Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File:                     iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier:          rUHkuIWWuWkexwYkBRJyyNbF3fLCevpG+AKAGcObmsY=
Subject key identifier:   30:28:9B:79:8D:1A:39:6B:08:27:DE:96:9C:A5:5E:9C:C1:08:76:40
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer:       /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial:       0199239F84524D79207A39E3323C13313B03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number:          106A
Signing time:             Sun 07 Sep 2025 10:01:20 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:20 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:20 +0000
Files and hashes:         1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: pLLiMX4InsT/pOSx1tDxQx5yVtCoaGXqDxDOjHFP1Tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:84:52:4d:79:20:7a:39:e3:32:3c:13:31:3b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
        Validity
            Not Before: Sep  7 10:01:20 2025 GMT
            Not After : Sep  8 10:01:20 2025 GMT
        Subject: CN=30289b798d1a396b0827de969ca55e9cc1087640
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:0c:a2:ac:d2:20:cb:55:f3:d3:25:e3:b8:cb:
                    82:a3:e9:e3:15:31:29:b6:f2:4d:34:77:9f:09:45:
                    63:fd:5d:9b:3c:7a:dd:ac:ac:46:27:b6:18:f6:08:
                    70:61:85:f5:c1:42:a6:aa:96:b0:54:b9:ed:df:da:
                    f5:95:35:99:48:bb:eb:52:38:5b:83:55:b6:29:10:
                    66:4d:23:25:2b:fe:7e:fb:68:dd:fd:bd:70:14:1e:
                    9a:0f:90:bc:69:ef:17:23:c7:5f:33:28:b5:77:df:
                    f8:12:0f:5b:81:ca:c9:c3:ce:b5:d5:1c:53:c8:58:
                    9e:e3:f1:8a:3b:11:96:bc:38:3b:a3:e2:54:a7:04:
                    cd:98:44:fd:ea:ed:76:5c:b4:86:f5:8f:07:5f:06:
                    5f:cf:9b:64:62:6b:a9:eb:4c:ae:8e:c8:40:48:52:
                    af:78:9f:3f:2f:c9:44:c2:22:b2:ed:b7:b0:88:35:
                    39:3a:c5:d6:f8:c2:5a:7e:2c:ad:51:99:31:57:8d:
                    d4:31:9e:e9:68:e5:f0:7a:35:51:d0:84:ed:99:12:
                    0f:d4:dd:85:68:3a:c1:36:a1:25:60:b8:67:eb:92:
                    d3:09:94:93:ef:27:ed:04:46:d3:12:80:25:25:ba:
                    db:6b:d2:57:22:a4:07:b7:b0:78:4f:c3:85:53:50:
                    35:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:28:9B:79:8D:1A:39:6B:08:27:DE:96:9C:A5:5E:9C:C1:08:76:40
            X509v3 Authority Key Identifier:
                keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:a7:8b:a7:be:ab:8b:8f:5c:49:e0:e6:dc:fe:63:b1:34:1f:
         08:c3:61:10:b5:b1:c9:ec:ad:9a:7d:52:ae:fd:df:3b:e9:20:
         e7:60:42:ae:42:db:9f:7c:5d:a8:1c:b5:84:7f:b5:a1:f7:45:
         cc:5d:04:1a:df:d7:40:ca:43:e1:c8:cf:6b:37:21:1e:fe:37:
         31:3a:e0:ed:c9:53:da:8b:95:c3:cd:cd:a8:f7:89:80:6a:0e:
         8b:31:81:16:ea:26:61:1e:c5:96:ee:1c:36:39:bc:f5:66:09:
         6b:b7:ac:ea:aa:4a:c9:f3:62:75:9c:13:56:9a:c7:a2:ca:82:
         f8:08:92:74:61:88:a2:28:cb:17:27:55:fc:43:53:a0:e6:1c:
         b9:9a:ff:30:8e:e1:86:9e:ca:9a:54:16:d1:4b:31:bf:21:cb:
         5e:52:c3:f9:5f:57:c2:cc:ca:1f:91:ec:d4:6c:a0:c5:60:0d:
         4f:6b:4b:52:64:f4:e9:ed:62:9f:d1:21:09:e1:75:72:c6:cd:
         74:3f:89:56:60:9a:7d:7b:71:e7:fd:11:23:77:69:0f:c0:70:
         b8:05:16:c4:bc:5c:be:f2:90:1e:83:f1:17:43:ca:d0:48:a6:
         b8:6e:3d:df:fc:f4:b5:7f:ad:0c:47:25:bc:50:b6:db:54:54:
         ff:50:4e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn4RSTXkgejnjMjwTMTsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUwOTA3MTAwMTIwWhcNMjUwOTA4MTAwMTIwWjAzMTEwLwYDVQQD
EygzMDI4OWI3OThkMWEzOTZiMDgyN2RlOTY5Y2E1NWU5Y2MxMDg3NjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wyirNIgy1Xz0yXjuMuCo+njFTEp
tvJNNHefCUVj/V2bPHrdrKxGJ7YY9ghwYYX1wUKmqpawVLnt39r1lTWZSLvrUjhb
g1W2KRBmTSMlK/5++2jd/b1wFB6aD5C8ae8XI8dfMyi1d9/4Eg9bgcrJw8611RxT
yFie4/GKOxGWvDg7o+JUpwTNmET96u12XLSG9Y8HXwZfz5tkYmup60yujshASFKv
eJ8/L8lEwiKy7bewiDU5OsXW+MJafiytUZkxV43UMZ7paOXwejVR0ITtmRIP1N2F
aDrBNqElYLhn65LTCZST7yftBEbTEoAlJbrba9JXIqQHt7B4T8OFU1A1mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDAom3mNGjlrCCfelpylXpzBCHZAMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuaeLp76r
i49cSeDm3P5jsTQfCMNhELWxyeytmn1Srv3fO+kg52BCrkLbn3xdqBy1hH+1ofdF
zF0EGt/XQMpD4cjPazchHv43MTrg7clT2ouVw83NqPeJgGoOizGBFuomYR7Flu4c
Njm89WYJa7es6qpKyfNidZwTVprHosqC+AiSdGGIoijLFydV/ENToOYcuZr/MI7h
hp7KmlQW0UsxvyHLXlLD+V9XwszKH5Hs1GygxWANT2tLUmT06e1in9EhCeF1csbN
dD+JVmCafXtx5/0RI3dpD8BwuAUWxLxcvvKQHoPxF0PK0EimuG493/z0tX+tDEcl
vFC221RU/1BOBA==
-----END CERTIFICATE-----