Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          TyAl2WJVi2567s76mTAqntQqFbWbdojgkT1h24xitmU=
Subject key identifier:   07:0D:2A:B8:A0:36:E4:D1:84:69:B8:FE:64:6E:D8:5E:16:81:C6:E9
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       019A71B8BB928563A332361526E305BB2049
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0E2C
Signing time:             Tue 11 Nov 2025 07:02:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:03 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: OciUPIw6IFFzboSQwGi2MT2noA/0FBsGbi/dZS44VUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:bb:92:85:63:a3:32:36:15:26:e3:05:bb:20:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Nov 11 07:02:03 2025 GMT
            Not After : Nov 12 07:02:03 2025 GMT
        Subject: CN=070d2ab8a036e4d18469b8fe646ed85e1681c6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:04:ea:b2:26:81:cb:d1:fc:a9:56:eb:21:a9:
                    29:2d:51:ba:73:3c:6e:4d:d6:2a:2c:27:61:15:21:
                    46:cf:83:5c:8f:ce:0d:27:21:1b:82:f7:d4:5c:bb:
                    c4:e4:b9:3f:e2:1d:1e:c6:cc:76:22:5c:3e:e4:27:
                    e6:f5:c6:83:57:ba:3a:2e:e2:ea:5e:e2:3d:6a:a1:
                    4c:d1:8b:cc:83:52:44:76:f6:e8:0a:54:00:47:21:
                    e3:7b:c5:18:1a:01:5a:5d:1e:6c:1d:4f:3c:81:55:
                    3e:c1:86:3f:51:57:06:dd:b2:d7:4d:4d:e5:24:8e:
                    00:09:b9:ac:6f:5d:8d:bc:7f:e3:1c:19:82:af:f6:
                    82:46:c8:0a:d5:50:5f:e3:8d:53:5d:9f:25:ca:90:
                    9c:c8:d4:53:d6:17:cc:4f:cd:10:67:a4:79:5f:24:
                    df:e1:60:03:5c:f3:f0:58:e2:ed:77:63:3a:8d:9d:
                    cd:87:b2:99:ae:c6:5f:62:c7:13:9f:38:cc:f2:c4:
                    ed:08:5f:a1:0c:4d:f6:0b:90:08:23:89:b7:d6:3f:
                    b4:08:77:fc:7f:25:1c:9e:d8:8f:59:3c:09:b6:c4:
                    d0:ae:5a:e5:0c:42:97:f6:b3:83:91:7e:c9:a2:7f:
                    f4:7a:55:2a:b2:5b:41:53:39:b9:b0:c7:97:5d:7c:
                    4a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:0D:2A:B8:A0:36:E4:D1:84:69:B8:FE:64:6E:D8:5E:16:81:C6:E9
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:34:e4:f4:be:01:a1:af:09:ed:f1:9d:ff:0f:18:a1:35:e7:
         f4:6e:b1:ee:7e:52:82:e3:06:29:cf:b0:f7:db:e7:ea:d3:b9:
         cd:ef:44:ef:18:a2:de:82:da:c1:b1:6a:39:82:ae:1c:1d:20:
         f9:cb:e8:83:5f:f4:25:15:4c:f1:b7:fa:8e:aa:46:ba:c1:b0:
         74:7c:36:37:06:74:eb:3e:4e:e8:9b:eb:dd:40:29:1e:e6:46:
         94:71:33:8e:e7:7b:a4:27:4c:47:b2:a1:f3:a3:80:fb:0a:b1:
         85:57:ef:d3:a7:5f:95:7d:70:e2:c8:c2:0d:b1:6a:22:ca:20:
         7d:15:db:4e:bb:f7:1e:0d:79:af:cf:66:bb:c9:7b:75:3e:3a:
         57:b9:64:70:3e:30:74:1f:61:d0:47:fd:11:7c:dc:8c:1b:e7:
         a8:3c:1f:00:f3:be:52:50:9e:0a:58:5a:57:f5:c1:ab:1a:29:
         84:76:c1:9e:5d:13:ec:d7:e7:23:f5:2c:34:86:92:57:be:17:
         b2:e1:40:ba:2b:40:7e:33:8b:f5:94:15:ad:a3:9e:fa:07:05:
         f7:56:22:0d:47:c0:cb:f6:0f:c6:35:c7:c9:13:91:c5:63:91:
         26:a6:14:87:ae:46:c5:30:de:83:ef:59:d5:c9:32:9b:4d:e9:
         6c:ad:01:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLuShWOjMjYVJuMFuyBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUxMTExMDcwMjAzWhcNMjUxMTEyMDcwMjAzWjAzMTEwLwYDVQQD
EygwNzBkMmFiOGEwMzZlNGQxODQ2OWI4ZmU2NDZlZDg1ZTE2ODFjNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqATqsiaBy9H8qVbrIakpLVG6czxu
TdYqLCdhFSFGz4Ncj84NJyEbgvfUXLvE5Lk/4h0exsx2Ilw+5Cfm9caDV7o6LuLq
XuI9aqFM0YvMg1JEdvboClQARyHje8UYGgFaXR5sHU88gVU+wYY/UVcG3bLXTU3l
JI4ACbmsb12NvH/jHBmCr/aCRsgK1VBf441TXZ8lypCcyNRT1hfMT80QZ6R5XyTf
4WADXPPwWOLtd2M6jZ3Nh7KZrsZfYscTnzjM8sTtCF+hDE32C5AII4m31j+0CHf8
fyUcntiPWTwJtsTQrlrlDEKX9rODkX7Jon/0elUqsltBUzm5sMeXXXxKDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcNKrigNuTRhGm4/mRu2F4WgcbpMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsjTk9L4B
oa8J7fGd/w8YoTXn9G6x7n5SguMGKc+w99vn6tO5ze9E7xii3oLawbFqOYKuHB0g
+cvog1/0JRVM8bf6jqpGusGwdHw2NwZ06z5O6Jvr3UApHuZGlHEzjud7pCdMR7Kh
86OA+wqxhVfv06dflX1w4sjCDbFqIsogfRXbTrv3Hg15r89mu8l7dT46V7lkcD4w
dB9h0Ef9EXzcjBvnqDwfAPO+UlCeClhaV/XBqxophHbBnl0T7NfnI/UsNIaSV74X
suFAuitAfjOL9ZQVraOe+gcF91YiDUfAy/YPxjXHyRORxWORJqYUh65GxTDeg+9Z
1ckym03pbK0BgA==
-----END CERTIFICATE-----