Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
File:                     iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json)
Hash identifier:          rthcjuQZCqP86BsNkFPjlgB7jQC6kAs25x0nUnmTCuY=
Subject key identifier:   DA:5E:B2:D9:45:40:1C:0F:06:F9:48:16:C6:7D:16:5A:70:43:F7:56
Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
Certificate issuer:       /CN=89a5aae3d7f72eece8396b41492208add5218435
Certificate serial:       01974967E1935B02497C88FCECCDADC59A4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
Manifest number:          146D
Signing time:             Sat 07 Jun 2025 08:00:33 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:33 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:33 +0000
Files and hashes:         1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: oHbbh6dlpydUASUtH7FINMNUKq0IvpkJv+41pJsrPOE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:e1:93:5b:02:49:7c:88:fc:ec:cd:ad:c5:9a:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435
        Validity
            Not Before: Jun  7 08:00:33 2025 GMT
            Not After : Jun  8 08:00:33 2025 GMT
        Subject: CN=da5eb2d945401c0f06f94816c67d165a7043f756
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:55:97:d8:cd:72:9e:3e:80:cb:2d:ec:4a:23:
                    04:67:5c:e3:79:cc:0d:8d:8d:a0:a9:06:24:80:ba:
                    61:d5:15:ae:62:cf:71:31:2b:42:f8:55:16:0d:82:
                    51:82:88:ce:b9:aa:d0:aa:9c:9a:50:73:97:25:67:
                    95:cc:2e:19:67:77:22:97:d2:04:80:d5:27:b6:47:
                    13:16:90:b2:cf:91:78:c6:8d:fb:d1:44:11:61:ec:
                    d7:d3:82:e3:84:ad:54:d8:77:ec:bb:f0:c4:5a:8a:
                    dc:49:b6:88:c2:31:99:b3:33:ec:57:01:42:5d:95:
                    b6:c7:fb:b8:69:fa:0a:e5:48:09:5a:68:18:46:1f:
                    fd:e4:8c:b0:d5:14:a1:da:85:33:b6:10:1a:fb:89:
                    5e:33:33:a7:73:32:10:15:98:7c:57:a7:d3:89:36:
                    71:4d:23:4b:7e:80:88:4f:14:79:ab:8d:b6:36:65:
                    72:0a:21:d1:67:e1:4a:a9:60:86:90:a1:dc:3d:08:
                    21:75:3d:c2:5c:bd:e4:7b:a8:99:d1:80:97:ff:f5:
                    13:8f:a0:b2:41:c5:7b:79:a8:cd:61:52:37:42:a9:
                    fe:ce:1c:46:4a:af:ac:30:45:7f:fe:0b:34:74:fd:
                    e3:7b:35:eb:9d:2c:6a:c3:25:3f:8c:fd:26:b2:a7:
                    2f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:5E:B2:D9:45:40:1C:0F:06:F9:48:16:C6:7D:16:5A:70:43:F7:56
            X509v3 Authority Key Identifier:
                keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:46:60:c3:77:3e:1b:ea:2f:51:47:6a:36:df:21:e2:56:c2:
         e6:7b:6f:64:99:41:3e:93:53:6a:a1:b7:09:d0:4f:f8:ca:15:
         3a:93:27:6e:7d:9d:63:36:2f:83:ad:47:8e:64:5b:22:1a:7e:
         7b:6d:bc:a2:d8:9f:57:31:b2:5b:3b:19:e4:6e:93:f6:ec:61:
         68:c7:55:11:49:d1:d7:b1:f8:6b:97:67:6a:6d:55:f2:fc:29:
         0d:37:0d:6c:6f:c7:58:32:e8:ee:66:22:fd:b7:1d:cf:1f:cb:
         6b:4e:39:f2:7b:7e:3b:7c:a3:e0:0c:8d:5f:aa:0e:2d:3b:03:
         14:cc:83:5f:e6:35:22:07:da:7e:03:57:da:73:30:57:3e:16:
         22:5f:c4:6c:cd:54:b8:7b:8b:ab:1c:3c:9f:2b:5c:24:08:c2:
         e8:d7:fb:ef:2d:eb:e1:06:ab:4b:84:c7:26:16:8a:c0:45:1e:
         40:02:17:d2:33:b5:bf:78:1b:ce:e2:b0:97:48:8c:1a:78:27:
         82:e0:2f:3e:81:1f:f0:62:55:bf:69:51:b5:07:2e:8e:f3:d4:
         e6:52:0f:a1:1a:a7:82:44:65:12:8e:e2:4c:86:37:cc:23:13:
         5d:a2:4d:b9:f1:c5:ca:4f:0a:d1:b4:a1:24:e4:f7:99:2b:96:
         d5:b3:51:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ+GTWwJJfIj87M2txZpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy
MTg0MzUwHhcNMjUwNjA3MDgwMDMzWhcNMjUwNjA4MDgwMDMzWjAzMTEwLwYDVQQD
EyhkYTVlYjJkOTQ1NDAxYzBmMDZmOTQ4MTZjNjdkMTY1YTcwNDNmNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1WX2M1ynj6Ayy3sSiMEZ1zjecwN
jY2gqQYkgLph1RWuYs9xMStC+FUWDYJRgojOuarQqpyaUHOXJWeVzC4ZZ3cil9IE
gNUntkcTFpCyz5F4xo370UQRYezX04LjhK1U2Hfsu/DEWorcSbaIwjGZszPsVwFC
XZW2x/u4afoK5UgJWmgYRh/95Iyw1RSh2oUzthAa+4leMzOnczIQFZh8V6fTiTZx
TSNLfoCITxR5q422NmVyCiHRZ+FKqWCGkKHcPQghdT3CXL3ke6iZ0YCX//UTj6Cy
QcV7eajNYVI3Qqn+zhxGSq+sMEV//gs0dP3jezXrnSxqwyU/jP0msqcvQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpestlFQBwPBvlIFsZ9FlpwQ/dWMB8GA1UdIwQY
MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt
MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz
LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUZgw3c+
G+ovUUdqNt8h4lbC5ntvZJlBPpNTaqG3CdBP+MoVOpMnbn2dYzYvg61HjmRbIhp+
e228otifVzGyWzsZ5G6T9uxhaMdVEUnR17H4a5dnam1V8vwpDTcNbG/HWDLo7mYi
/bcdzx/La0458nt+O3yj4AyNX6oOLTsDFMyDX+Y1IgfafgNX2nMwVz4WIl/EbM1U
uHuLqxw8nytcJAjC6Nf77y3r4QarS4THJhaKwEUeQAIX0jO1v3gbzuKwl0iMGngn
guAvPoEf8GJVv2lRtQcujvPU5lIPoRqngkRlEo7iTIY3zCMTXaJNufHFyk8K0bSh
JOT3mSuW1bNRXw==
-----END CERTIFICATE-----