Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          4b3krNUBP9y3+O5YFH3/JazN17vuUTRvL9ypQTSnOGk=
Subject key identifier:   64:F7:15:00:E1:3E:53:46:64:D0:69:4F:F9:C5:93:24:7D:07:78:B9
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       0199FBEB9E763EF44A2148EFD61065C596C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          0706
Signing time:             Sun 19 Oct 2025 10:02:26 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:26 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:26 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: I4YDxxFzYTW9abEN3PzHYMaH11Ttx/T6J+6XVMU6jLw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:9e:76:3e:f4:4a:21:48:ef:d6:10:65:c5:96:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Oct 19 10:02:26 2025 GMT
            Not After : Oct 20 10:02:26 2025 GMT
        Subject: CN=64f71500e13e534664d0694ff9c593247d0778b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ea:61:a0:fe:26:db:1a:a5:a0:c5:ad:1a:9c:
                    27:75:52:c1:dd:e4:b7:c9:dc:b2:d6:4b:ac:3b:af:
                    1a:09:2e:41:8e:13:e9:db:67:1a:36:24:fc:39:33:
                    c6:f4:e4:9a:fe:6f:87:29:db:f3:39:45:3e:d3:a4:
                    05:c1:92:c7:18:f2:96:6c:8a:c7:ad:bd:6d:59:ea:
                    e2:df:08:d1:98:97:a0:e3:ac:33:3b:9a:a4:11:d4:
                    48:37:56:d4:00:97:c9:4b:4c:e0:d1:12:5a:b6:7b:
                    2d:0b:49:7d:f9:47:4b:f7:bd:e9:d7:d3:14:4e:06:
                    9f:7c:56:fc:af:90:22:bb:9e:c7:dd:53:f2:37:69:
                    3a:05:59:f1:4e:18:8b:2d:14:5e:21:b4:3f:39:84:
                    64:44:77:7f:23:05:e5:c1:72:c7:c8:d9:d0:d8:38:
                    7b:91:57:60:84:b0:72:59:0e:1a:d9:33:2e:40:a5:
                    e3:b8:0c:fe:fa:cd:68:b5:dc:09:f5:9a:22:dc:ba:
                    f5:7f:52:0d:51:78:12:c8:17:7c:6f:34:47:85:1c:
                    ac:fa:c3:57:ff:3f:6b:f6:11:36:b1:ba:e5:81:45:
                    86:25:87:86:c7:25:3c:13:5b:f1:e6:f5:1c:85:cd:
                    9b:58:cb:50:a3:1f:91:c7:36:ce:54:3d:9f:dc:39:
                    ab:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:F7:15:00:E1:3E:53:46:64:D0:69:4F:F9:C5:93:24:7D:07:78:B9
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:24:65:24:6e:e8:92:83:5a:4d:f1:05:e3:92:81:3e:0b:01:
         26:26:3b:d8:be:8f:dd:3b:90:fa:d8:9d:0c:ba:b7:5c:26:a3:
         cc:88:f1:bd:a2:0b:58:c5:3c:f9:0c:7e:09:e3:40:bc:82:2f:
         6b:d2:dd:a7:7d:de:9d:27:ac:7d:e8:69:70:86:c7:2d:1a:05:
         46:dc:97:fc:8e:82:1b:9d:35:a1:09:cb:0e:4f:14:51:dc:3b:
         86:3d:f5:3a:b6:14:4e:36:77:ff:68:39:ee:59:f9:d0:5d:df:
         5b:3b:6a:38:2b:fd:da:e4:92:55:3b:f4:8a:38:63:9d:16:4b:
         bb:04:2a:18:93:43:04:2e:97:b7:3f:e1:cc:16:4e:92:38:4b:
         0a:b6:f1:bd:62:71:19:34:97:8a:36:1b:cb:6b:50:98:44:e1:
         e2:8b:ab:c5:9e:f1:de:db:df:71:11:4c:b0:40:c0:a9:61:d0:
         ed:98:9d:4a:02:15:24:db:66:64:e7:59:44:4a:91:38:dd:2f:
         a2:3a:8c:09:d1:af:1a:0b:23:ba:e1:80:38:b1:81:e9:63:98:
         6c:a5:f3:a6:2d:e5:d9:87:37:93:85:2b:79:6a:c9:55:c3:1b:
         c9:a1:fe:4b:3c:c1:f9:75:04:70:a7:2c:10:bd:e0:22:0e:28:
         13:77:5f:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76552PvRKIUjv1hBlxZbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUxMDE5MTAwMjI2WhcNMjUxMDIwMTAwMjI2WjAzMTEwLwYDVQQD
Eyg2NGY3MTUwMGUxM2U1MzQ2NjRkMDY5NGZmOWM1OTMyNDdkMDc3OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOphoP4m2xqloMWtGpwndVLB3eS3
ydyy1kusO68aCS5BjhPp22caNiT8OTPG9OSa/m+HKdvzOUU+06QFwZLHGPKWbIrH
rb1tWeri3wjRmJeg46wzO5qkEdRIN1bUAJfJS0zg0RJatnstC0l9+UdL973p19MU
TgaffFb8r5Aiu57H3VPyN2k6BVnxThiLLRReIbQ/OYRkRHd/IwXlwXLHyNnQ2Dh7
kVdghLByWQ4a2TMuQKXjuAz++s1otdwJ9Zoi3Lr1f1INUXgSyBd8bzRHhRys+sNX
/z9r9hE2sbrlgUWGJYeGxyU8E1vx5vUchc2bWMtQox+RxzbOVD2f3DmrVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT3FQDhPlNGZNBpT/nFkyR9B3i5MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACiRlJG7o
koNaTfEF45KBPgsBJiY72L6P3TuQ+tidDLq3XCajzIjxvaILWMU8+Qx+CeNAvIIv
a9Ldp33enSesfehpcIbHLRoFRtyX/I6CG501oQnLDk8UUdw7hj31OrYUTjZ3/2g5
7ln50F3fWztqOCv92uSSVTv0ijhjnRZLuwQqGJNDBC6Xtz/hzBZOkjhLCrbxvWJx
GTSXijYby2tQmETh4ourxZ7x3tvfcRFMsEDAqWHQ7ZidSgIVJNtmZOdZREqRON0v
ojqMCdGvGgsjuuGAOLGB6WOYbKXzpi3l2Yc3k4UreWrJVcMbyaH+SzzB+XUEcKcs
EL3gIg4oE3dfew==
-----END CERTIFICATE-----