Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          3XrtoOSrwFFupNu0g2PkldOYlve4Tqk1PIpQwqMwmAg=
Subject key identifier:   63:14:92:C9:EC:8D:4E:D5:BB:B8:20:29:57:67:D3:AD:C4:6E:35:CE
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       01976629459988359B6348E2A85D224D5037
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          031D
Signing time:             Thu 12 Jun 2025 22:01:10 +0000
Manifest this update:     Thu 12 Jun 2025 22:01:10 +0000
Manifest next update:     Fri 13 Jun 2025 22:01:10 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: kb+Uik2Xl4i4JT4j7rQ5RyMrHG0dWmsXIIU4jlG3COw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:29:45:99:88:35:9b:63:48:e2:a8:5d:22:4d:50:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Jun 12 22:01:10 2025 GMT
            Not After : Jun 13 22:01:10 2025 GMT
        Subject: CN=631492c9ec8d4ed5bbb820295767d3adc46e35ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cf:74:15:82:b6:63:1a:2e:b4:90:02:b5:54:
                    43:40:cc:59:51:be:b3:a9:be:84:81:07:88:02:c2:
                    9d:33:4b:28:75:aa:95:ed:15:c1:21:9f:84:8c:6a:
                    c2:df:d7:e4:4e:67:07:bd:8a:0b:a3:27:56:df:f2:
                    06:63:5c:54:a6:8d:2b:64:8b:5d:e7:bd:1c:f6:a9:
                    e4:72:5b:93:ed:90:0c:db:9e:1c:61:23:17:42:cd:
                    a2:97:10:d8:7d:9a:63:22:64:4e:b3:a6:49:77:9c:
                    d2:7c:8a:a5:7d:3d:93:41:3e:52:19:e4:ea:07:57:
                    70:4c:e6:7e:fd:0c:6f:73:46:14:8a:50:30:6c:e1:
                    8a:9a:d7:8c:e4:a1:d8:bd:09:d6:10:9c:e0:39:2a:
                    cb:1a:0f:11:e1:0f:ba:f5:d4:65:38:47:f6:87:73:
                    ca:ba:2a:3f:bd:a7:2e:73:3a:6d:c0:f3:b7:0a:b3:
                    c0:6e:0c:ab:17:6a:95:61:ae:ad:05:73:73:40:e2:
                    15:b0:3f:53:30:04:9b:4f:6d:f3:74:53:9b:34:6f:
                    7f:3e:fd:0b:33:5e:59:aa:b0:7c:17:2c:95:d9:6c:
                    59:0c:27:75:7a:9c:bd:7d:a7:8b:d1:77:e4:68:44:
                    64:b2:f5:57:00:19:97:fb:b0:26:3a:22:0a:b2:e7:
                    9d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:14:92:C9:EC:8D:4E:D5:BB:B8:20:29:57:67:D3:AD:C4:6E:35:CE
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:66:5e:38:12:22:f2:87:70:81:63:bf:e8:de:7d:7e:07:b9:
         11:73:ac:26:80:69:39:b6:eb:b5:16:66:f6:58:91:4b:ef:3a:
         da:e9:50:db:1b:f3:91:93:cf:54:c4:0d:57:f5:ac:99:14:63:
         b4:e1:dc:f4:20:ec:bb:1e:36:db:a9:16:05:53:5d:1e:17:ae:
         a4:29:b3:90:81:6e:9e:61:2e:fa:8e:87:88:cd:2c:75:d0:5e:
         ab:ee:10:63:b8:fa:ae:73:d3:8e:9c:64:46:03:b1:12:00:ef:
         b0:33:be:05:30:30:f6:3a:e8:cd:19:c1:e7:bd:0f:dc:4e:b9:
         6c:ec:58:33:19:71:65:d8:c1:69:df:9b:58:a4:38:a4:a4:d3:
         7c:bc:e1:87:91:27:36:d6:dd:c8:0a:33:8f:cf:3e:1c:b4:7a:
         2b:6b:99:7c:7d:de:d6:35:eb:41:5a:3b:8a:95:91:28:9d:fc:
         85:2b:7a:e6:b8:d8:d1:26:10:3b:e4:f8:38:ca:c7:4e:b8:49:
         28:cd:28:e8:d5:bc:a0:5d:74:40:17:71:e1:e9:54:57:58:15:
         d1:15:c2:b3:c9:1d:90:1d:5e:82:a8:73:66:d9:56:9f:93:40:
         42:ee:ee:34:a8:7a:ef:7e:df:ec:fe:88:e2:a4:fb:a9:5d:ea:
         dd:90:01:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmKUWZiDWbY0jiqF0iTVA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjUwNjEyMjIwMTEwWhcNMjUwNjEzMjIwMTEwWjAzMTEwLwYDVQQD
Eyg2MzE0OTJjOWVjOGQ0ZWQ1YmJiODIwMjk1NzY3ZDNhZGM0NmUzNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs90FYK2YxoutJACtVRDQMxZUb6z
qb6EgQeIAsKdM0sodaqV7RXBIZ+EjGrC39fkTmcHvYoLoydW3/IGY1xUpo0rZItd
570c9qnkcluT7ZAM254cYSMXQs2ilxDYfZpjImROs6ZJd5zSfIqlfT2TQT5SGeTq
B1dwTOZ+/Qxvc0YUilAwbOGKmteM5KHYvQnWEJzgOSrLGg8R4Q+69dRlOEf2h3PK
uio/vacuczptwPO3CrPAbgyrF2qVYa6tBXNzQOIVsD9TMASbT23zdFObNG9/Pv0L
M15ZqrB8FyyV2WxZDCd1epy9faeL0XfkaERksvVXABmX+7AmOiIKsuedDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMUksnsjU7Vu7ggKVdn063EbjXOMB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGZeOBIi
8odwgWO/6N59fge5EXOsJoBpObbrtRZm9liRS+862ulQ2xvzkZPPVMQNV/WsmRRj
tOHc9CDsux4226kWBVNdHheupCmzkIFunmEu+o6HiM0sddBeq+4QY7j6rnPTjpxk
RgOxEgDvsDO+BTAw9jrozRnB570P3E65bOxYMxlxZdjBad+bWKQ4pKTTfLzhh5En
NtbdyAozj88+HLR6K2uZfH3e1jXrQVo7ipWRKJ38hSt65rjY0SYQO+T4OMrHTrhJ
KM0o6NW8oF10QBdx4elUV1gV0RXCs8kdkB1egqhzZtlWn5NAQu7uNKh6737f7P6I
4qT7qV3q3ZABPg==
-----END CERTIFICATE-----