Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          tY1cKKmSs3zYiXKZZseBVGFcE4rax3Wq/LMGZt4++tk=
Subject key identifier:   41:8D:EE:96:36:03:50:B7:32:02:FF:35:AE:B6:11:C3:AA:94:3D:98
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       01974D7BD5B8668AD47CCB26864940FE158B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          05D3
Signing time:             Sun 08 Jun 2025 03:00:50 +0000
Manifest this update:     Sun 08 Jun 2025 03:00:50 +0000
Manifest next update:     Mon 09 Jun 2025 03:00:50 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: iWjnHACMuelB+OzZTfrvzY/7m2hwGBW3e/xbDmlz9jI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:7b:d5:b8:66:8a:d4:7c:cb:26:86:49:40:fe:15:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Jun  8 03:00:50 2025 GMT
            Not After : Jun  9 03:00:50 2025 GMT
        Subject: CN=418dee96360350b73202ff35aeb611c3aa943d98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:47:da:2d:06:b1:64:b1:4e:01:8e:9c:cd:eb:
                    cf:57:66:09:1f:49:b1:e0:59:2e:a1:47:50:73:e7:
                    8b:e8:c5:be:0d:48:a3:8d:ba:b1:69:60:12:f0:4e:
                    49:1a:31:cd:f4:a1:4b:07:c3:ca:b6:10:9d:d1:ec:
                    ae:8d:f2:65:b6:57:c4:70:e4:d1:61:10:09:d6:c5:
                    e3:73:d7:13:00:37:91:33:0c:a3:52:81:44:a8:4f:
                    20:30:9f:d6:5a:3c:8b:ad:30:03:cc:40:52:2e:3b:
                    82:b3:31:aa:0e:16:4f:16:c6:c0:3b:c5:96:a8:04:
                    bb:7d:27:a8:44:9f:9f:68:e4:84:13:45:42:f5:b6:
                    23:8b:01:ea:49:3e:bb:68:4d:3b:a0:9e:19:dc:81:
                    34:ee:ed:02:0e:75:42:2c:49:cd:8d:2d:61:3d:bc:
                    18:74:38:55:01:07:ca:3a:47:f2:92:60:bf:69:7c:
                    c6:cb:4f:8a:0f:98:73:5f:1f:54:9d:bf:2d:01:d0:
                    06:2b:6a:4d:23:db:79:78:35:71:96:2d:81:eb:4f:
                    d8:fb:18:f4:d7:30:a2:c6:5d:89:39:c3:15:d8:a8:
                    f7:14:c8:85:2c:d1:bd:f6:68:ef:da:88:35:f2:ca:
                    2a:b8:9a:51:65:e3:d5:fc:ff:4a:99:26:82:31:df:
                    8c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:8D:EE:96:36:03:50:B7:32:02:FF:35:AE:B6:11:C3:AA:94:3D:98
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:fd:33:66:c7:ce:37:6d:ce:84:e1:3e:df:bc:23:1d:72:ac:
         27:15:e2:d4:87:95:46:8d:3b:e0:9a:5b:56:10:54:4b:62:59:
         37:38:a7:80:af:da:13:69:7d:f3:aa:de:3a:fb:a8:1b:4e:39:
         62:ed:21:d2:ac:98:b4:4d:62:d4:e1:5e:ee:ba:f4:ae:66:e7:
         b8:c8:31:52:48:2e:5d:f9:39:0e:2a:ff:e7:59:3d:26:47:9c:
         a6:a6:06:2a:9d:4d:4d:11:46:74:f9:fc:ba:bc:1e:d9:73:80:
         08:93:d4:a9:a6:fa:43:76:f5:af:f6:1b:20:b7:01:72:60:c7:
         01:5b:88:6e:2f:bf:b3:1c:87:0f:9c:c7:92:18:31:ff:58:8a:
         16:cc:a4:2f:76:d5:13:72:5c:2d:75:8c:fa:32:97:ec:1c:46:
         06:d3:67:c7:09:55:b1:a2:63:2f:1f:84:fd:37:d3:af:7c:9c:
         cc:0a:37:3e:23:37:d3:ee:f1:b4:59:c2:9a:9c:dc:3c:ca:d4:
         7e:97:91:66:b0:87:d2:bf:15:da:ec:ad:b7:15:f2:fe:ec:18:
         6d:86:6e:1b:7d:b6:63:c8:77:75:fa:70:26:dc:39:a2:ef:a5:
         b1:d7:a3:c7:84:8d:bb:d8:c7:55:7a:7b:14:80:b2:2a:63:2e:
         19:71:57:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNe9W4ZorUfMsmhklA/hWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjUwNjA4MDMwMDUwWhcNMjUwNjA5MDMwMDUwWjAzMTEwLwYDVQQD
Eyg0MThkZWU5NjM2MDM1MGI3MzIwMmZmMzVhZWI2MTFjM2FhOTQzZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEfaLQaxZLFOAY6czevPV2YJH0mx
4FkuoUdQc+eL6MW+DUijjbqxaWAS8E5JGjHN9KFLB8PKthCd0eyujfJltlfEcOTR
YRAJ1sXjc9cTADeRMwyjUoFEqE8gMJ/WWjyLrTADzEBSLjuCszGqDhZPFsbAO8WW
qAS7fSeoRJ+faOSEE0VC9bYjiwHqST67aE07oJ4Z3IE07u0CDnVCLEnNjS1hPbwY
dDhVAQfKOkfykmC/aXzGy0+KD5hzXx9Unb8tAdAGK2pNI9t5eDVxli2B60/Y+xj0
1zCixl2JOcMV2Kj3FMiFLNG99mjv2og18soquJpRZePV/P9KmSaCMd+MkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGN7pY2A1C3MgL/Na62EcOqlD2YMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/0zZsfO
N23OhOE+37wjHXKsJxXi1IeVRo074JpbVhBUS2JZNzingK/aE2l986reOvuoG045
Yu0h0qyYtE1i1OFe7rr0rmbnuMgxUkguXfk5Dir/51k9JkecpqYGKp1NTRFGdPn8
urwe2XOACJPUqab6Q3b1r/YbILcBcmDHAVuIbi+/sxyHD5zHkhgx/1iKFsykL3bV
E3JcLXWM+jKX7BxGBtNnxwlVsaJjLx+E/TfTr3yczAo3PiM30+7xtFnCmpzcPMrU
fpeRZrCH0r8V2uyttxXy/uwYbYZuG322Y8h3dfpwJtw5ou+lsdejx4SNu9jHVXp7
FICyKmMuGXFXKw==
-----END CERTIFICATE-----