Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          GdDGiX5ZpfljuRyLtmY4/pCMyqj7syn2GHs7w/pzKPk=
Subject key identifier:   16:39:77:EA:3F:83:DA:9D:93:7E:65:96:CA:B3:A0:8D:53:5D:F4:7F
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       0196C15E1A689E44BBB5A91A136252BFD323
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          055A
Signing time:             Sun 11 May 2025 22:01:31 +0000
Manifest this update:     Sun 11 May 2025 22:01:31 +0000
Manifest next update:     Mon 12 May 2025 22:01:31 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: czWncwdOUDrq8IA0CTJhmZtdu/SIde3iYVqHxeLYvU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 22:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c1:5e:1a:68:9e:44:bb:b5:a9:1a:13:62:52:bf:d3:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: May 11 22:01:31 2025 GMT
            Not After : May 12 22:01:31 2025 GMT
        Subject: CN=163977ea3f83da9d937e6596cab3a08d535df47f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b6:b3:48:6c:ac:f5:c6:f4:94:9c:c1:5e:f6:
                    26:09:27:ff:cd:db:c0:f3:a6:3e:27:b8:52:2a:33:
                    35:72:81:91:d0:12:47:8d:44:e8:a6:8a:96:fa:57:
                    e4:bb:75:71:a5:5d:ff:78:69:47:77:a6:dc:fe:d7:
                    7e:12:5d:6a:e8:cd:ac:ab:b5:2b:c0:7a:20:bb:49:
                    94:21:66:17:8a:a9:34:7b:77:b8:92:e6:f7:20:1c:
                    08:56:1a:9f:f0:fa:98:a9:08:a0:31:23:cb:ba:93:
                    bf:76:06:79:6a:f6:c0:ad:83:c7:31:a1:d3:48:2f:
                    41:16:5b:ec:f2:8c:92:d1:fb:ba:0e:cc:7f:32:23:
                    e2:83:2c:a8:6d:c0:ad:d2:96:37:38:a0:0c:b7:59:
                    30:56:0a:0e:ec:20:f8:c0:0f:3e:fe:37:22:18:1b:
                    f1:93:31:81:35:e4:6a:26:ad:6e:aa:d4:98:31:c2:
                    6f:46:86:ac:53:2f:73:75:8d:96:62:9c:e5:2d:ef:
                    25:3e:03:83:20:69:d1:dc:80:1e:6d:73:e5:55:96:
                    02:e6:ba:a5:22:e4:71:9e:9b:d1:f9:7b:48:36:f0:
                    0f:29:38:8c:2f:4b:98:0b:7c:af:7a:0f:f1:42:b2:
                    58:46:dc:66:9d:ab:1f:54:36:7c:68:3b:e0:3f:b6:
                    2b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:39:77:EA:3F:83:DA:9D:93:7E:65:96:CA:B3:A0:8D:53:5D:F4:7F
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:f8:fd:cd:12:e5:1e:8c:1c:1a:2b:d2:3e:51:13:c8:af:c2:
         18:d3:fd:02:04:60:42:5a:e0:87:6c:17:dd:0b:5c:ba:0c:46:
         15:36:83:fd:f9:10:3d:b8:68:fb:35:23:3e:1f:52:b7:38:b7:
         05:85:79:0a:01:ee:6e:a6:72:4b:b6:2c:aa:b9:1b:60:a1:94:
         8c:6f:2e:e1:7e:ee:2c:4d:15:3a:0a:db:2d:0e:67:f0:c5:a2:
         80:23:f3:0c:de:de:5c:e2:75:46:d3:f0:64:7d:7d:57:96:c4:
         71:0a:3c:fe:54:2d:a8:36:50:65:6e:19:28:20:e5:9c:85:6f:
         92:2a:7d:2d:b9:89:ba:86:1b:c7:f4:66:8c:a1:e8:90:5f:4f:
         7e:fb:dc:ca:34:eb:79:8d:9f:21:48:fc:f7:9b:ba:9f:98:3d:
         7a:04:21:5e:d2:bb:75:0f:f5:93:f4:b2:36:ce:a5:32:ce:01:
         6d:c7:e8:a9:6f:f8:bd:5e:63:9d:57:05:1b:0a:72:76:18:d6:
         f3:f5:a6:91:35:36:4b:c7:65:c0:12:5c:33:07:8f:29:6b:13:
         ee:b2:72:16:52:89:b7:9d:9a:7a:65:dd:76:df:84:1b:63:a2:
         1c:7e:9d:fd:0c:f6:5d:4e:39:91:15:85:b9:82:0b:19:16:a1:
         dc:c7:31:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbBXhponkS7takaE2JSv9MjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwNTExMjIwMTMxWhcNMjUwNTEyMjIwMTMxWjAzMTEwLwYDVQQD
EygxNjM5NzdlYTNmODNkYTlkOTM3ZTY1OTZjYWIzYTA4ZDUzNWRmNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLazSGys9cb0lJzBXvYmCSf/zdvA
86Y+J7hSKjM1coGR0BJHjUTopoqW+lfku3VxpV3/eGlHd6bc/td+El1q6M2sq7Ur
wHogu0mUIWYXiqk0e3e4kub3IBwIVhqf8PqYqQigMSPLupO/dgZ5avbArYPHMaHT
SC9BFlvs8oyS0fu6Dsx/MiPigyyobcCt0pY3OKAMt1kwVgoO7CD4wA8+/jciGBvx
kzGBNeRqJq1uqtSYMcJvRoasUy9zdY2WYpzlLe8lPgODIGnR3IAebXPlVZYC5rql
IuRxnpvR+XtINvAPKTiML0uYC3yveg/xQrJYRtxmnasfVDZ8aDvgP7YrxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBY5d+o/g9qdk35llsqzoI1TXfR/MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPj9zRLl
HowcGivSPlETyK/CGNP9AgRgQlrgh2wX3QtcugxGFTaD/fkQPbho+zUjPh9Stzi3
BYV5CgHubqZyS7YsqrkbYKGUjG8u4X7uLE0VOgrbLQ5n8MWigCPzDN7eXOJ1RtPw
ZH19V5bEcQo8/lQtqDZQZW4ZKCDlnIVvkip9LbmJuoYbx/RmjKHokF9PfvvcyjTr
eY2fIUj895u6n5g9egQhXtK7dQ/1k/SyNs6lMs4BbcfoqW/4vV5jnVcFGwpydhjW
8/WmkTU2S8dlwBJcMwePKWsT7rJyFlKJt52aemXddt+EG2OiHH6d/Qz2XU45kRWF
uYILGRah3McxPA==
-----END CERTIFICATE-----