Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
File:                     IlVxaqH0w8EChxihwzHiKzOerXw.mft (raw, json)
Hash identifier:          JdG6ITuSl3tdefCA4hZXaXzNqIrneG+BCMzkaQOJWws=
Subject key identifier:   42:E6:D3:F0:45:AE:E9:62:0E:AA:30:D2:71:D3:89:95:82:99:1C:EA
Authority key identifier: 22:55:71:6A:A1:F4:C3:C1:02:87:18:A1:C3:31:E2:2B:33:9E:AD:7C
Certificate issuer:       /CN=2255716aa1f4c3c1028718a1c331e22b339ead7c
Certificate serial:       019751214007B959ACE710DFA8A16DA51538
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
Manifest number:          1201
Signing time:             Sun 08 Jun 2025 20:00:22 +0000
Manifest this update:     Sun 08 Jun 2025 20:00:22 +0000
Manifest next update:     Mon 09 Jun 2025 20:00:22 +0000
Files and hashes:         1: IlVxaqH0w8EChxihwzHiKzOerXw.crl (hash: /cCJ+XGUUpIL2Q+J4P4DmFHOKWYWb01WriuzAFejLlQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 17:19:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:21:40:07:b9:59:ac:e7:10:df:a8:a1:6d:a5:15:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2255716aa1f4c3c1028718a1c331e22b339ead7c
        Validity
            Not Before: Jun  8 20:00:22 2025 GMT
            Not After : Jun  9 20:00:22 2025 GMT
        Subject: CN=42e6d3f045aee9620eaa30d271d3899582991cea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c6:29:a0:cb:d4:47:98:f1:1a:48:05:cc:b0:
                    c4:42:74:a9:e8:5d:43:da:7f:56:c4:61:17:a8:91:
                    b9:1c:a7:94:ab:a4:4f:cb:64:b2:24:72:6e:53:48:
                    4e:64:ef:bb:c2:45:e7:e1:e7:ae:44:ae:30:c4:ae:
                    d4:aa:19:3f:80:69:74:56:14:cb:c4:7e:e1:14:96:
                    e2:0f:e2:69:7f:ff:5a:a7:47:cd:9f:ad:2b:c3:ba:
                    50:23:7e:45:00:e3:fe:d5:e3:0e:29:ee:7b:a9:52:
                    07:bd:ca:5e:15:e3:e2:dd:cb:d8:2c:24:e2:d0:4f:
                    9a:08:75:7f:35:fd:c6:dd:96:99:4a:21:83:83:01:
                    e3:86:8e:f6:53:d9:13:5b:67:c9:05:f4:e7:b7:91:
                    51:b4:85:37:04:ab:8b:38:85:d7:99:69:ef:90:98:
                    2d:2c:36:23:f8:75:2d:ce:d1:b0:99:11:75:4e:27:
                    9d:c1:fc:61:00:bd:0c:e6:0e:5e:3a:ee:0c:9e:a0:
                    35:87:df:40:80:89:f4:6a:26:41:db:7a:10:a5:c6:
                    0b:2c:86:79:5c:41:9e:95:ed:a5:c3:22:1c:eb:eb:
                    fa:04:24:bd:53:6f:b2:2b:22:7b:6d:29:74:6e:23:
                    eb:a9:5d:a3:ce:7f:90:5e:e6:e7:62:22:78:95:b9:
                    d5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:E6:D3:F0:45:AE:E9:62:0E:AA:30:D2:71:D3:89:95:82:99:1C:EA
