Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          RC+ahg38X7r2Tx0ezzRQHk3bUVO+UzvBPbglkvgpJYY=
Subject key identifier:   3D:5D:46:9F:3A:5F:E9:94:B2:DE:D2:84:E2:4D:B5:80:06:61:06:A7
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       0199228C63EAA870C46A955C84BCE0350A8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0C42
Signing time:             Sun 07 Sep 2025 05:00:49 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:49 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:49 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: jV8j+i9U+eiS+KgBHWYVAySZyhG0nujYtQR0JzpSHd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:63:ea:a8:70:c4:6a:95:5c:84:bc:e0:35:0a:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Sep  7 05:00:49 2025 GMT
            Not After : Sep  8 05:00:49 2025 GMT
        Subject: CN=3d5d469f3a5fe994b2ded284e24db580066106a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b3:04:cf:23:73:38:1c:2b:3a:7e:1d:c4:e3:
                    ac:dc:70:04:a1:92:c2:a5:29:c4:7a:91:65:4e:76:
                    2d:7c:9f:6f:f9:76:b0:00:bc:2c:1d:30:97:3d:f2:
                    f2:9f:67:8c:46:89:99:6d:52:ff:47:eb:cf:a3:86:
                    a9:c4:db:89:0d:9a:3c:85:57:03:77:9f:38:27:e4:
                    29:5e:34:c3:13:d1:de:39:75:11:aa:0d:47:31:08:
                    6f:75:53:97:15:cd:bd:b0:b1:0d:74:f8:9c:d7:99:
                    d2:c2:36:3b:1c:2f:80:08:5e:21:ef:b5:a2:f9:00:
                    7f:56:98:e2:be:51:58:ca:2c:b3:ad:b5:10:63:47:
                    69:f8:c6:f9:f1:24:95:af:7e:c8:06:51:d5:e0:b9:
                    63:5e:3c:b4:21:50:c2:ee:a5:9b:a6:cf:63:a2:13:
                    fe:cf:48:c6:22:b9:49:08:d8:8c:5e:70:ce:4c:44:
                    d8:30:55:88:8d:4c:23:96:46:15:72:13:59:ec:25:
                    05:c5:82:05:07:ca:0d:5c:c2:9a:05:b3:08:09:a8:
                    e8:fa:fe:a0:47:e7:62:f7:04:fb:b5:0c:73:00:dc:
                    cc:22:6a:11:b8:1a:93:2a:f6:85:2d:a9:de:a8:3f:
                    62:73:55:5d:1f:57:e3:ce:f3:7f:8c:3b:72:63:c5:
                    24:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:5D:46:9F:3A:5F:E9:94:B2:DE:D2:84:E2:4D:B5:80:06:61:06:A7
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:b8:8c:e5:af:c8:eb:a8:7a:73:5a:a9:0e:60:3a:a1:30:8c:
         3e:11:c5:3b:db:71:60:1b:5a:9b:a5:63:d4:e5:5d:83:8c:f0:
         6a:86:5f:b5:68:1a:f1:17:f4:df:1a:50:3d:cd:ee:53:4c:a6:
         f9:33:1e:44:8a:5f:1e:b3:b3:e6:fa:85:24:cf:dc:8b:ac:4b:
         44:32:d4:90:29:32:c6:40:e2:e2:25:be:b5:44:ea:e7:11:f4:
         39:26:55:55:13:ec:71:cc:3a:2d:d6:81:17:04:6a:eb:5c:ff:
         e5:bc:fd:6f:55:39:93:92:b4:7a:f7:67:d6:73:ee:e2:d8:ad:
         78:c6:04:c6:9b:9b:ec:dd:11:f9:57:11:cd:db:87:20:94:0e:
         04:0a:e2:67:45:0b:65:66:35:b1:82:67:17:54:27:c8:ac:9f:
         5f:3c:9f:ff:e3:40:15:ec:34:e8:c6:56:78:45:0f:7c:5e:cd:
         12:5a:a7:f5:f5:39:23:31:74:68:39:ed:ef:6d:09:61:ff:08:
         04:b1:7b:e8:78:5b:f5:15:9f:b9:b7:12:04:a8:c1:02:59:52:
         a7:29:a6:c2:55:c8:de:9c:5a:cd:44:3c:b5:f2:52:ae:a2:e2:
         a6:fd:ce:b4:ac:4c:2e:51:23:49:b1:8a:ad:32:74:f9:0c:56:
         d8:eb:74:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGPqqHDEapVchLzgNQqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUwOTA3MDUwMDQ5WhcNMjUwOTA4MDUwMDQ5WjAzMTEwLwYDVQQD
EygzZDVkNDY5ZjNhNWZlOTk0YjJkZWQyODRlMjRkYjU4MDA2NjEwNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLMEzyNzOBwrOn4dxOOs3HAEoZLC
pSnEepFlTnYtfJ9v+XawALwsHTCXPfLyn2eMRomZbVL/R+vPo4apxNuJDZo8hVcD
d584J+QpXjTDE9HeOXURqg1HMQhvdVOXFc29sLENdPic15nSwjY7HC+ACF4h77Wi
+QB/VpjivlFYyiyzrbUQY0dp+Mb58SSVr37IBlHV4LljXjy0IVDC7qWbps9johP+
z0jGIrlJCNiMXnDOTETYMFWIjUwjlkYVchNZ7CUFxYIFB8oNXMKaBbMICajo+v6g
R+di9wT7tQxzANzMImoRuBqTKvaFLaneqD9ic1VdH1fjzvN/jDtyY8UkGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1dRp86X+mUst7ShOJNtYAGYQanMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv7iM5a/I
66h6c1qpDmA6oTCMPhHFO9txYBtam6Vj1OVdg4zwaoZftWga8Rf03xpQPc3uU0ym
+TMeRIpfHrOz5vqFJM/ci6xLRDLUkCkyxkDi4iW+tUTq5xH0OSZVVRPsccw6LdaB
FwRq61z/5bz9b1U5k5K0evdn1nPu4titeMYExpub7N0R+VcRzduHIJQOBAriZ0UL
ZWY1sYJnF1QnyKyfXzyf/+NAFew06MZWeEUPfF7NElqn9fU5IzF0aDnt720JYf8I
BLF76Hhb9RWfubcSBKjBAllSpymmwlXI3pxazUQ8tfJSrqLipv3OtKxMLlEjSbGK
rTJ0+QxW2Ot0fQ==
-----END CERTIFICATE-----