Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          FojhmiNotRCgbweRiRZFGteNZba//AN/ebgOx2lwn50=
Subject key identifier:   6B:4F:D4:C2:49:1D:F5:CD:D2:8A:47:76:AF:F0:39:2D:7D:69:D7:AC
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       0198D6607D21809AA1E3CBF26D3CC9508D90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          066E
Signing time:             Sat 23 Aug 2025 10:01:44 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:44 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:44 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: UxQW2HoAkHaf35eynGe7csvQj2ewlxgRlb5JOEpnAUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:7d:21:80:9a:a1:e3:cb:f2:6d:3c:c9:50:8d:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Aug 23 10:01:44 2025 GMT
            Not After : Aug 24 10:01:44 2025 GMT
        Subject: CN=6b4fd4c2491df5cdd28a4776aff0392d7d69d7ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:cd:72:60:8d:d6:5e:ae:d2:82:08:03:48:48:
                    b6:ea:d4:64:4e:c6:a3:f6:16:71:27:43:b2:4b:6d:
                    ff:b2:4e:5d:e8:00:b2:c3:be:5f:85:22:0e:d3:8b:
                    e1:fa:8f:31:86:9e:a5:9d:bc:73:68:f8:26:a8:39:
                    b7:9d:e3:ab:08:4d:15:45:b2:d4:ca:ff:5f:bd:1f:
                    10:60:62:c5:e7:fc:8e:48:ab:f9:0b:1d:fd:8a:8a:
                    7f:2b:5d:01:70:1f:3f:00:fb:ce:ba:71:4b:9a:27:
                    d7:62:73:90:d6:ac:68:7f:0d:66:e2:af:31:8f:6f:
                    79:d8:59:d7:ce:ee:51:f2:45:38:9d:de:ce:94:b2:
                    e7:47:98:03:a2:17:b0:35:68:40:4e:3b:7b:64:36:
                    35:1c:dc:06:19:da:56:ec:5d:85:52:c9:d5:24:fe:
                    f4:20:b3:83:93:be:66:d0:91:03:38:00:80:d1:82:
                    47:38:56:51:ce:c3:9d:61:bd:58:69:4c:c5:a4:fd:
                    00:21:ae:66:3b:aa:0f:7d:8f:5b:3e:f8:9f:ae:bd:
                    7d:75:66:d0:47:7b:d1:f8:b9:cd:1a:cb:2b:e0:51:
                    78:45:20:5c:a7:85:84:29:27:0f:df:a3:bd:96:5f:
                    e8:cf:2f:9e:f6:9a:7f:eb:62:3e:4d:c0:a3:25:95:
                    9d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:4F:D4:C2:49:1D:F5:CD:D2:8A:47:76:AF:F0:39:2D:7D:69:D7:AC
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:a4:13:9f:a1:ac:21:f1:28:1f:1c:3a:bd:7a:31:02:76:25:
         9d:e5:1c:a9:07:aa:2e:9b:e6:04:74:c0:ca:6e:45:b4:2d:2e:
         82:42:bd:31:5c:00:9f:50:b2:2b:9d:12:8f:98:2d:6f:70:b7:
         d3:28:0e:f8:97:67:20:3a:2b:e5:cc:dc:b4:d4:59:0d:62:ac:
         23:26:cb:90:47:99:a9:b5:a7:b6:b9:bc:45:02:f4:94:e5:08:
         44:38:4f:cb:9f:fe:16:5d:54:5e:a1:e5:9d:ef:7f:d9:ef:5e:
         21:5e:6c:8e:a7:25:43:41:74:7f:e2:66:1f:e8:83:d2:0c:a6:
         83:8d:84:89:6c:19:ab:8d:86:83:90:e8:e9:80:4e:78:39:aa:
         dd:45:2d:c0:5c:86:8c:22:3f:f0:44:0b:aa:81:ae:22:ff:42:
         7f:28:ad:04:71:f0:6f:33:ec:ed:3d:1b:85:47:dd:4b:27:ac:
         ed:bd:fa:23:98:cb:fe:68:d0:37:c9:66:38:b0:3c:ce:1d:b8:
         7b:42:b7:7f:9a:33:d6:de:2f:61:81:dd:d9:49:39:f7:78:56:
         b1:36:53:da:b6:09:cd:5a:67:7b:c2:10:26:2f:26:c8:33:de:
         c6:0e:e0:a9:78:d0:87:92:56:96:96:20:b8:02:e3:d1:0c:8d:
         37:01:7f:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYH0hgJqh48vybTzJUI2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjUwODIzMTAwMTQ0WhcNMjUwODI0MTAwMTQ0WjAzMTEwLwYDVQQD
Eyg2YjRmZDRjMjQ5MWRmNWNkZDI4YTQ3NzZhZmYwMzkyZDdkNjlkN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2s1yYI3WXq7SgggDSEi26tRkTsaj
9hZxJ0OyS23/sk5d6ACyw75fhSIO04vh+o8xhp6lnbxzaPgmqDm3neOrCE0VRbLU
yv9fvR8QYGLF5/yOSKv5Cx39iop/K10BcB8/APvOunFLmifXYnOQ1qxofw1m4q8x
j2952FnXzu5R8kU4nd7OlLLnR5gDohewNWhATjt7ZDY1HNwGGdpW7F2FUsnVJP70
ILODk75m0JEDOACA0YJHOFZRzsOdYb1YaUzFpP0AIa5mO6oPfY9bPvifrr19dWbQ
R3vR+LnNGssr4FF4RSBcp4WEKScP36O9ll/ozy+e9pp/62I+TcCjJZWd0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtP1MJJHfXN0opHdq/wOS19adesMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqQTn6Gs
IfEoHxw6vXoxAnYlneUcqQeqLpvmBHTAym5FtC0ugkK9MVwAn1CyK50Sj5gtb3C3
0ygO+JdnIDor5czctNRZDWKsIybLkEeZqbWntrm8RQL0lOUIRDhPy5/+Fl1UXqHl
ne9/2e9eIV5sjqclQ0F0f+JmH+iD0gymg42EiWwZq42Gg5Do6YBOeDmq3UUtwFyG
jCI/8EQLqoGuIv9CfyitBHHwbzPs7T0bhUfdSyes7b36I5jL/mjQN8lmOLA8zh24
e0K3f5oz1t4vYYHd2Uk593hWsTZT2rYJzVpne8IQJi8myDPexg7gqXjQh5JWlpYg
uALj0QyNNwF/2Q==
-----END CERTIFICATE-----