Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          5HjGwJZWfZrYpswXiQM3pSMfc6mCMegAtw7JXRhXLWY=
Subject key identifier:   61:A6:4A:2F:8E:6B:6A:79:20:F1:FF:39:AD:56:E1:46:00:97:EA:66
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       0199225548C53F3EFB53B1C7A9FA2E97E67A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          15FF
Signing time:             Sun 07 Sep 2025 04:00:38 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:38 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:38 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: f3TfiIfeaiZilAvVUjIFXdpHBjVeduCZYtR1MR4uQ3w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:48:c5:3f:3e:fb:53:b1:c7:a9:fa:2e:97:e6:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Sep  7 04:00:38 2025 GMT
            Not After : Sep  8 04:00:38 2025 GMT
        Subject: CN=61a64a2f8e6b6a7920f1ff39ad56e1460097ea66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6f:65:c7:5d:b1:22:35:e7:11:51:98:5b:74:
                    98:d8:76:b0:ae:6d:14:98:b7:96:5d:36:42:04:91:
                    0e:40:9f:d6:ee:a0:9e:d4:0b:0a:e9:21:42:38:92:
                    3a:05:0b:a8:26:0d:c5:75:fc:97:00:56:d1:ba:d6:
                    b5:e0:ab:c9:ce:98:5d:82:11:2b:f8:75:48:13:93:
                    6e:47:6a:53:0c:1a:8a:fd:3b:af:b5:1a:58:f0:bf:
                    a7:67:07:34:f7:f7:24:21:a1:64:cb:45:f0:06:45:
                    f7:7d:be:8b:a5:00:48:bb:d1:11:01:4f:b4:41:d5:
                    b7:be:90:b3:17:36:47:ca:85:3d:c6:2e:c6:a0:e4:
                    4f:ab:48:cc:82:cb:e7:2f:68:f6:c4:99:d2:93:46:
                    eb:e9:27:25:48:9d:ca:6f:bf:9a:31:82:bb:cd:81:
                    06:53:45:93:39:bb:30:49:47:86:ea:f6:52:89:c7:
                    b5:01:c6:31:0f:9d:b2:ec:19:77:f5:af:0a:6c:4f:
                    58:f7:ac:5c:91:36:0c:fe:d0:44:54:75:1b:c1:bc:
                    f7:0c:40:a6:91:39:37:ff:25:f8:c7:53:ba:79:16:
                    a0:9a:6f:de:8d:01:e9:85:7b:bd:ca:59:4f:43:43:
                    2d:1c:0f:02:8b:6e:c2:0c:56:99:23:cd:e3:55:34:
                    e5:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:A6:4A:2F:8E:6B:6A:79:20:F1:FF:39:AD:56:E1:46:00:97:EA:66
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:8d:13:fe:05:e0:17:de:d8:10:ab:01:21:f8:ee:5b:fe:87:
         09:34:cd:af:43:c0:a8:ee:1b:56:bf:30:be:23:aa:9c:30:21:
         85:73:ed:7e:3e:71:b0:80:ad:02:84:dc:59:b6:a4:5e:1e:22:
         c9:22:54:71:22:f5:74:d9:06:7b:25:5f:21:04:f3:83:e2:d6:
         77:81:a6:ef:3d:83:c1:69:66:6d:c0:02:96:3b:59:57:4f:db:
         3a:6d:95:f6:e1:07:11:e5:3f:66:91:51:fb:c2:8d:83:ba:0d:
         2a:ee:4d:5c:ac:d8:63:cd:e1:2c:bc:a4:02:32:f6:5c:ed:54:
         76:d7:72:23:41:c4:a3:58:50:4b:d6:b2:f3:91:13:03:97:2d:
         87:45:f1:6e:99:64:b1:91:8b:aa:86:21:12:17:74:94:b1:63:
         80:59:f9:af:5a:21:68:cf:9a:7f:5a:dd:77:4c:31:58:79:bb:
         a0:36:62:92:60:9e:73:2f:64:d4:8f:fe:2a:25:ba:90:a3:45:
         67:ce:42:05:21:2c:b0:ad:d0:52:58:8c:92:c6:6f:01:63:ec:
         33:fe:87:bf:68:96:3e:0a:21:83:ee:9b:72:9b:ff:eb:89:f8:
         f2:ab:55:f3:1f:75:00:fb:5e:46:ae:d9:c8:16:8c:0b:1b:1b:
         4a:b7:42:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVUjFPz77U7HHqfoul+Z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwOTA3MDQwMDM4WhcNMjUwOTA4MDQwMDM4WjAzMTEwLwYDVQQD
Eyg2MWE2NGEyZjhlNmI2YTc5MjBmMWZmMzlhZDU2ZTE0NjAwOTdlYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG9lx12xIjXnEVGYW3SY2Hawrm0U
mLeWXTZCBJEOQJ/W7qCe1AsK6SFCOJI6BQuoJg3FdfyXAFbRuta14KvJzphdghEr
+HVIE5NuR2pTDBqK/TuvtRpY8L+nZwc09/ckIaFky0XwBkX3fb6LpQBIu9ERAU+0
QdW3vpCzFzZHyoU9xi7GoORPq0jMgsvnL2j2xJnSk0br6SclSJ3Kb7+aMYK7zYEG
U0WTObswSUeG6vZSice1AcYxD52y7Bl39a8KbE9Y96xckTYM/tBEVHUbwbz3DECm
kTk3/yX4x1O6eRagmm/ejQHphXu9yllPQ0MtHA8Ci27CDFaZI83jVTTllQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGmSi+Oa2p5IPH/Oa1W4UYAl+pmMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASo0T/gXg
F97YEKsBIfjuW/6HCTTNr0PAqO4bVr8wviOqnDAhhXPtfj5xsICtAoTcWbakXh4i
ySJUcSL1dNkGeyVfIQTzg+LWd4Gm7z2DwWlmbcACljtZV0/bOm2V9uEHEeU/ZpFR
+8KNg7oNKu5NXKzYY83hLLykAjL2XO1UdtdyI0HEo1hQS9ay85ETA5cth0Xxbplk
sZGLqoYhEhd0lLFjgFn5r1ohaM+af1rdd0wxWHm7oDZikmCecy9k1I/+KiW6kKNF
Z85CBSEssK3QUliMksZvAWPsM/6Hv2iWPgohg+6bcpv/64n48qtV8x91APteRq7Z
yBaMCxsbSrdCyA==
-----END CERTIFICATE-----