Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
File:                     Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json)
Hash identifier:          wrBQj1iQ6E1imI8FFD0Oa45VzoQVlE0ebjYUqRQv6Jk=
Subject key identifier:   CA:6A:09:30:D7:E8:BD:A5:FF:18:04:00:45:FC:B7:05:D8:BE:17:34
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       01974D7BBA74ACC0216AFDF1A7BA8035E63C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
Manifest number:          0163
Signing time:             Sun 08 Jun 2025 03:00:43 +0000
Manifest this update:     Sun 08 Jun 2025 03:00:43 +0000
Manifest next update:     Mon 09 Jun 2025 03:00:43 +0000
Files and hashes:         1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: C/zQuZnwrtl2xu7ai0btUH/sBRHZ1QZdEj4/rhBlMq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:7b:ba:74:ac:c0:21:6a:fd:f1:a7:ba:80:35:e6:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Jun  8 03:00:43 2025 GMT
            Not After : Jun  9 03:00:43 2025 GMT
        Subject: CN=ca6a0930d7e8bda5ff18040045fcb705d8be1734
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:78:2f:70:9d:0c:b1:cc:18:f7:00:83:99:b4:
                    e3:cf:7f:6c:77:8c:64:29:19:c0:59:be:36:59:46:
                    e2:44:99:f1:10:63:7d:48:15:e6:9e:92:4c:d4:42:
                    34:3b:ed:c9:e2:fe:9f:a8:d6:e8:5c:12:43:f5:d5:
                    74:98:c1:c9:a4:18:ad:1a:38:d2:30:fa:7f:12:e8:
                    8a:93:00:38:e5:9a:8c:f6:9d:cf:ba:1e:aa:be:be:
                    17:92:8a:64:33:a0:c9:2b:5b:48:df:5e:b0:b4:a4:
                    be:4f:da:f7:99:e7:34:7c:b2:20:37:9f:11:e8:cb:
                    ee:26:1e:d7:a6:74:30:19:9e:76:ce:8a:08:93:08:
                    d7:bf:af:52:87:53:76:7a:28:19:66:0c:bf:ef:55:
                    64:40:1b:06:dd:ec:1c:9f:d2:7e:2f:75:00:60:00:
                    61:56:0c:9b:b6:a6:85:ea:6e:76:50:87:9c:f9:86:
                    7b:17:c6:40:f5:51:62:9f:ba:b2:46:86:7d:0b:ed:
                    79:e0:24:61:00:7c:2f:81:7e:35:e5:92:9a:fa:fb:
                    7b:2d:85:3e:a5:9f:51:47:c1:58:84:c1:2a:fc:ad:
                    a7:d6:2d:61:8b:3a:04:66:35:8b:9d:a9:41:38:0e:
                    1e:db:68:ea:08:34:18:8d:fa:48:a3:af:26:2c:61:
                    e1:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6A:09:30:D7:E8:BD:A5:FF:18:04:00:45:FC:B7:05:D8:BE:17:34
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:d5:69:6f:3e:8f:f2:cf:2c:b7:a6:cb:96:60:ea:31:69:8e:
         31:de:15:ef:35:31:1a:09:ba:c2:6d:22:e6:09:62:5b:b3:db:
         74:f1:93:6c:ba:3e:12:46:01:e4:94:36:91:e3:a2:4e:69:0f:
         eb:c4:37:b3:71:7c:77:3f:b8:f7:c0:7c:e7:7f:3c:91:e4:b5:
         24:e5:d2:ff:e0:32:d3:28:80:c9:f2:75:93:a6:d8:60:4e:79:
         9f:67:be:74:ac:1d:0e:7f:1f:40:42:80:de:e3:1f:a5:c1:d3:
         49:71:88:62:1a:8f:6a:34:6b:e2:bd:00:6a:62:ec:59:69:77:
         4b:e3:9a:83:9c:50:d7:ba:f4:13:58:21:1b:87:fe:72:94:a8:
         f2:cf:cb:d3:d6:1a:ab:a0:20:84:07:23:1c:2f:05:ed:ff:9e:
         04:33:45:32:f3:e9:f0:18:fd:c7:2b:f8:53:41:27:ab:7b:3d:
         e7:26:32:05:43:5d:dc:8c:be:65:da:9c:14:0b:34:d8:a8:f4:
         67:56:ad:62:a7:55:83:5b:de:fa:c6:22:53:5e:ef:af:8b:ba:
         ad:a7:8e:62:24:65:7f:ab:f4:30:45:72:8e:ec:27:7c:4d:81:
         5c:f3:44:ad:0e:32:fa:60:31:1e:d5:37:72:cd:91:eb:14:8a:
         19:70:2b:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNe7p0rMAhav3xp7qANeY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjUwNjA4MDMwMDQzWhcNMjUwNjA5MDMwMDQzWjAzMTEwLwYDVQQD
EyhjYTZhMDkzMGQ3ZThiZGE1ZmYxODA0MDA0NWZjYjcwNWQ4YmUxNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArngvcJ0MscwY9wCDmbTjz39sd4xk
KRnAWb42WUbiRJnxEGN9SBXmnpJM1EI0O+3J4v6fqNboXBJD9dV0mMHJpBitGjjS
MPp/EuiKkwA45ZqM9p3Puh6qvr4XkopkM6DJK1tI316wtKS+T9r3mec0fLIgN58R
6MvuJh7XpnQwGZ52zooIkwjXv69Sh1N2eigZZgy/71VkQBsG3ewcn9J+L3UAYABh
VgybtqaF6m52UIec+YZ7F8ZA9VFin7qyRoZ9C+154CRhAHwvgX415ZKa+vt7LYU+
pZ9RR8FYhMEq/K2n1i1hizoEZjWLnalBOA4e22jqCDQYjfpIo68mLGHhGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpqCTDX6L2l/xgEAEX8twXYvhc0MB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9Vpbz6P
8s8st6bLlmDqMWmOMd4V7zUxGgm6wm0i5gliW7PbdPGTbLo+EkYB5JQ2keOiTmkP
68Q3s3F8dz+498B85388keS1JOXS/+Ay0yiAyfJ1k6bYYE55n2e+dKwdDn8fQEKA
3uMfpcHTSXGIYhqPajRr4r0AamLsWWl3S+Oag5xQ17r0E1ghG4f+cpSo8s/L09Ya
q6AghAcjHC8F7f+eBDNFMvPp8Bj9xyv4U0Enq3s95yYyBUNd3Iy+ZdqcFAs02Kj0
Z1atYqdVg1ve+sYiU17vr4u6raeOYiRlf6v0MEVyjuwnfE2BXPNErQ4y+mAxHtU3
cs2R6xSKGXArsg==
-----END CERTIFICATE-----