Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          LsJLNOjt2nle+qdrFJfT0/digX15ZkGvN/oQ+RlATaU=
Subject key identifier:   1A:56:64:57:C8:AC:B3:45:4B:0C:6D:9A:B4:AA:B7:8B:2E:E6:76:3C
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       0197B88FDE5499B1E9333685BDEF98AEE4FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          05DA
Signing time:             Sat 28 Jun 2025 22:02:05 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:05 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:05 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: rfbEferiVGi1C0tk8PuoHrmPK/VZNjWd+8kpZtNiAf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:de:54:99:b1:e9:33:36:85:bd:ef:98:ae:e4:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Jun 28 22:02:05 2025 GMT
            Not After : Jun 29 22:02:05 2025 GMT
        Subject: CN=1a566457c8acb3454b0c6d9ab4aab78b2ee6763c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ea:59:63:b8:1e:ea:d7:1f:2c:6b:25:57:19:
                    a4:fc:2a:9a:2d:e5:3b:2d:d6:58:8d:f9:94:d2:ae:
                    14:31:97:d8:e7:2d:4c:0e:40:37:f1:b0:83:6d:ec:
                    e8:d3:c5:34:de:91:d3:9e:0c:7e:57:7b:6c:ca:0c:
                    a0:c2:7b:10:f8:ce:5b:10:33:fe:b3:70:86:df:f6:
                    d6:50:a4:62:a3:33:d6:59:53:eb:22:a7:53:83:b1:
                    44:42:e1:7b:3f:a0:29:e9:a2:de:c9:e1:5c:c7:e1:
                    c1:2a:4f:ba:e8:54:08:70:a3:a9:da:3f:00:ce:7c:
                    96:5f:db:22:a2:2b:68:70:99:e5:33:23:a4:19:b4:
                    ac:98:2f:2a:c3:b4:d0:71:07:61:e9:0c:71:70:1a:
                    d8:43:6c:31:c8:59:2d:e1:45:ba:30:74:c5:dc:c2:
                    98:4f:ac:8e:a1:58:12:b5:1e:d2:0d:95:38:d0:87:
                    d8:27:c6:17:bc:96:2f:3c:d7:1d:59:d5:5e:80:ae:
                    59:c7:e6:53:1a:4b:e5:7a:0d:34:e1:49:f5:3a:31:
                    d4:9f:f6:7d:f0:1e:b6:da:9f:95:37:f5:43:e1:87:
                    e0:26:a6:aa:23:59:d5:c0:92:01:8d:f5:82:ec:1a:
                    67:8c:b3:a0:ee:4d:92:bb:9f:05:c7:63:13:c0:36:
                    72:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:56:64:57:C8:AC:B3:45:4B:0C:6D:9A:B4:AA:B7:8B:2E:E6:76:3C
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:22:c1:fe:da:ff:65:84:84:d6:56:a9:7e:d8:12:f1:9a:ae:
         e1:b8:53:9a:5c:02:42:96:8b:b0:87:e5:ed:09:ea:91:86:33:
         28:a9:06:11:7d:73:dc:4f:e7:3c:39:62:6f:fe:63:9f:dd:9c:
         33:a7:fd:4f:58:06:29:aa:e0:63:e8:d3:83:65:74:04:cd:cd:
         71:6b:df:73:c2:a6:75:87:bc:b0:07:8c:a8:d6:16:4e:3e:62:
         4b:a2:5c:48:e9:cd:fc:c4:3c:77:1d:15:6a:ca:2c:06:37:f7:
         a8:fb:a7:f2:bf:c7:9e:da:35:43:a4:40:58:2d:8d:a6:b2:a2:
         82:8d:69:79:0c:15:7e:c5:4f:e8:30:0f:9e:fc:f8:fd:4e:89:
         be:6f:17:c3:ac:d4:10:9d:ec:ff:0a:72:6d:8a:b6:20:1f:c4:
         3d:17:48:39:1e:a8:27:64:de:9f:ad:1b:a7:e1:c7:07:f6:10:
         e0:25:60:cc:8a:b0:35:4a:ba:6e:67:4c:47:2f:49:f4:25:cc:
         4e:4d:3f:fe:44:c3:7a:4b:00:4f:a5:ec:1d:fb:af:16:03:79:
         91:cd:da:de:a3:4c:f5:f2:12:64:9d:e3:50:48:22:aa:34:0a:
         56:44:73:b8:b2:37:e7:70:6a:90:fd:51:66:7a:8a:6b:bd:d8:
         03:fc:4b:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j95UmbHpMzaFve+YruT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwNjI4MjIwMjA1WhcNMjUwNjI5MjIwMjA1WjAzMTEwLwYDVQQD
EygxYTU2NjQ1N2M4YWNiMzQ1NGIwYzZkOWFiNGFhYjc4YjJlZTY3NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArupZY7ge6tcfLGslVxmk/CqaLeU7
LdZYjfmU0q4UMZfY5y1MDkA38bCDbezo08U03pHTngx+V3tsygygwnsQ+M5bEDP+
s3CG3/bWUKRiozPWWVPrIqdTg7FEQuF7P6Ap6aLeyeFcx+HBKk+66FQIcKOp2j8A
znyWX9sioitocJnlMyOkGbSsmC8qw7TQcQdh6QxxcBrYQ2wxyFkt4UW6MHTF3MKY
T6yOoVgStR7SDZU40IfYJ8YXvJYvPNcdWdVegK5Zx+ZTGkvleg004Un1OjHUn/Z9
8B622p+VN/VD4YfgJqaqI1nVwJIBjfWC7BpnjLOg7k2Su58Fx2MTwDZyWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpWZFfIrLNFSwxtmrSqt4su5nY8MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyLB/tr/
ZYSE1lapftgS8Zqu4bhTmlwCQpaLsIfl7QnqkYYzKKkGEX1z3E/nPDlib/5jn92c
M6f9T1gGKargY+jTg2V0BM3NcWvfc8KmdYe8sAeMqNYWTj5iS6JcSOnN/MQ8dx0V
asosBjf3qPun8r/Hnto1Q6RAWC2NprKigo1peQwVfsVP6DAPnvz4/U6Jvm8Xw6zU
EJ3s/wpybYq2IB/EPRdIOR6oJ2Ten60bp+HHB/YQ4CVgzIqwNUq6bmdMRy9J9CXM
Tk0//kTDeksAT6XsHfuvFgN5kc3a3qNM9fISZJ3jUEgiqjQKVkRzuLI353BqkP1R
ZnqKa73YA/xLBg==
-----END CERTIFICATE-----