Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          Dy0yL1do6B5/Zqpo5Un5zE9JZYrIYrf46i/UWa55l1M=
Subject key identifier:   97:52:55:63:41:E6:CC:E4:43:75:1B:71:9B:6E:25:EA:DB:C4:D5:F9
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       01974A7B1768D44DD5543661963E9D04BF08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          06ED
Signing time:             Sat 07 Jun 2025 13:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:10 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: dXN1pTp3YEQG16MhnRz+RUsqV/A3J8brQDZ3PH2HZOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:17:68:d4:4d:d5:54:36:61:96:3e:9d:04:bf:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Jun  7 13:01:10 2025 GMT
            Not After : Jun  8 13:01:10 2025 GMT
        Subject: CN=9752556341e6cce443751b719b6e25eadbc4d5f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1b:63:14:f3:6f:15:0c:aa:91:ab:7b:e7:9f:
                    83:28:04:6e:72:9d:3a:cd:09:b0:e8:ba:eb:09:d6:
                    ee:53:52:be:af:a4:9c:93:b9:98:09:be:2d:69:e4:
                    aa:39:43:8e:54:dc:91:8c:11:40:97:7b:0c:13:e1:
                    d5:c8:cc:8d:20:13:b4:70:04:3e:b1:d9:19:ae:7c:
                    44:ba:1b:ae:f6:4d:0a:6d:ff:82:b3:96:9e:30:7e:
                    77:db:bb:ed:ae:0e:6b:de:52:f5:b3:2e:62:ac:9e:
                    5c:ba:7d:9f:88:3c:29:f5:78:ac:b8:21:40:b3:6f:
                    eb:a5:01:99:2e:f9:81:02:17:45:31:d2:19:ea:75:
                    b6:09:9f:05:6f:4e:c6:60:5d:97:35:66:31:47:5a:
                    13:43:a8:33:13:24:29:0f:73:1b:c1:e9:8f:97:59:
                    03:17:67:57:71:bb:08:a2:be:44:51:6f:a3:32:71:
                    af:1c:da:50:62:2d:6d:57:57:4f:aa:33:a7:e1:d5:
                    0c:83:1e:70:4e:18:37:8c:63:54:94:38:af:7a:b0:
                    d4:16:52:08:26:96:1e:9c:8c:2f:a5:ec:12:e1:fc:
                    0c:a4:e8:5b:e4:bb:8c:e7:70:bb:ac:d5:22:6a:5a:
                    6d:04:cf:c1:3e:10:9a:5e:61:75:8c:8e:73:7b:f9:
                    ff:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:52:55:63:41:E6:CC:E4:43:75:1B:71:9B:6E:25:EA:DB:C4:D5:F9
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:85:8e:55:73:18:fc:a5:16:a3:aa:3b:34:73:78:b0:92:46:
         c0:89:46:ed:52:22:7e:86:59:7f:a9:90:98:c2:94:91:ce:37:
         b3:c5:8b:bf:68:6c:8b:c0:25:2b:5b:f4:49:aa:47:f7:a0:d0:
         45:6e:b8:52:05:65:c1:4c:f5:5e:26:b5:46:86:ba:24:82:2e:
         b9:89:53:e1:32:4c:25:94:ab:17:54:28:57:9c:e1:ab:7d:c6:
         3d:75:a6:9c:c2:fe:33:de:59:db:75:78:4e:11:a6:4c:af:7f:
         89:32:c5:31:b3:00:f7:94:2c:8d:a5:f3:6e:dc:91:2a:ee:bb:
         c2:21:30:52:1b:c0:f5:59:0c:8e:90:2a:d8:df:1f:c9:65:14:
         ac:c7:8a:54:46:23:3f:77:6a:6d:bb:d1:c7:bb:d2:5f:db:64:
         02:5b:ab:41:f0:51:e6:67:81:7a:4c:42:9a:96:32:96:ed:af:
         36:e5:9b:cf:60:70:8a:01:b8:20:ee:35:18:c4:2a:72:00:be:
         67:f3:de:92:58:16:65:f1:d2:8a:b3:c9:e4:e8:26:5a:e2:a6:
         8c:61:be:20:fa:7d:70:aa:19:c1:46:b2:ff:38:b9:ef:96:b3:
         57:03:c7:db:84:72:e7:32:17:7b:e6:90:b4:41:ae:fd:39:b6:
         a3:25:1b:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKexdo1E3VVDZhlj6dBL8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjUwNjA3MTMwMTEwWhcNMjUwNjA4MTMwMTEwWjAzMTEwLwYDVQQD
Eyg5NzUyNTU2MzQxZTZjY2U0NDM3NTFiNzE5YjZlMjVlYWRiYzRkNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBtjFPNvFQyqkat755+DKARucp06
zQmw6LrrCdbuU1K+r6Sck7mYCb4taeSqOUOOVNyRjBFAl3sME+HVyMyNIBO0cAQ+
sdkZrnxEuhuu9k0Kbf+Cs5aeMH5327vtrg5r3lL1sy5irJ5cun2fiDwp9XisuCFA
s2/rpQGZLvmBAhdFMdIZ6nW2CZ8Fb07GYF2XNWYxR1oTQ6gzEyQpD3MbwemPl1kD
F2dXcbsIor5EUW+jMnGvHNpQYi1tV1dPqjOn4dUMgx5wThg3jGNUlDiverDUFlII
JpYenIwvpewS4fwMpOhb5LuM53C7rNUialptBM/BPhCaXmF1jI5ze/n/twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdSVWNB5szkQ3UbcZtuJerbxNX5MB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYWOVXMY
/KUWo6o7NHN4sJJGwIlG7VIifoZZf6mQmMKUkc43s8WLv2hsi8AlK1v0SapH96DQ
RW64UgVlwUz1Xia1Roa6JIIuuYlT4TJMJZSrF1QoV5zhq33GPXWmnML+M95Z23V4
ThGmTK9/iTLFMbMA95QsjaXzbtyRKu67wiEwUhvA9VkMjpAq2N8fyWUUrMeKVEYj
P3dqbbvRx7vSX9tkAlurQfBR5meBekxCmpYylu2vNuWbz2BwigG4IO41GMQqcgC+
Z/PeklgWZfHSirPJ5OgmWuKmjGG+IPp9cKoZwUay/zi575azVwPH24Ry5zIXe+aQ
tEGu/Tm2oyUbDQ==
-----END CERTIFICATE-----