Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          b/1xN+X86KGFgIm4mJ9RUaabolcRVecgV7ZZoFX00No=
Subject key identifier:   38:AD:35:BD:A2:5E:B7:FF:95:B7:E1:55:47:C4:88:0F:9B:2F:53:4E
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       0197681777CD77059D2FCB327097AF02A5F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          151A
Signing time:             Fri 13 Jun 2025 07:00:57 +0000
Manifest this update:     Fri 13 Jun 2025 07:00:57 +0000
Manifest next update:     Sat 14 Jun 2025 07:00:57 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: k0doqhiFJ34sAox7AE+g3wfyNq95vx20Gy9JbN9J4zE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:17:77:cd:77:05:9d:2f:cb:32:70:97:af:02:a5:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Jun 13 07:00:57 2025 GMT
            Not After : Jun 14 07:00:57 2025 GMT
        Subject: CN=38ad35bda25eb7ff95b7e15547c4880f9b2f534e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d0:d4:57:3e:8c:79:ad:69:37:65:72:cd:37:
                    5f:e4:fe:c8:9b:ea:d7:de:db:a5:74:c7:a8:8d:62:
                    96:bd:bc:06:2f:e5:12:82:27:22:03:b0:dd:a5:fc:
                    0f:6e:c3:6c:b5:64:c2:1e:80:bc:cf:8b:d1:c4:8d:
                    93:b9:a8:19:1c:eb:e4:b6:bc:8d:f5:d2:41:ee:9a:
                    5d:14:fc:b4:4c:56:09:14:70:45:9e:65:fd:4a:67:
                    bb:c6:7e:c8:db:24:33:a1:dd:c5:39:10:42:6c:a2:
                    e1:76:92:c5:fa:e0:69:6e:2a:1b:36:b6:33:84:3e:
                    92:3b:79:ac:08:a9:83:f8:ce:37:6d:a6:9c:38:fc:
                    6b:9f:f5:58:6b:e2:30:6f:5f:98:45:14:c5:43:20:
                    3a:93:8a:97:3b:d4:8d:0e:1c:58:1a:ab:51:32:74:
                    0e:9b:6c:62:3b:d8:47:1d:37:41:d7:51:27:13:49:
                    16:06:c3:7a:e3:20:c8:3e:d8:93:98:a4:21:90:89:
                    e2:d8:93:c1:03:9a:3a:12:c9:7a:c8:ac:10:40:f5:
                    29:63:fb:44:6e:13:cb:1f:65:f0:6c:c3:07:c1:7a:
                    27:9b:37:e5:7c:cf:ff:8f:92:ea:3a:72:e7:4c:ab:
                    cd:0f:f9:0f:b0:94:bd:05:4a:ac:52:ba:03:56:86:
                    af:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:AD:35:BD:A2:5E:B7:FF:95:B7:E1:55:47:C4:88:0F:9B:2F:53:4E
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:55:47:35:ec:96:17:17:5d:cc:92:0b:ba:d7:36:03:41:e5:
         c2:e9:2a:5b:62:05:30:28:27:c6:da:fd:cb:d7:5c:9d:31:60:
         34:0b:91:24:ca:36:e7:57:01:34:a1:c5:10:b8:25:c1:c7:ac:
         b8:aa:38:b7:9c:ec:9f:b1:1d:e8:fe:67:38:d1:97:a4:4e:93:
         91:e2:64:55:51:8f:27:39:53:4f:96:5f:5c:01:e3:94:a4:49:
         1a:05:51:2b:46:eb:92:1a:9f:a7:a1:a0:39:ac:7b:23:42:c1:
         61:94:05:e4:3f:e0:fb:c3:9d:03:1c:83:0a:38:84:67:70:e9:
         ad:40:b6:47:45:8c:8b:98:9e:a7:3d:ed:cb:3c:0f:50:a2:41:
         ae:8e:cc:8f:41:ad:6c:c1:4a:d9:89:43:f6:cf:8c:6f:81:2e:
         db:1a:e6:17:43:f9:92:fb:df:51:47:60:c4:3d:03:a8:e8:6a:
         0d:48:db:85:16:8f:f1:84:ee:e3:66:d9:db:c2:e5:99:53:2e:
         d1:b9:1c:65:b1:f8:23:5f:e7:3d:e2:5f:30:9d:19:f6:f8:e8:
         84:da:28:6f:e8:bb:0d:4b:33:30:89:5f:01:e1:3d:43:4a:1e:
         8e:c0:52:37:f1:87:ed:aa:f8:18:e8:55:f8:da:4b:b4:48:8c:
         f1:d1:38:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoF3fNdwWdL8sycJevAqX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwNjEzMDcwMDU3WhcNMjUwNjE0MDcwMDU3WjAzMTEwLwYDVQQD
EygzOGFkMzViZGEyNWViN2ZmOTViN2UxNTU0N2M0ODgwZjliMmY1MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9DUVz6Mea1pN2VyzTdf5P7Im+rX
3tuldMeojWKWvbwGL+USgiciA7DdpfwPbsNstWTCHoC8z4vRxI2TuagZHOvktryN
9dJB7ppdFPy0TFYJFHBFnmX9Sme7xn7I2yQzod3FORBCbKLhdpLF+uBpbiobNrYz
hD6SO3msCKmD+M43baacOPxrn/VYa+Iwb1+YRRTFQyA6k4qXO9SNDhxYGqtRMnQO
m2xiO9hHHTdB11EnE0kWBsN64yDIPtiTmKQhkIni2JPBA5o6Esl6yKwQQPUpY/tE
bhPLH2XwbMMHwXonmzflfM//j5LqOnLnTKvND/kPsJS9BUqsUroDVoav6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDitNb2iXrf/lbfhVUfEiA+bL1NOMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlVHNeyW
FxddzJILutc2A0HlwukqW2IFMCgnxtr9y9dcnTFgNAuRJMo251cBNKHFELglwces
uKo4t5zsn7Ed6P5nONGXpE6TkeJkVVGPJzlTT5ZfXAHjlKRJGgVRK0brkhqfp6Gg
Oax7I0LBYZQF5D/g+8OdAxyDCjiEZ3DprUC2R0WMi5iepz3tyzwPUKJBro7Mj0Gt
bMFK2YlD9s+Mb4Eu2xrmF0P5kvvfUUdgxD0DqOhqDUjbhRaP8YTu42bZ28LlmVMu
0bkcZbH4I1/nPeJfMJ0Z9vjohNoob+i7DUszMIlfAeE9Q0oejsBSN/GH7ar4GOhV
+NpLtEiM8dE49A==
-----END CERTIFICATE-----