Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          zbSzPrpl+yWfCWLfr9h9UBJYAHQbpMG0DKzkx7MAgnk=
Subject key identifier:   59:F9:23:30:75:58:65:45:C7:8E:F3:C4:AA:71:10:5D:72:79:68:78
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       01974A7AA29906143C1E82231E031B67489B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          11C2
Signing time:             Sat 07 Jun 2025 13:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:40 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: atZ24kuA7SWe+dBQ2wZG3D6fseb2XhW7L4iPxqpZhug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:a2:99:06:14:3c:1e:82:23:1e:03:1b:67:48:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Jun  7 13:00:40 2025 GMT
            Not After : Jun  8 13:00:40 2025 GMT
        Subject: CN=59f9233075586545c78ef3c4aa71105d72796878
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:00:4e:08:34:8b:51:68:2e:12:0a:d3:99:45:
                    21:c7:d0:88:e4:3d:05:c8:73:54:00:c2:cc:bf:cf:
                    26:de:7c:41:61:9a:da:15:1f:48:82:f3:3a:e6:0a:
                    cb:11:ff:55:d3:13:1f:18:66:c9:e9:29:fd:bc:01:
                    5e:0f:0a:ac:da:43:cf:53:82:22:93:c0:93:a9:12:
                    61:9e:35:74:e2:e2:ca:fc:f8:7e:e7:a3:34:97:ea:
                    73:1b:91:82:6f:40:69:d7:f5:57:06:73:bb:12:76:
                    47:7d:e9:f5:78:62:fe:42:b9:c3:86:97:e8:ac:ae:
                    7b:8f:9a:54:ef:36:a2:02:4a:c6:53:6e:9c:ec:cc:
                    11:f0:3a:b6:4e:a0:60:01:53:67:a0:93:de:78:39:
                    47:80:00:dd:1e:8a:89:c1:29:27:29:6f:95:48:85:
                    bd:13:43:cb:a2:37:ab:be:a9:ac:31:6a:11:46:e4:
                    b0:f2:26:0b:a0:12:b5:a1:85:94:c1:12:51:42:28:
                    82:d2:8c:ca:e0:e5:a8:25:ae:19:d8:01:06:84:26:
                    a9:d2:49:bf:0c:d3:c9:38:6b:2c:e4:7e:1c:34:a5:
                    dd:72:13:fa:f0:73:66:32:94:8d:9a:3b:ba:7a:3e:
                    f1:70:3c:85:c0:65:2e:40:bb:c4:72:31:19:15:48:
                    e8:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F9:23:30:75:58:65:45:C7:8E:F3:C4:AA:71:10:5D:72:79:68:78
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:ba:04:64:9c:0a:4e:c2:2a:b6:be:e1:c0:1b:c2:95:b2:e9:
         3a:71:c5:c8:e1:dd:bf:51:5c:43:49:b6:4f:36:0c:c0:c6:0b:
         1a:ff:8c:68:5c:cf:45:07:c2:ee:8f:59:97:07:c7:3b:67:6b:
         7b:ba:21:17:9f:72:13:d9:78:18:ac:4a:c5:90:6d:a7:43:09:
         b3:81:f5:bb:e9:03:ae:49:c1:a9:5d:90:94:37:7b:f1:b4:70:
         3e:6c:e3:17:59:4c:07:f8:eb:b1:92:d7:8d:55:23:cf:45:34:
         4f:85:3a:4c:b3:84:73:e1:f8:46:cb:b9:a3:95:c0:cf:3c:dd:
         c9:7f:87:19:ce:dc:b0:5b:7f:06:46:b5:ad:0e:44:ea:a5:e4:
         a5:d1:6f:46:28:60:da:bd:55:7e:a1:68:1b:09:26:9c:3c:ea:
         a0:8f:1a:1f:1c:0a:d5:e6:37:b7:89:36:ca:d2:38:08:8a:6d:
         8d:d5:d3:a6:80:c9:a9:e1:69:85:69:fd:7b:b1:89:21:c4:b1:
         fe:9f:3f:b0:32:0a:31:75:06:70:e3:38:75:8d:de:e6:65:8a:
         e1:e7:e6:74:ce:83:4e:bc:80:42:0e:92:b1:2c:a6:42:22:cd:
         33:8a:6d:43:f3:20:33:7d:65:d0:76:c2:69:f7:59:05:6e:dc:
         5a:bc:f7:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKeqKZBhQ8HoIjHgMbZ0ibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjUwNjA3MTMwMDQwWhcNMjUwNjA4MTMwMDQwWjAzMTEwLwYDVQQD
Eyg1OWY5MjMzMDc1NTg2NTQ1Yzc4ZWYzYzRhYTcxMTA1ZDcyNzk2ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQBOCDSLUWguEgrTmUUhx9CI5D0F
yHNUAMLMv88m3nxBYZraFR9IgvM65grLEf9V0xMfGGbJ6Sn9vAFeDwqs2kPPU4Ii
k8CTqRJhnjV04uLK/Ph+56M0l+pzG5GCb0Bp1/VXBnO7EnZHfen1eGL+QrnDhpfo
rK57j5pU7zaiAkrGU26c7MwR8Dq2TqBgAVNnoJPeeDlHgADdHoqJwSknKW+VSIW9
E0PLojervqmsMWoRRuSw8iYLoBK1oYWUwRJRQiiC0ozK4OWoJa4Z2AEGhCap0km/
DNPJOGss5H4cNKXdchP68HNmMpSNmju6ej7xcDyFwGUuQLvEcjEZFUjo2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFn5IzB1WGVFx47zxKpxEF1yeWh4MB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1boEZJwK
TsIqtr7hwBvClbLpOnHFyOHdv1FcQ0m2TzYMwMYLGv+MaFzPRQfC7o9ZlwfHO2dr
e7ohF59yE9l4GKxKxZBtp0MJs4H1u+kDrknBqV2QlDd78bRwPmzjF1lMB/jrsZLX
jVUjz0U0T4U6TLOEc+H4Rsu5o5XAzzzdyX+HGc7csFt/Bka1rQ5E6qXkpdFvRihg
2r1VfqFoGwkmnDzqoI8aHxwK1eY3t4k2ytI4CIptjdXTpoDJqeFphWn9e7GJIcSx
/p8/sDIKMXUGcOM4dY3e5mWK4efmdM6DTryAQg6SsSymQiLNM4ptQ/MgM31l0HbC
afdZBW7cWrz3Gw==
-----END CERTIFICATE-----