Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          nOwZqDOalGWNdxST7w+C0g2aJqB2Hk8mAEv0Ur6iyxs=
Subject key identifier:   0F:C2:A3:A2:6B:D2:F5:3A:11:15:5B:76:82:41:59:29:68:FE:53:C9
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       01976DE2D1A45B68690B4A68D82E73E67A88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          151D
Signing time:             Sat 14 Jun 2025 10:01:10 +0000
Manifest this update:     Sat 14 Jun 2025 10:01:10 +0000
Manifest next update:     Sun 15 Jun 2025 10:01:10 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: ieNzOueBHPqPde/PMEPQrLfAopcPk461OnNILyBqzZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:e2:d1:a4:5b:68:69:0b:4a:68:d8:2e:73:e6:7a:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Jun 14 10:01:10 2025 GMT
            Not After : Jun 15 10:01:10 2025 GMT
        Subject: CN=0fc2a3a26bd2f53a11155b768241592968fe53c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5a:68:d4:93:d1:42:0d:34:d5:5f:10:84:11:
                    d3:04:36:f4:e1:58:a1:81:54:4c:96:08:d7:0f:09:
                    5e:58:70:9c:dd:2a:6f:ff:9e:37:49:6a:58:0f:4c:
                    39:ee:64:18:be:8e:1e:e3:01:1a:2e:97:05:0f:96:
                    54:db:25:5d:93:71:1a:14:c4:e3:f4:ec:f7:57:d2:
                    b4:7a:5f:a2:90:10:e9:14:ae:7b:e2:f2:de:67:75:
                    d5:cb:4a:04:5f:85:59:b4:08:0d:2d:eb:48:d1:be:
                    85:2c:70:30:1d:6e:fa:71:9f:52:d0:ea:e2:93:9d:
                    40:78:d2:06:1c:df:8e:55:fb:06:29:3d:0b:3c:d3:
                    1d:3a:12:53:13:a9:f8:a9:e6:27:70:de:be:89:f7:
                    f8:ea:47:1b:59:34:4b:e8:44:32:93:79:07:fd:0f:
                    ef:4c:91:63:65:ae:7e:94:8f:28:b0:7f:32:3f:a6:
                    2e:dd:2c:e6:86:3d:01:d6:f7:e1:e1:51:93:02:6b:
                    45:d3:a7:69:ef:44:0e:a8:3b:f3:f7:c4:32:93:8c:
                    39:99:3f:17:89:44:e8:d1:72:4c:ff:99:5d:5d:ca:
                    37:99:ba:db:1e:ef:38:93:90:2f:f6:c6:ef:00:46:
                    b2:d5:45:71:ae:19:57:4b:70:57:7b:7e:df:0b:2d:
                    a8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:C2:A3:A2:6B:D2:F5:3A:11:15:5B:76:82:41:59:29:68:FE:53:C9
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:55:86:0b:82:f4:89:d3:7e:16:f2:4d:8e:dd:38:29:83:89:
         dd:36:82:b4:bc:34:ab:b7:a4:e1:56:b8:83:54:5c:3f:cc:0c:
         ec:0e:c9:2f:82:1d:d1:70:2c:9d:ed:98:f1:6f:db:88:10:ee:
         62:08:19:9a:36:24:4d:49:a1:cf:db:91:76:d3:7d:e4:61:81:
         95:44:c0:a9:cc:22:d2:97:8c:01:af:1f:44:3d:dc:47:80:ca:
         ab:1d:74:ca:3e:bd:f9:a4:70:94:19:ea:f6:b9:cb:5b:8e:66:
         e1:4f:25:34:2c:35:b1:41:b7:ad:bb:9c:26:b6:73:ea:eb:5e:
         03:68:dc:41:18:85:cf:9b:95:0c:1a:62:38:42:0f:43:df:42:
         24:d8:56:66:35:fa:db:07:63:ff:d9:9c:c9:aa:cb:e6:f2:64:
         c1:4d:b7:c2:af:36:9c:6d:10:c7:2e:7e:ea:63:d9:a6:8a:77:
         46:5a:fa:83:a2:d2:34:ed:8b:a4:fa:b1:91:76:3e:87:13:64:
         73:b7:15:eb:bb:d1:aa:d0:ee:09:be:9c:97:c6:bf:22:f6:9d:
         b2:02:85:fa:65:a1:91:57:12:5c:47:94:33:d7:ad:25:ae:9e:
         56:a0:15:e5:0f:8d:92:b4:87:d6:dc:54:8f:79:76:29:e7:c2:
         fb:65:7a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdt4tGkW2hpC0po2C5z5nqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwNjE0MTAwMTEwWhcNMjUwNjE1MTAwMTEwWjAzMTEwLwYDVQQD
EygwZmMyYTNhMjZiZDJmNTNhMTExNTViNzY4MjQxNTkyOTY4ZmU1M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFpo1JPRQg001V8QhBHTBDb04Vih
gVRMlgjXDwleWHCc3Spv/543SWpYD0w57mQYvo4e4wEaLpcFD5ZU2yVdk3EaFMTj
9Oz3V9K0el+ikBDpFK574vLeZ3XVy0oEX4VZtAgNLetI0b6FLHAwHW76cZ9S0Ori
k51AeNIGHN+OVfsGKT0LPNMdOhJTE6n4qeYncN6+iff46kcbWTRL6EQyk3kH/Q/v
TJFjZa5+lI8osH8yP6Yu3Szmhj0B1vfh4VGTAmtF06dp70QOqDvz98Qyk4w5mT8X
iUTo0XJM/5ldXco3mbrbHu84k5Av9sbvAEay1UVxrhlXS3BXe37fCy2ofwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/Co6Jr0vU6ERVbdoJBWSlo/lPJMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkVWGC4L0
idN+FvJNjt04KYOJ3TaCtLw0q7ek4Va4g1RcP8wM7A7JL4Id0XAsne2Y8W/biBDu
YggZmjYkTUmhz9uRdtN95GGBlUTAqcwi0peMAa8fRD3cR4DKqx10yj69+aRwlBnq
9rnLW45m4U8lNCw1sUG3rbucJrZz6uteA2jcQRiFz5uVDBpiOEIPQ99CJNhWZjX6
2wdj/9mcyarL5vJkwU23wq82nG0Qxy5+6mPZpop3Rlr6g6LSNO2LpPqxkXY+hxNk
c7cV67vRqtDuCb6cl8a/IvadsgKF+mWhkVcSXEeUM9etJa6eVqAV5Q+NkrSH1txU
j3l2KefC+2V6iA==
-----END CERTIFICATE-----