Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
File:                     ICNzDgbEv7_6ypBeUxJldCwXirQ.mft (raw, json)
Hash identifier:          xDjft1tj4ESERZOY1qFymfkfdJrH9E2QpdKLD56Y9p0=
Subject key identifier:   9A:90:FD:97:40:24:AE:54:B5:E0:69:CF:FF:D3:5A:D1:01:32:DF:E7
Authority key identifier: 20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4
Certificate issuer:       /CN=2023730e06c4bfbffaca905e531265742c178ab4
Certificate serial:       0197CBDF4AD4BBAAABD692BE36CFFFA98587
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
Manifest number:          0F94
Signing time:             Wed 02 Jul 2025 16:01:37 +0000
Manifest this update:     Wed 02 Jul 2025 16:01:37 +0000
Manifest next update:     Thu 03 Jul 2025 16:01:37 +0000
Files and hashes:         1: ICNzDgbEv7_6ypBeUxJldCwXirQ.crl (hash: 8FHol7P5FHadf+0saCq/vHK5SH3HvkGZa5fPa6Za3Dw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:df:4a:d4:bb:aa:ab:d6:92:be:36:cf:ff:a9:85:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2023730e06c4bfbffaca905e531265742c178ab4
        Validity
            Not Before: Jul  2 16:01:37 2025 GMT
            Not After : Jul  3 16:01:37 2025 GMT
        Subject: CN=9a90fd974024ae54b5e069cfffd35ad10132dfe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d8:c9:72:b1:e3:a2:c3:75:2d:64:70:6c:51:
                    dd:58:d9:61:be:7e:8a:53:2a:5f:b3:d1:5e:5d:23:
                    56:87:d9:35:fe:c4:3d:22:c0:fe:67:b0:c8:50:90:
                    8f:8a:56:60:b3:4d:1c:85:47:2a:c6:66:13:93:8a:
                    d6:97:34:6c:f3:05:29:31:65:7f:42:59:70:cb:c5:
                    ee:18:44:9d:8f:02:e2:11:af:ee:e3:ee:6f:b4:e2:
                    29:c0:e4:1d:64:38:4c:31:7b:db:c9:82:58:6b:e7:
                    82:f9:a7:ec:cd:e1:98:c9:93:21:4c:98:72:29:67:
                    c1:94:71:60:37:dc:d1:53:f3:94:9d:50:9b:2c:1f:
                    0a:9f:ed:a3:72:bf:e5:33:18:a8:ad:f6:90:85:fa:
                    96:69:f4:96:12:65:5f:42:83:e5:d1:18:9e:a5:f1:
                    6c:9e:d5:8a:18:60:ae:d6:83:f7:73:55:e1:80:7b:
                    96:76:9a:f4:7e:9a:a2:3c:95:06:57:a1:d2:9c:9d:
                    98:7e:09:73:1f:1f:92:f1:3b:95:a1:69:f4:15:01:
                    aa:93:ea:db:d3:7d:c6:4c:af:03:03:9b:a6:4c:1b:
                    29:eb:2e:95:ac:b3:8a:ce:16:15:0a:ca:de:08:5d:
                    f8:e8:a3:f1:04:cb:3e:94:52:5d:ec:27:b5:5c:43:
                    0c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:90:FD:97:40:24:AE:54:B5:E0:69:CF:FF:D3:5A:D1:01:32:DF:E7
            X509v3 Authority Key Identifier:
                keyid:20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:9a:93:3d:d2:41:ac:f3:97:e1:bc:0e:b5:96:6d:ec:db:8b:
         b3:42:d6:48:b8:a9:74:e1:b4:b7:34:1d:f9:d2:3e:14:30:f0:
         bc:b8:e6:f8:57:f5:f8:99:4c:82:4e:77:c9:b8:35:58:cd:71:
         34:a1:c7:e7:72:09:e7:97:78:e6:09:90:82:c5:f7:eb:e6:76:
         43:66:22:8f:f3:ca:88:a4:0c:8d:d9:d1:e1:ec:8a:ed:57:8d:
         9c:87:8d:b9:ff:24:f1:aa:0f:f2:25:a9:ae:27:68:27:28:fd:
         cd:e5:dc:e7:af:64:aa:30:40:9e:48:82:9b:4a:56:60:4d:85:
         e5:6f:d3:0b:62:23:70:cf:39:5c:6b:0c:13:19:43:0c:93:cc:
         c0:d3:06:41:c3:32:b9:9c:d3:db:5e:85:d9:62:ea:20:90:d1:
         07:b5:63:0b:00:a2:37:a6:70:bf:aa:47:be:a2:85:7e:64:53:
         49:d3:73:47:f2:46:ff:ed:e3:dd:11:c9:e3:db:a4:80:70:be:
         af:ed:ab:60:15:c3:0c:1c:ab:a1:88:8c:6d:3c:55:03:1a:c7:
         85:ba:7a:45:74:97:59:45:e3:be:57:67:15:ee:3b:7d:e1:f2:
         9b:26:ca:14:c1:d1:55:12:f1:bc:74:ea:c5:d3:3b:eb:99:a8:
         e2:5d:ea:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL30rUu6qr1pK+Ns//qYWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjM3MzBlMDZjNGJmYmZmYWNhOTA1ZTUzMTI2NTc0MmMx
NzhhYjQwHhcNMjUwNzAyMTYwMTM3WhcNMjUwNzAzMTYwMTM3WjAzMTEwLwYDVQQD
Eyg5YTkwZmQ5NzQwMjRhZTU0YjVlMDY5Y2ZmZmQzNWFkMTAxMzJkZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydjJcrHjosN1LWRwbFHdWNlhvn6K
Uypfs9FeXSNWh9k1/sQ9IsD+Z7DIUJCPilZgs00chUcqxmYTk4rWlzRs8wUpMWV/
Qllwy8XuGESdjwLiEa/u4+5vtOIpwOQdZDhMMXvbyYJYa+eC+afszeGYyZMhTJhy
KWfBlHFgN9zRU/OUnVCbLB8Kn+2jcr/lMxiorfaQhfqWafSWEmVfQoPl0RiepfFs
ntWKGGCu1oP3c1XhgHuWdpr0fpqiPJUGV6HSnJ2YfglzHx+S8TuVoWn0FQGqk+rb
033GTK8DA5umTBsp6y6VrLOKzhYVCsreCF346KPxBMs+lFJd7Ce1XEMMWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqQ/ZdAJK5UteBpz//TWtEBMt/nMB8GA1UdIwQY
MBaAFCAjcw4GxL+/+sqQXlMSZXQsF4q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYt
YjAzMzViYTNlMGMyLzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYtYjAzMzViYTNlMGMy
LzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhZqTPdJB
rPOX4bwOtZZt7NuLs0LWSLipdOG0tzQd+dI+FDDwvLjm+Ff1+JlMgk53ybg1WM1x
NKHH53IJ55d45gmQgsX36+Z2Q2Yij/PKiKQMjdnR4eyK7VeNnIeNuf8k8aoP8iWp
ridoJyj9zeXc569kqjBAnkiCm0pWYE2F5W/TC2IjcM85XGsMExlDDJPMwNMGQcMy
uZzT216F2WLqIJDRB7VjCwCiN6Zwv6pHvqKFfmRTSdNzR/JG/+3j3RHJ49ukgHC+
r+2rYBXDDByroYiMbTxVAxrHhbp6RXSXWUXjvldnFe47feHymybKFMHRVRLxvHTq
xdM765mo4l3qvg==
-----END CERTIFICATE-----