Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          zWvB/ha8p+prQmsXypwq+UDUacBxFuZZ9PST425IAo4=
Subject key identifier:   10:CA:3B:25:F3:D7:5B:41:A7:EB:B5:D0:78:75:B5:1E:42:22:98:DA
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       019756B5E2EF7D6A2EA449D557549CFEB208
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          1511
Signing time:             Mon 09 Jun 2025 22:00:50 +0000
Manifest this update:     Mon 09 Jun 2025 22:00:50 +0000
Manifest next update:     Tue 10 Jun 2025 22:00:50 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: FK27oU5T1LlM/VaVY8oXf1RQBF+GjgUYJPzIl4HGFJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:b5:e2:ef:7d:6a:2e:a4:49:d5:57:54:9c:fe:b2:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Jun  9 22:00:50 2025 GMT
            Not After : Jun 10 22:00:50 2025 GMT
        Subject: CN=10ca3b25f3d75b41a7ebb5d07875b51e422298da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:50:0f:1e:36:01:d4:e4:ad:e4:bd:9a:7f:39:
                    2d:a5:fa:ad:e5:a0:85:16:b1:99:4e:22:2f:2c:37:
                    bd:88:96:f7:cb:92:87:86:38:40:20:99:96:8a:e0:
                    13:02:f7:f7:72:1f:fb:89:b6:e8:f3:47:9d:26:18:
                    f1:92:be:9d:90:df:7b:f9:2d:95:b2:83:58:6a:5b:
                    ee:64:a6:57:07:af:d3:b5:62:2f:e7:8e:b9:3a:88:
                    c7:fa:83:a0:fb:89:6e:65:c0:c3:21:97:e6:54:c6:
                    06:87:07:d5:99:62:b3:29:96:6d:ec:11:31:5e:7f:
                    5d:f5:e7:c3:64:ae:02:7e:92:f7:78:20:c2:e3:74:
                    65:6e:7a:3a:1e:0a:84:1a:89:01:ec:02:ef:38:15:
                    8f:e2:95:4e:b4:17:c4:65:f3:10:7a:da:b2:02:b0:
                    ca:2f:4d:46:6c:80:72:e5:8d:a0:60:d6:a6:af:48:
                    8e:cd:91:21:94:84:4a:ee:59:a0:6c:95:11:61:f4:
                    61:01:08:75:87:bb:3a:ff:fe:0e:0b:78:1b:7b:c1:
                    63:85:b6:13:e3:f5:1f:cd:4f:f3:a8:66:1b:33:99:
                    1b:83:30:6f:e3:b5:58:24:64:a2:66:f6:8d:de:e4:
                    da:6d:a9:68:92:49:11:ea:a8:04:a3:3b:17:80:2a:
                    ce:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:CA:3B:25:F3:D7:5B:41:A7:EB:B5:D0:78:75:B5:1E:42:22:98:DA
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:10:bc:de:6f:9e:3d:a8:9a:52:c5:5e:84:ba:6e:1c:43:26:
         3a:f5:f9:9c:80:87:cd:b3:d9:14:eb:32:d4:25:15:15:7d:f5:
         22:79:ed:7f:66:96:4e:56:76:cf:b0:3c:88:b2:c2:f5:46:e7:
         fb:38:d6:6c:c1:2e:90:67:66:eb:91:53:11:81:30:bf:61:bb:
         0e:68:c5:13:c5:fc:3e:be:bb:ab:cf:0e:c7:0f:05:7f:6d:95:
         3e:63:02:6b:a0:02:4f:29:f3:f5:ee:cd:3f:8e:76:0b:75:ed:
         30:62:cd:14:ec:ce:a4:2a:26:d7:8c:e1:71:f4:ea:a6:8d:e6:
         bb:ee:29:98:bd:1f:1c:74:e3:ff:86:29:6d:a7:01:ec:6c:8f:
         ec:58:09:be:0d:c6:90:bd:3b:77:88:f3:df:21:27:8d:ed:84:
         7e:12:28:aa:d4:e8:b0:83:7e:f6:2e:a3:47:29:18:f2:71:7a:
         52:8b:77:bc:67:44:63:6d:76:ce:4a:4f:88:1e:a8:ce:63:5b:
         9f:73:0a:fc:10:7a:47:06:a4:c6:2f:26:91:f7:f0:c6:1c:38:
         06:73:8d:0d:e9:af:f6:99:33:88:63:43:51:bd:58:13:cf:4f:
         37:98:60:65:18:00:9c:39:49:e4:3c:f6:6e:53:a7:51:45:25:
         69:98:08:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWteLvfWoupEnVV1Sc/rIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwNjA5MjIwMDUwWhcNMjUwNjEwMjIwMDUwWjAzMTEwLwYDVQQD
EygxMGNhM2IyNWYzZDc1YjQxYTdlYmI1ZDA3ODc1YjUxZTQyMjI5OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01APHjYB1OSt5L2afzktpfqt5aCF
FrGZTiIvLDe9iJb3y5KHhjhAIJmWiuATAvf3ch/7ibbo80edJhjxkr6dkN97+S2V
soNYalvuZKZXB6/TtWIv5465OojH+oOg+4luZcDDIZfmVMYGhwfVmWKzKZZt7BEx
Xn9d9efDZK4CfpL3eCDC43Rlbno6HgqEGokB7ALvOBWP4pVOtBfEZfMQetqyArDK
L01GbIBy5Y2gYNamr0iOzZEhlIRK7lmgbJURYfRhAQh1h7s6//4OC3gbe8FjhbYT
4/UfzU/zqGYbM5kbgzBv47VYJGSiZvaN3uTabalokkkR6qgEozsXgCrO0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDKOyXz11tBp+u10Hh1tR5CIpjaMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRC83m+e
PaiaUsVehLpuHEMmOvX5nICHzbPZFOsy1CUVFX31Inntf2aWTlZ2z7A8iLLC9Ubn
+zjWbMEukGdm65FTEYEwv2G7DmjFE8X8Pr67q88Oxw8Ff22VPmMCa6ACTynz9e7N
P452C3XtMGLNFOzOpCom14zhcfTqpo3mu+4pmL0fHHTj/4YpbacB7GyP7FgJvg3G
kL07d4jz3yEnje2EfhIoqtTosIN+9i6jRykY8nF6Uot3vGdEY212zkpPiB6ozmNb
n3MK/BB6Rwakxi8mkffwxhw4BnONDemv9pkziGNDUb1YE89PN5hgZRgAnDlJ5Dz2
blOnUUUlaZgIjQ==
-----END CERTIFICATE-----