Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          PyvrxUJtLuFCEilTR4cR1lx5z/yQSNGQBfCfy6ufzQs=
Subject key identifier:   EA:A9:BA:D0:24:4D:C4:39:0C:A4:29:38:A6:D6:0F:C7:3C:8A:33:3E
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       01974C6911E155338EC010C193F24CFC09C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          028A
Signing time:             Sat 07 Jun 2025 22:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:43 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: 4w+JkHA0QAfN85NT0uo0SgXboe5EjZoardYP6MoKMww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:11:e1:55:33:8e:c0:10:c1:93:f2:4c:fc:09:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Jun  7 22:00:43 2025 GMT
            Not After : Jun  8 22:00:43 2025 GMT
        Subject: CN=eaa9bad0244dc4390ca42938a6d60fc73c8a333e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7b:c5:07:9c:87:2d:b1:b8:5e:06:17:94:7f:
                    59:99:dd:a1:dc:77:94:48:a2:49:dc:88:f8:84:bb:
                    19:99:b7:8a:4d:ed:bd:a3:b4:8a:0f:97:ef:e9:c0:
                    72:6e:60:6d:26:9a:b4:bb:50:c3:d4:1f:2f:41:87:
                    35:31:40:e4:77:e8:99:76:99:bc:13:1d:58:95:1b:
                    df:c0:e0:f4:21:58:84:fd:44:ca:96:89:c5:72:fe:
                    46:dc:ea:ec:aa:21:20:45:f2:93:62:03:0f:1f:5c:
                    fd:d4:fc:29:92:ef:93:5f:57:09:ba:41:d9:dc:3e:
                    0c:64:59:08:5e:e8:56:5e:ba:d8:85:47:dc:06:d9:
                    6e:35:02:70:73:05:8c:6f:79:a6:84:22:19:2d:ba:
                    40:55:f0:d4:c4:36:ca:35:c9:db:13:8e:5a:3d:c9:
                    75:42:b0:e1:4f:ea:41:0a:40:fe:ed:d3:b3:e5:1a:
                    0a:87:bc:9c:a2:48:23:b9:21:d6:c8:10:ba:6d:93:
                    15:ed:db:39:d7:88:4f:1c:0d:3f:33:89:bf:a0:24:
                    96:96:10:0a:c3:d6:bf:e5:ce:ff:1f:91:88:5e:f9:
                    fc:10:a5:0c:cd:57:8c:ee:50:7b:76:0d:5d:71:f7:
                    ba:79:da:06:a1:4a:5e:1f:af:6a:ae:ca:5f:0e:26:
                    a4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A9:BA:D0:24:4D:C4:39:0C:A4:29:38:A6:D6:0F:C7:3C:8A:33:3E
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:ec:6f:b8:7c:97:80:fc:3c:87:ef:f1:27:f0:1b:7d:1e:92:
         c1:18:11:91:4a:4f:78:6f:f0:b5:f2:11:01:7f:4e:0e:22:df:
         31:cd:b5:3d:7e:28:f6:73:cf:01:78:3e:37:4a:48:19:b6:41:
         d5:b3:0d:5b:0d:da:18:3d:c4:ad:d6:02:c1:a6:2a:49:bc:f6:
         92:a1:aa:78:bb:85:cb:fe:2e:91:b6:fc:b5:e9:f4:fe:0c:07:
         89:d5:b0:7e:c8:64:48:35:1c:8b:21:04:4e:23:c5:0c:b2:49:
         dc:7b:c6:6f:05:25:e5:ee:f1:98:64:b1:3c:7d:f1:59:14:c7:
         2d:70:03:4b:3f:ee:c0:01:d8:64:0a:48:cd:c5:e3:4e:d9:51:
         c4:b0:f5:58:41:68:fe:81:39:2a:21:46:d5:4c:94:6e:a6:a3:
         07:84:29:b7:30:4f:fe:90:6e:59:3e:73:fc:b3:70:1a:5e:29:
         8c:86:6c:0c:0f:56:99:dc:d1:2c:3d:51:d9:bd:ce:cd:26:29:
         10:54:f4:38:5a:f6:f1:69:6c:68:5e:89:42:4e:8d:3f:49:74:
         15:cc:3b:d4:f6:80:01:62:3b:46:46:70:58:99:5a:b3:a0:c2:
         52:fc:ec:12:2d:40:78:cb:7a:17:d4:66:ff:f9:ff:48:bf:e8:
         2d:a9:ee:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaRHhVTOOwBDBk/JM/AnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjUwNjA3MjIwMDQzWhcNMjUwNjA4MjIwMDQzWjAzMTEwLwYDVQQD
EyhlYWE5YmFkMDI0NGRjNDM5MGNhNDI5MzhhNmQ2MGZjNzNjOGEzMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnvFB5yHLbG4XgYXlH9Zmd2h3HeU
SKJJ3Ij4hLsZmbeKTe29o7SKD5fv6cBybmBtJpq0u1DD1B8vQYc1MUDkd+iZdpm8
Ex1YlRvfwOD0IViE/UTKlonFcv5G3OrsqiEgRfKTYgMPH1z91Pwpku+TX1cJukHZ
3D4MZFkIXuhWXrrYhUfcBtluNQJwcwWMb3mmhCIZLbpAVfDUxDbKNcnbE45aPcl1
QrDhT+pBCkD+7dOz5RoKh7ycokgjuSHWyBC6bZMV7ds514hPHA0/M4m/oCSWlhAK
w9a/5c7/H5GIXvn8EKUMzVeM7lB7dg1dcfe6edoGoUpeH69qrspfDiakBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqputAkTcQ5DKQpOKbWD8c8ijM+MB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOxvuHyX
gPw8h+/xJ/AbfR6SwRgRkUpPeG/wtfIRAX9ODiLfMc21PX4o9nPPAXg+N0pIGbZB
1bMNWw3aGD3ErdYCwaYqSbz2kqGqeLuFy/4ukbb8ten0/gwHidWwfshkSDUciyEE
TiPFDLJJ3HvGbwUl5e7xmGSxPH3xWRTHLXADSz/uwAHYZApIzcXjTtlRxLD1WEFo
/oE5KiFG1UyUbqajB4QptzBP/pBuWT5z/LNwGl4pjIZsDA9WmdzRLD1R2b3OzSYp
EFT0OFr28WlsaF6JQk6NP0l0Fcw71PaAAWI7RkZwWJlas6DCUvzsEi1AeMt6F9Rm
//n/SL/oLanuyA==
-----END CERTIFICATE-----