Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          6rCcZRr38JfbZqTxlUjki1JlPbiSyX6+mj0iT0oMtLk=
Subject key identifier:   E3:5B:1F:E3:96:DB:A3:8A:92:61:34:88:DA:79:52:0D:70:D7:72:7E
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       0199180A27CD0E2D53C5DB22D520448CFB94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          07B0
Signing time:             Fri 05 Sep 2025 04:02:22 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:22 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:22 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: PcIOXRHTu3h1i9vF1iXNnfhdyr8Al+wT57M76NsQ9K4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:27:cd:0e:2d:53:c5:db:22:d5:20:44:8c:fb:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Sep  5 04:02:22 2025 GMT
            Not After : Sep  6 04:02:22 2025 GMT
        Subject: CN=e35b1fe396dba38a92613488da79520d70d7727e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6b:3d:2f:1d:07:4a:ea:15:ba:ce:63:12:21:
                    25:7a:a4:47:6d:70:89:24:ed:56:52:a5:df:68:77:
                    74:7a:66:35:e9:26:9b:be:16:91:b1:88:26:2d:f5:
                    5d:c4:90:02:f5:b4:06:7d:d5:ac:bd:c2:51:42:43:
                    55:92:79:85:37:4d:f9:1e:85:d6:59:97:f7:2f:9e:
                    1a:e1:34:75:56:ea:e8:30:42:67:52:d1:b0:37:98:
                    76:39:38:b6:2d:67:9e:04:d3:f3:b8:5a:56:0e:19:
                    b0:fa:40:f3:76:8c:b5:e9:0d:44:c6:f9:e8:05:aa:
                    1a:be:12:09:84:45:98:26:d6:1f:44:0c:ad:5a:bf:
                    25:95:06:ce:66:ce:61:92:82:f6:fd:96:fe:71:d7:
                    df:5e:fd:57:24:e1:6a:2c:d9:ae:58:22:0c:a8:cd:
                    65:b0:b2:41:74:10:39:1f:7c:28:5b:5d:5f:c4:67:
                    7f:5d:cf:44:2f:2b:31:0d:ea:ef:ef:b7:b6:ac:f1:
                    53:96:13:8b:1f:a5:90:bf:c2:73:3a:c2:ed:8c:c4:
                    9d:26:7b:9e:b0:3d:4b:9a:62:f3:78:41:a5:6a:31:
                    58:a0:82:25:36:97:9c:67:a2:c1:ba:1b:3d:99:6a:
                    a2:1b:8e:d2:96:cd:22:6f:cd:27:93:9b:d6:d2:85:
                    0d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:5B:1F:E3:96:DB:A3:8A:92:61:34:88:DA:79:52:0D:70:D7:72:7E
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:d0:78:16:f2:76:3f:2f:33:d7:2d:f1:be:01:4a:d7:73:71:
         72:45:0e:d7:f8:0e:6c:19:94:11:90:52:fa:7c:b6:b1:16:5f:
         1c:4d:f9:08:80:b5:65:6f:c7:55:55:c8:46:6f:5b:32:06:26:
         42:f3:b3:c7:76:0c:05:4d:6c:76:43:53:c6:34:54:9d:b2:f8:
         f9:80:79:99:5b:6f:a1:83:02:21:00:40:5f:c3:f1:d6:56:f2:
         25:f5:59:f5:f1:04:67:7d:d3:a7:86:da:9b:39:18:bb:06:8f:
         79:9b:54:e6:75:23:23:ae:b9:05:aa:10:71:6f:6f:5d:aa:55:
         7a:2b:af:fc:ec:5d:03:76:ee:cc:3d:5a:9b:3c:47:f3:e7:5e:
         e2:3e:16:7c:f2:52:f3:64:d8:cd:f3:43:56:8d:e5:d4:cf:b4:
         ce:0d:d0:fb:f5:4c:3d:ca:25:c6:42:0c:c1:42:58:70:c8:fa:
         9e:49:50:e9:4b:96:59:0e:4d:fa:4a:04:ce:5e:2e:13:21:ee:
         49:bf:45:ae:36:87:27:69:56:02:cd:1e:bb:52:22:0b:2f:f8:
         98:69:2d:ba:43:60:d4:2e:25:f9:24:2d:b1:b0:71:18:46:00:
         0a:1a:50:6f:bf:f7:44:16:8e:a1:10:89:a4:03:59:fd:00:15:
         c1:2e:4e:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCifNDi1Txdsi1SBEjPuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjUwOTA1MDQwMjIyWhcNMjUwOTA2MDQwMjIyWjAzMTEwLwYDVQQD
EyhlMzViMWZlMzk2ZGJhMzhhOTI2MTM0ODhkYTc5NTIwZDcwZDc3MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWs9Lx0HSuoVus5jEiEleqRHbXCJ
JO1WUqXfaHd0emY16SabvhaRsYgmLfVdxJAC9bQGfdWsvcJRQkNVknmFN035HoXW
WZf3L54a4TR1VuroMEJnUtGwN5h2OTi2LWeeBNPzuFpWDhmw+kDzdoy16Q1Exvno
BaoavhIJhEWYJtYfRAytWr8llQbOZs5hkoL2/Zb+cdffXv1XJOFqLNmuWCIMqM1l
sLJBdBA5H3woW11fxGd/Xc9ELysxDerv77e2rPFTlhOLH6WQv8JzOsLtjMSdJnue
sD1LmmLzeEGlajFYoIIlNpecZ6LBuhs9mWqiG47Sls0ib80nk5vW0oUNFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFONbH+OW26OKkmE0iNp5Ug1w13J+MB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtB4FvJ2
Py8z1y3xvgFK13NxckUO1/gObBmUEZBS+ny2sRZfHE35CIC1ZW/HVVXIRm9bMgYm
QvOzx3YMBU1sdkNTxjRUnbL4+YB5mVtvoYMCIQBAX8Px1lbyJfVZ9fEEZ33Tp4ba
mzkYuwaPeZtU5nUjI665BaoQcW9vXapVeiuv/OxdA3buzD1amzxH8+de4j4WfPJS
82TYzfNDVo3l1M+0zg3Q+/VMPcolxkIMwUJYcMj6nklQ6UuWWQ5N+koEzl4uEyHu
Sb9FrjaHJ2lWAs0eu1IiCy/4mGktukNg1C4l+SQtsbBxGEYAChpQb7/3RBaOoRCJ
pANZ/QAVwS5OLA==
-----END CERTIFICATE-----