Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          CMDmWtru88EDVTIOVmDy46YoDdspyoqjICkooBKuTE4=
Subject key identifier:   34:5B:7B:C7:68:19:DB:CE:FD:87:33:9C:27:3B:27:4E:C8:11:36:E7
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       019750B3CE75140B65E850E9B464D1082FEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          02EA
Signing time:             Sun 08 Jun 2025 18:00:50 +0000
Manifest this update:     Sun 08 Jun 2025 18:00:50 +0000
Manifest next update:     Mon 09 Jun 2025 18:00:50 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: YzZ7yBzZ0XIenD0vGVRv0ERq+E8t4y+EorQiIgntt8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 18:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:b3:ce:75:14:0b:65:e8:50:e9:b4:64:d1:08:2f:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Jun  8 18:00:50 2025 GMT
            Not After : Jun  9 18:00:50 2025 GMT
        Subject: CN=345b7bc76819dbcefd87339c273b274ec81136e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:21:d0:74:56:e3:3b:c7:32:77:75:72:f0:e6:
                    74:81:f9:fb:4b:d4:24:8a:ef:69:c9:4a:eb:b6:94:
                    df:36:5f:fa:97:a3:76:15:0f:ed:af:21:af:64:b5:
                    d9:ca:16:be:bd:af:55:09:ae:45:b0:3d:d7:38:b0:
                    c8:0b:9c:2c:8b:2b:bb:23:e2:38:99:62:15:34:22:
                    75:19:91:c6:31:9a:b5:04:e0:9e:6c:1c:b9:68:f9:
                    32:07:9d:47:36:ae:35:5e:e5:c7:27:8a:10:85:50:
                    b8:0e:1d:95:17:0d:e6:a5:58:3b:03:42:c7:d2:59:
                    78:d1:79:f3:1c:b4:42:40:5d:b9:6a:b9:06:49:b2:
                    bb:94:fe:4e:c3:dd:16:13:1e:da:cf:37:c2:bf:f6:
                    a0:0a:b1:dc:9f:3b:2f:c7:6b:c8:18:9e:8c:a3:d5:
                    89:53:1b:08:5c:4c:0b:8c:b3:f2:fb:ed:65:11:3f:
                    73:61:76:07:cb:39:6e:eb:ec:18:c3:b2:00:17:f4:
                    40:6e:78:47:ea:10:6b:15:57:9e:2b:88:36:d1:51:
                    98:8f:f6:f5:3a:48:04:e0:5e:eb:b2:c6:c1:1f:1c:
                    1d:7c:25:a9:53:31:82:10:ac:e7:9a:69:5d:e8:df:
                    02:e1:2e:51:76:59:c4:dd:d1:8d:1c:a1:c7:25:6f:
                    78:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:5B:7B:C7:68:19:DB:CE:FD:87:33:9C:27:3B:27:4E:C8:11:36:E7
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:2c:ba:40:3d:53:f1:84:e7:09:e4:f5:4b:86:19:62:d5:2b:
         3f:62:54:70:1d:dc:2c:c1:5f:16:27:12:93:00:37:1a:a5:84:
         34:f1:af:4b:85:82:2d:3c:5f:6a:a1:ad:2b:d5:c1:0e:f1:cc:
         a3:e9:53:0e:ec:41:76:d6:06:1e:ad:bc:5f:1f:01:0e:ca:e6:
         28:cb:c6:20:c0:07:e8:86:13:c8:89:c8:cb:a7:ac:27:bd:a4:
         aa:9e:04:83:57:95:73:0d:03:d2:4a:c4:fc:e2:4d:be:72:14:
         b1:cd:c9:0e:04:f9:94:71:17:55:c1:27:8d:af:a6:af:d3:ec:
         e1:a2:18:47:1a:b9:38:d0:34:36:2c:c5:a9:ef:e6:e6:b5:d5:
         bb:5c:e6:09:8f:a5:8e:fc:0c:ef:77:7c:5c:ad:c1:9c:e3:e6:
         e2:f4:21:86:c7:19:98:99:e0:be:c2:35:4f:90:0d:ee:e0:8f:
         d1:65:81:33:ed:10:4a:7e:d3:f1:1c:77:4b:b1:f7:0f:2a:e5:
         74:e3:c6:e4:e7:95:4d:9c:86:4f:cd:ee:a8:2a:f7:58:da:a8:
         ce:b7:47:97:c1:c4:4b:fc:cf:eb:85:f9:d7:e6:d6:20:ba:2f:
         69:71:10:ee:28:90:bc:ed:df:d8:80:66:ff:d9:b2:12:ae:7a:
         62:6b:74:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQs851FAtl6FDptGTRCC/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjUwNjA4MTgwMDUwWhcNMjUwNjA5MTgwMDUwWjAzMTEwLwYDVQQD
EygzNDViN2JjNzY4MTlkYmNlZmQ4NzMzOWMyNzNiMjc0ZWM4MTEzNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSHQdFbjO8cyd3Vy8OZ0gfn7S9Qk
iu9pyUrrtpTfNl/6l6N2FQ/tryGvZLXZyha+va9VCa5FsD3XOLDIC5wsiyu7I+I4
mWIVNCJ1GZHGMZq1BOCebBy5aPkyB51HNq41XuXHJ4oQhVC4Dh2VFw3mpVg7A0LH
0ll40XnzHLRCQF25arkGSbK7lP5Ow90WEx7azzfCv/agCrHcnzsvx2vIGJ6Mo9WJ
UxsIXEwLjLPy++1lET9zYXYHyzlu6+wYw7IAF/RAbnhH6hBrFVeeK4g20VGYj/b1
OkgE4F7rssbBHxwdfCWpUzGCEKznmmld6N8C4S5RdlnE3dGNHKHHJW94RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRbe8doGdvO/YcznCc7J07IETbnMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABiy6QD1T
8YTnCeT1S4YZYtUrP2JUcB3cLMFfFicSkwA3GqWENPGvS4WCLTxfaqGtK9XBDvHM
o+lTDuxBdtYGHq28Xx8BDsrmKMvGIMAH6IYTyInIy6esJ72kqp4Eg1eVcw0D0krE
/OJNvnIUsc3JDgT5lHEXVcEnja+mr9Ps4aIYRxq5ONA0NizFqe/m5rXVu1zmCY+l
jvwM73d8XK3BnOPm4vQhhscZmJngvsI1T5AN7uCP0WWBM+0QSn7T8Rx3S7H3Dyrl
dOPG5OeVTZyGT83uqCr3WNqozrdHl8HES/zP64X51+bWILovaXEQ7iiQvO3f2IBm
/9myEq56Ymt0Kg==
-----END CERTIFICATE-----