Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          U3a8lT6CQMcyE9hvw4l2IIQNfIhDiOMMjw4uaOkrJvc=
Subject key identifier:   1A:A4:85:49:E5:26:59:6B:18:6A:50:92:BC:D0:31:7F:50:48:B3:16
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       01975A92D6813A7FED2937A7C6545D43009B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          1513
Signing time:             Tue 10 Jun 2025 16:01:01 +0000
Manifest this update:     Tue 10 Jun 2025 16:01:01 +0000
Manifest next update:     Wed 11 Jun 2025 16:01:01 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: rTlNNnHBCi1y3+76DBlpxSwROcW2Anf30jlSsfThCAM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:92:d6:81:3a:7f:ed:29:37:a7:c6:54:5d:43:00:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Jun 10 16:01:01 2025 GMT
            Not After : Jun 11 16:01:01 2025 GMT
        Subject: CN=1aa48549e526596b186a5092bcd0317f5048b316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9f:38:40:a2:63:fc:0a:4b:0a:15:12:4b:83:
                    40:1c:a6:dd:c9:6b:a2:73:6e:72:d8:b7:e5:dd:f0:
                    fe:d6:9f:7f:ae:f2:8e:4c:83:35:2b:52:4a:e9:48:
                    b1:7a:c3:91:d3:61:0e:9f:f6:95:72:0c:84:ab:ad:
                    5d:9a:ff:46:1a:96:fb:50:44:44:a5:cf:d4:87:13:
                    c0:e4:c0:e6:53:ec:e6:e9:67:ec:34:77:6c:e6:a4:
                    b5:94:8d:b2:4c:2a:c0:a2:6d:c2:62:38:39:44:b7:
                    74:d6:9a:b4:9d:31:ad:00:66:06:f8:3b:c3:ba:ce:
                    df:eb:d4:5a:14:be:87:58:95:c6:e4:6c:8b:ca:7d:
                    5f:2d:2c:c4:e2:67:15:f3:87:44:0d:23:f2:97:f1:
                    5f:b5:27:20:17:47:9d:40:af:57:3a:dd:7d:58:90:
                    9f:71:3f:cb:ec:d0:e6:30:e0:d4:55:fb:cb:74:29:
                    e4:2a:fa:a3:6d:f3:2e:90:6f:0d:66:98:ce:bd:f8:
                    7d:a3:77:4c:c3:41:e7:f2:e8:0c:1d:b7:46:79:26:
                    1b:9f:1a:57:78:72:36:22:ce:4a:09:1c:7e:83:ad:
                    59:b6:03:12:d7:ee:d0:5d:64:9b:f6:a9:fd:52:ec:
                    60:59:87:df:23:4d:55:60:19:35:fc:69:a5:53:f6:
                    f8:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:A4:85:49:E5:26:59:6B:18:6A:50:92:BC:D0:31:7F:50:48:B3:16
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:80:e0:e0:95:9e:db:92:91:ad:23:f5:f4:4a:ac:34:8f:ce:
         c0:46:04:56:88:3d:2f:a3:89:6c:b8:61:5d:51:3b:fb:aa:79:
         3f:e1:66:51:f0:61:a0:47:f5:cd:60:00:88:71:60:36:93:41:
         5f:53:ed:86:5f:21:70:e2:41:2f:9d:72:36:76:57:21:8b:dd:
         32:a7:49:a5:db:71:95:fb:25:bd:15:8b:e0:53:53:d9:f9:89:
         2d:5b:80:23:6a:2d:9d:50:20:53:cf:b3:1d:ad:51:1b:86:c5:
         9a:39:5d:6f:39:1a:25:7c:cf:8d:58:21:9c:1a:06:e0:35:c5:
         68:84:6f:8c:fc:24:87:f2:bf:0b:de:d5:29:0b:0d:da:f2:16:
         3f:cb:4f:d4:41:60:cc:8f:4e:75:ac:60:4f:19:e4:d2:55:15:
         5e:d6:07:0e:5c:cc:b4:87:12:66:a1:d7:cc:30:de:20:a9:6f:
         5b:67:40:c2:fd:ac:3b:00:05:29:9e:88:21:a4:f0:d4:59:70:
         bf:2a:97:53:1d:fb:a6:3c:98:e0:db:4b:e7:a8:b1:b1:32:17:
         e7:bb:f4:43:c2:62:41:5e:c4:19:b2:2e:e4:e7:fc:d2:e8:82:
         52:f7:2b:e5:1d:9f:ce:9b:e2:b2:a5:d9:78:a8:0c:0f:34:c0:
         d2:30:90:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaktaBOn/tKTenxlRdQwCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjUwNjEwMTYwMTAxWhcNMjUwNjExMTYwMTAxWjAzMTEwLwYDVQQD
EygxYWE0ODU0OWU1MjY1OTZiMTg2YTUwOTJiY2QwMzE3ZjUwNDhiMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp84QKJj/ApLChUSS4NAHKbdyWui
c25y2Lfl3fD+1p9/rvKOTIM1K1JK6UixesOR02EOn/aVcgyEq61dmv9GGpb7UERE
pc/UhxPA5MDmU+zm6WfsNHds5qS1lI2yTCrAom3CYjg5RLd01pq0nTGtAGYG+DvD
us7f69RaFL6HWJXG5GyLyn1fLSzE4mcV84dEDSPyl/FftScgF0edQK9XOt19WJCf
cT/L7NDmMODUVfvLdCnkKvqjbfMukG8NZpjOvfh9o3dMw0Hn8ugMHbdGeSYbnxpX
eHI2Is5KCRx+g61ZtgMS1+7QXWSb9qn9UuxgWYffI01VYBk1/GmlU/b4cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqkhUnlJllrGGpQkrzQMX9QSLMWMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhoDg4JWe
25KRrSP19EqsNI/OwEYEVog9L6OJbLhhXVE7+6p5P+FmUfBhoEf1zWAAiHFgNpNB
X1Pthl8hcOJBL51yNnZXIYvdMqdJpdtxlfslvRWL4FNT2fmJLVuAI2otnVAgU8+z
Ha1RG4bFmjldbzkaJXzPjVghnBoG4DXFaIRvjPwkh/K/C97VKQsN2vIWP8tP1EFg
zI9OdaxgTxnk0lUVXtYHDlzMtIcSZqHXzDDeIKlvW2dAwv2sOwAFKZ6IIaTw1Flw
vyqXUx37pjyY4NtL56ixsTIX57v0Q8JiQV7EGbIu5Of80uiCUvcr5R2fzpvisqXZ
eKgMDzTA0jCQFw==
-----END CERTIFICATE-----