Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          Bn8+ULVK33gp8WqLuPbWGU+mfNnSNNXgeJWt50wEv8U=
Subject key identifier:   89:AC:0C:43:24:11:CE:CE:C1:FE:CC:33:29:B2:37:76:58:BC:5C:58
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       01965726E2A40F508FFAB3024B498442DBCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0C0C
Signing time:             Mon 21 Apr 2025 07:01:28 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:28 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:28 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: K5jMRRiQQi4dR1e2DyvVwY8TZpooZG6ynZNEgx6lYC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:e2:a4:0f:50:8f:fa:b3:02:4b:49:84:42:db:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Apr 21 07:01:28 2025 GMT
            Not After : Apr 22 07:01:28 2025 GMT
        Subject: CN=89ac0c432411cecec1fecc3329b2377658bc5c58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:97:56:5b:41:63:69:8b:eb:4b:81:c2:38:41:
                    b3:43:23:64:88:07:ac:95:35:2b:37:51:fd:39:f9:
                    e8:ef:9d:5e:eb:9e:2d:ea:7d:8b:36:13:85:12:49:
                    0a:36:77:8b:c8:75:5f:9d:7c:48:34:46:ad:72:db:
                    12:89:a4:99:3d:85:99:1b:1b:3c:b8:a7:5f:6d:4e:
                    e7:a3:1e:3d:fb:26:8c:a2:67:9d:b8:0f:3c:6d:e9:
                    e7:a6:17:de:e1:ff:6d:e2:3e:20:20:f1:1c:71:96:
                    6b:86:16:3a:87:db:28:83:a8:74:6a:fd:a5:09:4d:
                    04:46:9e:28:e7:f2:92:55:c8:31:cf:1f:9f:70:0a:
                    da:f4:c4:98:04:b6:e3:d4:c7:ec:52:bb:5e:21:31:
                    fe:cd:d7:ae:54:bf:54:4b:bc:c5:70:1e:37:f7:d0:
                    c4:bf:3e:31:a2:ba:30:12:29:90:0e:34:35:02:f4:
                    54:6b:08:63:2b:0b:11:2e:5e:7a:53:1d:7c:5a:7b:
                    60:07:3d:18:5e:54:db:50:5f:ed:19:c6:00:33:4d:
                    68:0b:c5:c7:1f:10:12:d3:cf:90:41:fb:8a:94:5b:
                    dd:d0:fb:a1:c4:10:66:d2:d1:c4:97:12:fb:04:10:
                    70:50:b3:d1:db:8b:8e:09:7c:7d:14:f9:d8:8b:4c:
                    16:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:AC:0C:43:24:11:CE:CE:C1:FE:CC:33:29:B2:37:76:58:BC:5C:58
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:45:1a:3c:3f:b6:3f:49:1f:a9:92:14:bb:6b:34:c1:98:f6:
         79:fd:2f:bf:c2:67:cf:49:16:0a:7b:dd:25:70:62:d5:0e:9d:
         8d:34:45:79:89:39:63:38:9e:e7:58:5a:6b:1d:05:12:7a:26:
         bb:97:7a:8b:75:28:ac:8c:21:e0:01:f5:72:ae:f1:51:c4:b7:
         fd:5c:8c:7f:1d:d4:39:3b:73:5d:bd:0e:16:b8:c5:49:5e:e8:
         f3:5f:27:8b:1b:9b:45:8c:98:ca:af:0b:7c:16:6e:17:b8:af:
         00:ac:13:ee:1c:30:10:81:b4:db:ae:86:3b:bd:8c:62:db:df:
         d3:c7:a7:ab:b6:be:12:ba:7f:b1:bf:af:91:bf:77:74:a1:82:
         c5:39:45:81:6a:ae:3c:7f:b9:cc:30:0e:20:53:de:16:34:e8:
         b8:b1:5a:1b:e2:05:52:2c:ff:14:bf:17:aa:d8:73:9b:3f:e8:
         5a:c9:54:a3:61:36:9b:b6:0a:6b:21:64:5a:b1:0c:82:ff:5a:
         53:b3:b6:c1:51:e2:4c:7f:28:98:a6:af:eb:e0:89:67:be:37:
         55:cf:cc:61:9c:ed:63:17:cd:f9:d1:e3:61:d3:22:04:40:47:
         3e:32:81:bf:fa:5a:9f:4f:67:d6:d3:50:31:0e:b2:35:14:50:
         10:24:3d:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJuKkD1CP+rMCS0mEQtvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjUwNDIxMDcwMTI4WhcNMjUwNDIyMDcwMTI4WjAzMTEwLwYDVQQD
Eyg4OWFjMGM0MzI0MTFjZWNlYzFmZWNjMzMyOWIyMzc3NjU4YmM1YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpdWW0FjaYvrS4HCOEGzQyNkiAes
lTUrN1H9Ofno751e654t6n2LNhOFEkkKNneLyHVfnXxINEatctsSiaSZPYWZGxs8
uKdfbU7nox49+yaMomeduA88bennphfe4f9t4j4gIPEccZZrhhY6h9sog6h0av2l
CU0ERp4o5/KSVcgxzx+fcAra9MSYBLbj1MfsUrteITH+zdeuVL9US7zFcB4399DE
vz4xorowEimQDjQ1AvRUawhjKwsRLl56Ux18WntgBz0YXlTbUF/tGcYAM01oC8XH
HxAS08+QQfuKlFvd0PuhxBBm0tHElxL7BBBwULPR24uOCXx9FPnYi0wWuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImsDEMkEc7Owf7MMymyN3ZYvFxYMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEUaPD+2
P0kfqZIUu2s0wZj2ef0vv8Jnz0kWCnvdJXBi1Q6djTRFeYk5Yzie51haax0FEnom
u5d6i3UorIwh4AH1cq7xUcS3/VyMfx3UOTtzXb0OFrjFSV7o818nixubRYyYyq8L
fBZuF7ivAKwT7hwwEIG0266GO72MYtvf08enq7a+Erp/sb+vkb93dKGCxTlFgWqu
PH+5zDAOIFPeFjTouLFaG+IFUiz/FL8Xqthzmz/oWslUo2E2m7YKayFkWrEMgv9a
U7O2wVHiTH8omKav6+CJZ743Vc/MYZztYxfN+dHjYdMiBEBHPjKBv/pan09n1tNQ
MQ6yNRRQECQ9Kw==
-----END CERTIFICATE-----