Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          D6pJK0SvSXJbbOoZUAQNZ3+6/s/GRq64R4TwEcDXNw0=
Subject key identifier:   5E:7C:D2:01:71:75:E1:48:9E:B5:0A:1E:A0:C0:01:EB:FD:C7:DD:11
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       019747B0CDF28216C8DFBFA93082D3B30D85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          0553
Signing time:             Sat 07 Jun 2025 00:00:58 +0000
Manifest this update:     Sat 07 Jun 2025 00:00:58 +0000
Manifest next update:     Sun 08 Jun 2025 00:00:58 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: M80sAV4P9w3pxVYOVdusDmdNzg8miiZdrSqWfJz/A7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:b0:cd:f2:82:16:c8:df:bf:a9:30:82:d3:b3:0d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: Jun  7 00:00:58 2025 GMT
            Not After : Jun  8 00:00:58 2025 GMT
        Subject: CN=5e7cd2017175e1489eb50a1ea0c001ebfdc7dd11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4d:6d:81:35:c8:86:d5:e6:f3:44:e7:fb:56:
                    9c:12:ec:30:49:b1:0e:f3:fa:f4:db:3c:e1:32:13:
                    33:01:a0:b0:20:70:b6:1a:fa:48:a0:28:4d:29:ce:
                    04:d3:8b:16:5f:97:c9:a6:4c:cb:d9:8b:89:1f:1f:
                    85:c0:87:64:03:db:83:d4:9d:f5:a6:a4:a6:4e:9a:
                    6c:a5:5c:ca:46:10:bc:72:70:a7:bb:b1:21:c2:2f:
                    8b:3d:e5:b6:24:61:42:d2:e8:3b:c4:1b:ed:d3:d5:
                    46:6e:1a:4f:45:ed:3f:8a:50:9a:f7:e3:29:9a:f5:
                    3f:68:6d:d0:0e:2e:85:65:4e:b8:eb:9a:f4:2f:53:
                    88:a8:62:ad:d6:54:32:85:33:0f:71:d3:ff:f3:71:
                    21:44:3e:96:de:60:64:fe:e9:05:ba:58:a4:3a:f4:
                    b2:23:12:19:f5:bc:cc:e9:8d:72:71:e8:74:86:bb:
                    e6:cf:95:2f:cd:0d:1d:f4:5d:9c:12:10:82:b6:ce:
                    84:53:a4:0b:a0:b1:48:8b:16:de:4b:49:84:4d:04:
                    91:16:7f:4e:dc:55:b1:46:b4:14:67:fc:2e:84:ae:
                    c5:02:4d:57:f6:b5:b4:82:ae:c5:7f:18:37:8f:0b:
                    bb:e6:10:e9:df:eb:42:ea:de:8f:22:43:97:85:44:
                    33:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7C:D2:01:71:75:E1:48:9E:B5:0A:1E:A0:C0:01:EB:FD:C7:DD:11
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:5e:06:9f:0f:8d:2e:db:fe:9b:51:7f:85:76:dc:30:a9:8f:
         3a:92:3d:32:e6:37:f6:29:91:b4:da:9a:7a:53:1b:9c:68:0a:
         0a:68:43:63:62:ef:40:83:2f:2a:2f:58:2d:42:99:2a:62:d8:
         8d:72:43:48:f6:48:ed:d3:67:e0:8e:d6:5e:df:ac:13:f9:ef:
         ba:d3:cd:db:c2:9b:00:41:aa:ef:21:c6:27:cf:14:24:af:19:
         df:00:81:7e:6b:26:f9:3c:ca:78:ec:ba:38:e9:4d:92:cd:82:
         d3:cb:a7:58:de:65:54:25:10:b8:8b:ff:7f:88:84:78:3a:61:
         2a:6a:d8:60:ce:45:45:2c:25:41:7b:e3:b7:cd:65:57:40:b6:
         f9:4a:3c:36:aa:41:33:a9:b4:04:50:58:20:b0:94:f3:ed:64:
         45:68:14:0a:15:68:8f:a9:ef:32:88:42:4d:60:c7:7c:8b:a7:
         d3:81:cb:12:fc:12:5d:a5:c2:06:2a:4d:ec:43:a3:eb:17:de:
         70:6e:c7:65:54:a4:99:3e:03:b7:da:aa:60:c2:90:b2:fb:74:
         a1:6f:12:fb:74:b0:71:79:b8:a6:c2:ed:4e:ee:15:ce:df:a7:
         33:12:a3:56:2e:e3:c4:97:52:8e:e9:2a:12:5d:b1:47:7d:71:
         5a:f3:68:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHsM3yghbI37+pMILTsw2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjUwNjA3MDAwMDU4WhcNMjUwNjA4MDAwMDU4WjAzMTEwLwYDVQQD
Eyg1ZTdjZDIwMTcxNzVlMTQ4OWViNTBhMWVhMGMwMDFlYmZkYzdkZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE1tgTXIhtXm80Tn+1acEuwwSbEO
8/r02zzhMhMzAaCwIHC2GvpIoChNKc4E04sWX5fJpkzL2YuJHx+FwIdkA9uD1J31
pqSmTppspVzKRhC8cnCnu7Ehwi+LPeW2JGFC0ug7xBvt09VGbhpPRe0/ilCa9+Mp
mvU/aG3QDi6FZU6465r0L1OIqGKt1lQyhTMPcdP/83EhRD6W3mBk/ukFulikOvSy
IxIZ9bzM6Y1yceh0hrvmz5UvzQ0d9F2cEhCCts6EU6QLoLFIixbeS0mETQSRFn9O
3FWxRrQUZ/wuhK7FAk1X9rW0gq7Ffxg3jwu75hDp3+tC6t6PIkOXhUQzMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF580gFxdeFInrUKHqDAAev9x90RMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm14Gnw+N
Ltv+m1F/hXbcMKmPOpI9MuY39imRtNqaelMbnGgKCmhDY2LvQIMvKi9YLUKZKmLY
jXJDSPZI7dNn4I7WXt+sE/nvutPN28KbAEGq7yHGJ88UJK8Z3wCBfmsm+TzKeOy6
OOlNks2C08unWN5lVCUQuIv/f4iEeDphKmrYYM5FRSwlQXvjt81lV0C2+Uo8NqpB
M6m0BFBYILCU8+1kRWgUChVoj6nvMohCTWDHfIun04HLEvwSXaXCBipN7EOj6xfe
cG7HZVSkmT4Dt9qqYMKQsvt0oW8S+3SwcXm4psLtTu4Vzt+nMxKjVi7jxJdSjukq
El2xR31xWvNoRA==
-----END CERTIFICATE-----