Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          1rgrdiT2wa6LUUfj6Qq4hjoAqNq/QEq+CFMVkoiwQZw=
Subject key identifier:   70:95:A6:5D:EA:E8:62:C1:B7:86:98:50:CC:4F:48:B5:62:2E:EC:4A
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       0197469EC8D81B9BAE7E2751F9053BC6A5B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          1577
Signing time:             Fri 06 Jun 2025 19:01:40 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:40 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:40 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: uKFBN4GYoEJWn/OpLYUEHWYsb03D82rR5pUyBCh2nBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:c8:d8:1b:9b:ae:7e:27:51:f9:05:3b:c6:a5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Jun  6 19:01:40 2025 GMT
            Not After : Jun  7 19:01:40 2025 GMT
        Subject: CN=7095a65deae862c1b7869850cc4f48b5622eec4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:db:e5:c9:a3:36:68:6b:77:08:5a:3f:5a:76:
                    37:84:c9:e6:05:c4:0e:e5:c3:8c:2a:d5:32:e9:14:
                    02:0c:3e:2f:8e:c8:d5:7e:71:07:56:ff:46:bd:88:
                    74:05:40:44:37:00:12:3e:03:37:53:8e:61:0c:6a:
                    b1:2b:da:e6:40:0b:9b:ac:62:ac:37:59:c6:f7:ea:
                    24:be:5a:e0:31:2f:f2:7d:41:f1:b7:e2:b7:16:ae:
                    d3:8a:31:77:62:d9:46:37:00:5a:a2:dd:2d:94:d8:
                    78:42:8b:be:9e:bd:51:3d:d1:e9:f9:76:ff:fa:41:
                    97:f0:43:20:ca:66:63:37:8c:a0:5d:2d:34:17:76:
                    6d:60:e1:59:90:13:bc:ae:fa:c9:99:44:09:fd:9b:
                    65:2f:47:b8:a5:35:ed:7a:c8:41:4c:cb:7a:22:31:
                    b4:4b:4b:1d:fc:fe:69:c8:ec:09:86:d5:d3:33:a1:
                    02:63:8d:66:86:82:b6:27:d8:7d:eb:66:3d:6e:e2:
                    b1:d0:ab:07:e0:3f:d1:a0:22:40:d2:69:1c:0b:73:
                    53:b1:87:cb:59:fc:76:94:36:1e:fe:32:dc:db:48:
                    a7:20:9e:5a:d9:84:74:25:14:67:69:b9:10:8c:1a:
                    e2:d3:50:b9:9d:ee:73:c5:d2:20:db:b8:a6:23:2e:
                    2d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:95:A6:5D:EA:E8:62:C1:B7:86:98:50:CC:4F:48:B5:62:2E:EC:4A
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:fd:bd:1b:0d:9b:e2:a0:16:51:04:31:65:f2:91:4d:1c:33:
         4d:ba:c9:75:fe:24:95:47:7b:c0:e5:72:0c:f9:15:1d:0a:c8:
         8e:d2:c9:7b:18:e9:22:31:eb:74:0b:60:b6:dd:3d:45:d3:a2:
         a6:ae:de:7a:7a:43:ab:88:40:29:a7:8e:0c:b8:1b:02:89:65:
         7c:04:4a:d2:3d:0a:b0:01:05:e7:ba:7d:21:ad:79:b7:17:e8:
         3a:a7:b1:1b:25:03:50:93:19:df:26:23:5c:66:a2:24:0d:ba:
         f8:65:77:df:58:e8:91:5f:95:aa:44:31:e8:79:e4:02:14:e6:
         4e:b2:b3:3f:6b:66:12:6a:74:63:e9:02:88:91:0f:2e:c1:2f:
         6d:14:30:cf:f3:78:d3:65:c3:b9:67:af:0d:9d:65:85:72:6f:
         ef:3e:28:73:d0:1d:9e:26:aa:10:8d:68:6c:97:fa:4b:b6:44:
         04:3c:39:2b:41:a7:b6:73:3f:39:60:7c:10:28:58:a0:80:37:
         f9:33:71:37:8b:9a:77:b9:84:e1:54:cb:13:31:61:02:b5:e6:
         94:c2:94:9d:7e:52:9f:f1:22:eb:b7:87:60:26:04:13:a3:aa:
         ec:3b:66:da:70:6a:6c:7c:17:89:b8:47:6a:b7:4b:89:82:50:
         b0:b8:0f:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnsjYG5uufidR+QU7xqWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjUwNjA2MTkwMTQwWhcNMjUwNjA3MTkwMTQwWjAzMTEwLwYDVQQD
Eyg3MDk1YTY1ZGVhZTg2MmMxYjc4Njk4NTBjYzRmNDhiNTYyMmVlYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99vlyaM2aGt3CFo/WnY3hMnmBcQO
5cOMKtUy6RQCDD4vjsjVfnEHVv9GvYh0BUBENwASPgM3U45hDGqxK9rmQAubrGKs
N1nG9+okvlrgMS/yfUHxt+K3Fq7TijF3YtlGNwBaot0tlNh4Qou+nr1RPdHp+Xb/
+kGX8EMgymZjN4ygXS00F3ZtYOFZkBO8rvrJmUQJ/ZtlL0e4pTXteshBTMt6IjG0
S0sd/P5pyOwJhtXTM6ECY41mhoK2J9h962Y9buKx0KsH4D/RoCJA0mkcC3NTsYfL
Wfx2lDYe/jLc20inIJ5a2YR0JRRnabkQjBri01C5ne5zxdIg27imIy4tIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCVpl3q6GLBt4aYUMxPSLViLuxKMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/29Gw2b
4qAWUQQxZfKRTRwzTbrJdf4klUd7wOVyDPkVHQrIjtLJexjpIjHrdAtgtt09RdOi
pq7eenpDq4hAKaeODLgbAollfARK0j0KsAEF57p9Ia15txfoOqexGyUDUJMZ3yYj
XGaiJA26+GV331jokV+VqkQx6HnkAhTmTrKzP2tmEmp0Y+kCiJEPLsEvbRQwz/N4
02XDuWevDZ1lhXJv7z4oc9AdniaqEI1obJf6S7ZEBDw5K0GntnM/OWB8EChYoIA3
+TNxN4uad7mE4VTLEzFhArXmlMKUnX5Sn/Ei67eHYCYEE6Oq7Dtm2nBqbHwXibhH
ardLiYJQsLgPzA==
-----END CERTIFICATE-----