            X509v3 Authority Key Identifier:
                keyid:22:55:71:6A:A1:F4:C3:C1:02:87:18:A1:C3:31:E2:2B:33:9E:AD:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:4e:af:7f:31:fe:e8:a6:34:e3:5f:5c:04:82:b2:a1:bd:4d:
         c4:4a:21:5c:0e:d1:11:35:79:02:48:28:0f:b0:c6:1c:fe:01:
         6d:2c:b4:45:15:16:0e:22:4d:84:0f:72:f2:5c:3d:51:30:b8:
         1b:7b:98:be:3e:2e:79:19:48:96:8c:69:ba:5e:42:23:67:53:
         84:b0:ea:91:64:de:67:f1:b9:38:e6:4f:b9:0f:90:f4:c9:fb:
         a7:a1:19:47:2e:29:af:dc:cf:2f:78:34:bc:e8:24:a4:63:15:
         ce:5f:8f:4b:7b:c9:90:00:20:f0:fd:fd:b7:1b:a3:58:de:a2:
         3a:9c:30:12:2f:3f:21:5a:e6:6d:6f:a0:e7:53:4a:11:f3:60:
         57:7d:f8:c2:e2:7e:ae:3c:ae:6c:cc:5c:10:89:7a:8c:d7:64:
         56:28:30:91:b1:2c:9f:c7:56:be:bc:77:80:35:32:e7:a4:eb:
         0c:07:10:8d:8c:28:31:3d:10:d5:9f:f0:79:64:d4:62:51:9c:
         aa:4d:4c:43:e8:af:ff:89:3c:c2:08:35:ee:1f:1a:86:fa:d0:
         e4:bd:76:ac:e7:b9:9a:e2:51:17:1b:db:d7:db:76:1a:fd:07:
         38:29:a6:0f:69:fc:db:87:48:4c:f2:41:4a:94:11:a1:5f:e7:
         d0:ec:eb:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRIUAHuVms5xDfqKFtpRU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNTU3MTZhYTFmNGMzYzEwMjg3MThhMWMzMzFlMjJiMzM5
ZWFkN2MwHhcNMjUwNjA4MjAwMDIyWhcNMjUwNjA5MjAwMDIyWjAzMTEwLwYDVQQD
Eyg0MmU2ZDNmMDQ1YWVlOTYyMGVhYTMwZDI3MWQzODk5NTgyOTkxY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8YpoMvUR5jxGkgFzLDEQnSp6F1D
2n9WxGEXqJG5HKeUq6RPy2SyJHJuU0hOZO+7wkXn4eeuRK4wxK7Uqhk/gGl0VhTL
xH7hFJbiD+Jpf/9ap0fNn60rw7pQI35FAOP+1eMOKe57qVIHvcpeFePi3cvYLCTi
0E+aCHV/Nf3G3ZaZSiGDgwHjho72U9kTW2fJBfTnt5FRtIU3BKuLOIXXmWnvkJgt
LDYj+HUtztGwmRF1TiedwfxhAL0M5g5eOu4MnqA1h99AgIn0aiZB23oQpcYLLIZ5
XEGele2lwyIc6+v6BCS9U2+yKyJ7bSl0biPrqV2jzn+QXubnYiJ4lbnVuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELm0/BFruliDqow0nHTiZWCmRzqMB8GA1UdIwQY
MBaAFCJVcWqh9MPBAocYocMx4isznq18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYmY2N2ItYTY1YS00MmEzLTg5MDgt
MDczNjllMTRjYWRlLzEvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYmY2N2ItYTY1YS00MmEzLTg5MDgtMDczNjllMTRjYWRl
LzEvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYk6vfzH+
6KY0419cBIKyob1NxEohXA7RETV5AkgoD7DGHP4BbSy0RRUWDiJNhA9y8lw9UTC4
G3uYvj4ueRlIloxpul5CI2dThLDqkWTeZ/G5OOZPuQ+Q9Mn7p6EZRy4pr9zPL3g0
vOgkpGMVzl+PS3vJkAAg8P39txujWN6iOpwwEi8/IVrmbW+g51NKEfNgV334wuJ+
rjyubMxcEIl6jNdkVigwkbEsn8dWvrx3gDUy56TrDAcQjYwoMT0Q1Z/weWTUYlGc
qk1MQ+iv/4k8wgg17h8ahvrQ5L12rOe5muJRFxvb19t2Gv0HOCmmD2n824dITPJB
SpQRoV/n0Ozr6w==
-----END CERTIFICATE-----