:6b:81:55:fa:e4:22:47:
                    a2:ba:4b:8f:5f:c1:8c:fa:5c:53:fa:d1:e6:7f:d3:
                    63:ce:69:64:fa:89:a2:85:9d:d5:ee:a5:7d:5f:89:
                    e1:ea:b1:49:1d:2f:92:1a:40:77:5e:c6:46:64:1d:
                    32:73:d1:3b:80:cb:3c:c8:e5:17:38:10:ea:5d:60:
                    83:60:e6:3d:17:12:ac:2d:23:b2:de:fc:41:27:30:
                    fe:4f:d3:41:60:76:bf:47:33:6a:0a:1d:2d:27:8a:
                    63:a8:ee:e4:52:49:f3:97:94:1a:57:b8:c0:f2:d3:
                    bf:43:85:8e:4f:f8:9e:99:c8:ad:06:94:c1:dc:78:
                    10:3e:bb:ee:cf:fe:80:c7:ce:57:a9:cd:af:4b:4d:
                    6b:aa:33:e4:11:cc:9e:8e:0b:b3:53:ec:f4:17:1a:
                    bf:61:3d:e3:79:61:f5:12:91:43:d9:db:13:ca:d6:
                    c3:00:49:fa:3c:9b:d8:b5:9f:16:a8:c5:88:72:0c:
                    6b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:48:AA:F1:6E:35:E5:C7:5C:3A:88:F8:8E:95:AC:CB:A7:50:9B:A2
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:6d:d8:5a:a3:2d:5f:6e:44:61:ea:ae:27:b2:80:b9:07:41:
         be:c7:59:5b:1d:9b:8c:43:1f:fb:0f:05:58:91:f8:a8:57:79:
         52:3d:14:ff:76:7e:61:65:3b:40:35:09:8b:1a:67:6a:a3:52:
         1e:8c:96:e1:e4:f4:4a:1a:9f:d3:7a:26:ba:02:dc:04:80:ef:
         cb:94:0f:36:c1:a7:da:23:47:a6:79:60:22:be:d1:bd:e9:89:
         10:eb:f9:78:55:83:25:ca:62:2c:00:54:14:fa:77:19:20:d2:
         a4:26:67:6b:84:c5:42:3d:17:af:85:59:b6:9f:cf:56:4c:61:
         4f:56:08:a6:24:33:bb:60:60:1b:b2:14:f4:fa:10:ef:31:3d:
         6b:e7:ad:91:ff:9c:c0:48:eb:7b:34:09:17:ae:89:b7:80:27:
         46:e3:60:42:e0:ad:de:9a:05:04:a8:ac:bf:ec:ff:85:e7:c1:
         c1:90:ad:9d:e8:4a:7e:a5:e5:b7:10:d6:3d:e1:ef:30:cf:a8:
         f1:96:db:90:66:2d:46:91:2c:4c:47:28:8b:51:be:4b:3b:50:
         68:60:13:1d:02:3f:f1:f1:ce:13:bd:56:2c:76:ae:51:f1:1c:
         dd:fe:1d:24:a1:f9:2d:e4:ba:43:5e:a6:94:ca:07:0c:ff:fa:
         96:74:5d:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKXuim+DBZGFAjFYDKaDfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjUwNzAyMDkwMTQ2WhcNMjUwNzAzMDkwMTQ2WjAzMTEwLwYDVQQD
Eyg0OTQ4YWFmMTZlMzVlNWM3NWMzYTg4Zjg4ZTk1YWNjYmE3NTA5YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaZSbh6tbSZkbiexEmAxMXEG0XAw
dyBPkKbZuSaEB4Z2+ZN3yVH9SfqA/YsVGR7NHZ2xfMF4/47QYdwpTU0dNR4X8GuB
VfrkIkeiukuPX8GM+lxT+tHmf9Njzmlk+omihZ3V7qV9X4nh6rFJHS+SGkB3XsZG
ZB0yc9E7gMs8yOUXOBDqXWCDYOY9FxKsLSOy3vxBJzD+T9NBYHa/RzNqCh0tJ4pj
qO7kUknzl5QaV7jA8tO/Q4WOT/iemcitBpTB3HgQPrvuz/6Ax85Xqc2vS01rqjPk
EcyejguzU+z0Fxq/YT3jeWH1EpFD2dsTytbDAEn6PJvYtZ8WqMWIcgxrvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElIqvFuNeXHXDqI+I6VrMunUJuiMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgm3YWqMt
X25EYequJ7KAuQdBvsdZWx2bjEMf+w8FWJH4qFd5Uj0U/3Z+YWU7QDUJixpnaqNS
HoyW4eT0Shqf03omugLcBIDvy5QPNsGn2iNHpnlgIr7RvemJEOv5eFWDJcpiLABU
FPp3GSDSpCZna4TFQj0Xr4VZtp/PVkxhT1YIpiQzu2BgG7IU9PoQ7zE9a+etkf+c
wEjrezQJF66Jt4AnRuNgQuCt3poFBKisv+z/hefBwZCtnehKfqXltxDWPeHvMM+o
8ZbbkGYtRpEsTEcoi1G+SztQaGATHQI/8fHOE71WLHauUfEc3f4dJKH5LeS6Q16m
lMoHDP/6lnRdOw==
-----END CERTIFICATE-----